[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vr / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / asp / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / qst / sci / soc / sp / tg / toy / trv / tv / vp / wsg / wsr / x] [Settings] [Home]
Board
Settings Home
/g/ - Technology



Thread archived.
You cannot reply anymore.



File: c5270a8.jpg (863 KB, 1920x1080)
863 KB
863 KB JPG
▌ All resources from past threads (paste and comments) will be present at OuterHeaven
> i2g3vsckj67dnjvb.onion

Θ Infosec questions: building an obsessive need to find your own answers could be a key for more than one chain.

Ω All are welcome here; the world is fucked and we are all in this together.

◙ Cypherpunk Manifesto
> https://www.activism.net/cypherpunk/manifesto.html
◘ Cyberpunk Manifesto
> http://project.cyberpunk.ru/idb/cyberpunk_manifesto.html
∆ Hacker Manifesto
> http://phrack.org/issues/7/3.html
± Guerilla Open Access Manifesto
> https://archive.org/stream/GuerillaOpenAccessManifesto/Goamjuly2008_djvu.txt

▓ Fables, realities, prophecies and mythology of a community:
░ What is cyberpunk
> https://hastebin.com/ayufiyuvew
▀ The importance of a cyberpunk mindset applied to a cybersecurity skillset.:
> https://youtu.be/pcSlowAhvUk
● Cyberpunk directory:
> https://hastebin.com/efohokurid
▬ Cyberpunk resources
> https://hastebin.com/onequqodih

▐ Cybersecurity essentials/resources
Reference books
> https://mega.nz/#F!YigVhZCZ!RznVxTiA0iN-N6Ps01pEJw
> PASSWORD : ABD52oM8T1fghmY0
> https://hastebin.com/oquzikafuz
> https://hastebin.com/owulepames
> Cntrl + F Basic Knowledges, Basic Training, Arms/Arm
> https://hastebin.com/edutujabez
▼ Endware: Heavy armor for anons, by anons
> https://endchan.xyz/os/res/32.html

◊ Free Shells and more
> https://sdf.org/
> https://shells.red-pill.eu/

₪ /cyb/ FTP
> ftp://collectivecomputers.org:21212/Books/Cyberpunk/
> user/password == guest

≡ IRC
> irc://irc.rizon.net:6697
> #/g/punk
> #/g/sec
> (All require SSL)
> IRC guide:
> https://hastebin.com/zojomutudi

» Thread archive
>https://archive.rebeccablacktech.com/g/search/subject/cyb/
>https://archive.rebeccablacktech.com/g/search/subject/sec/
>https://archive.rebeccablacktech.com/g/search/text/%2Fcyb%2F%20%2Fsec%2F/
> Thread backup
> https://www.cyberpunked.org/

Ψ Last Threads
>>63496903
>>63554402
>>63610770
>>
What happened to the geocities website? is it deprecated?
I haven't lurked in /cyb/ for some time.
>>
>>63696508
try running
cryptsetup benchmark 

to get an overview of the perfromance impact.
IIRC it'll be hardly noticable since AES is part of the instruction set and dmcrypt uses it
>>
Is there a /cyb/ archive for /cyb/-related news?
I'm looking for more stuff like this:
http://www.darpa.mil/news-events/2015-01-19
http://www.darpa.mil/about-us/bridging-the-bio-electronic-divide
>New effort aims for fully implantable devices able to connect with up to one million neurons

http://www.darpa.mil/news-events/2016-02-08
http://www.darpa.mil/about-us/less-invasive-neural-interface
>Minimally Invasive “Stentrode” Shows Potential as Neural Interface for Brain

http://www.darpa.mil/news-events/2016-03-04
>As an initial focus, NGS2 will challenge researchers to develop and use these new tools and methods to identify causal mechanisms of “collective identity” formation—how a group of individuals becomes a unified whole, and how under certain circumstances that community breaks down into a chaotic mix of disconnected individuals.

https://www.youtube.com/watch?v=F_brnKz_2tI
>The Mind-Controlled Bionic Arm With a Sense of Touch

http://www.darpa.mil/news-events/2017-07-10
https://www.youtube.com/watch?v=vjac3RBoK1c
>Neural Engineering System Design program sets out to expand neurotechnology capabilities and provide a foundation for future treatments of sensory deficits

Old stuff:
https://www.google.com/patents/US6729337
>Method and system for generating sensory data onto the human neural cortex

http://www.technewsworld.com/story/42081.html
>Sony Patent Details 'Matrix'-Like Brain Stimulation System

https://www.wireheading.com/misc/matrix.html
>Sony patent takes first step towards real-life Matrix

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3428140/
>Non-invasive transcranial stimulation of rat abducens nerve by focused ultrasound

http://www.nature.com/nature/journal/v530/n7588/full/nature16492.html
>Bioresorbable silicon electronic sensors for the brain

http://www.nature.com/nbt/journal/v34/n3/full/nbt.3428.html
>Minimally invasive endovascular stent-electrode array for high-fidelity, chronic recordings of cortical neural activity
>>
>>63699278
Are you supposed to sit on it ?
>>
>>63699667
https://arstechnica.com/
https://slashdot.org/
http://spectrum.ieee.org/
https://www.schneier.com/
http://highscalability.com/
http://www.kurzweilai.net/
https://futurism.com/
https://hackernoon.com/
>>
>>63699781
Thanks, I found there some very cool stuff to read, not exactly what I had in mind but still very nice.
>>
>>63699581
Most of those are already worked into the FAQ.
>>
>>63699698
No you fucking homo, you lay the back of your head on it when going to sleep to charge.
>>
>>63699698
It is from the Matrix movie, the plug goes into the back of their heads in order to interface them.

>>63700359
What charge?
>>
>>63699278
Old OP here, just checking in to see if it is still going strong and it is.
Good job, guys, keep up the hard posting.
>>
File: project.png (79 KB, 800x582)
79 KB
79 KB PNG
>>63698646
>How does it differ from other BBSes out there?
My goal is not to build just a bbs, but a service that will live thru different protocols and is resilient to takedown and censorship, chaining techlogies that already exist.
The core message delivery system is Bitmessage, because it's decentralized, encrypted, and uncensorable.
Then there is the web interface (the one I posted screenshot) for the convenience.
Then the bbs interface if you want to rock the terminal.
Then there will be ipfs or zeronet to distribute all the files and messages, so if the service ever goes down, everyone will have a mirror and can start over anytime.
Ideally, the user can read and write messages using any of the means above, which will share a single database (or a autosynced one).
There is no major bbs improvement planned, but if you have suggestions let me know, I'll see if I can work them out.
It will be mostly text-only. There is a plan to share files too, but that comes later.
>>
Hi OP. I don't know who you are or what you do, but I've been enjoying the info posted in these generals. The first thread you made was a test and I'm happy to see that the reaction was more than positive. Keep up with the good work, see you on the other side.
>>
>>63702141
Thank you anon.
Lately the time the threads hit the bump limit seem to coincidence with me being around, so I kinda feel it's my job now.
>>
>>63700948
Good to see you around. I think there were 3 OPs, are you the one planning on compiling all the info from past threads?
>>
>>63702358
Yes and I'm still working on it, whilst trying to keep up with my current schedule, which was the reason I had to stop posting the OP.
>>
>>63702376
Then maybe we could coordinate some work.
I was the one suggesting hosting the resources on gitlab for example so smaller changes can be done without much fuss.
Some stuff of the OP could very well moved there so the OP has more space for news and the likes. Plus it's currently at character limit
>>
>>63702436
>A collaborative archive
That's an excellent idea, anon.
>>
>>63702448
glad you like it.
If the other OPs agree on the usefulness, I'll drop a link later.
>>
>>63702496
Much appreciated.
>>
>>63702376
>Yes and I'm still working on it,
Excellent news. A few things might already have been added to the FAQ but there might still be a lot worth adding. The FAQ is 100+ KB of HTML but there are placeholders for more things to be added.
>>
>>63703112
We must be one of 4chan's most efficient and successful generals.
>>
page 9 again.
bump it up !
>>
>>63703147

>10 people to put some sources on one place
>effective

ZERO COOL
>>
>>63704455
It is, for what it is.
>>
>>63702523
I was only playing around with it so far so don't expect content
https://gitgud.io/cyb/er/

I was thinking about having two landing pages - one for cyb and one for sec, linking to the respective resources
>>
>>63704671

not bad..
>>
how secure are apps from fdroid?
something doesn't feel right about downloading a bitcoin wallet to trust it with my shekels
>>
File: pptp.jpg (8 KB, 300x201)
8 KB
8 KB JPG
PPTP VPN

I just setup PPTP VPN to my home network, I know there are big security flaws in the protocol. However, I just want to use it for remote administration. I don't mind the traffic not being secured. My biggest concern is the authentication security. I don't want people logging into my network.
Assuming my password is good, which it is. And i only login from trusted networks. Is the authentication wall considered secure?
>>
File: 1492971502999.jpg (20 KB, 519x422)
20 KB
20 KB JPG
anyone here have any experience using Sleuthkit or Autopsy?

asking for a friend of course
>>
>>63706639

volatility with a few plugins usually detects things better than hard drive forensics. a good pcap file where you dig through the http/s and dns requests is also much more likely to show you something.

malware and viruses tend to hide in temp folders where it's hard to find known bad things just by looking. if you're on windows you can try dumping the registry and looking for common issues like autoruns and dll load locations.
>>
>>63699278
where do all the images for these threads come from?
>>
Suppose you have packets that look like this: [IPsec + TLS + Your own custom encryption of Application layer data] and someone captures your packets on their way to the destination. The packets use your own custom encryption that is not documented publicly. They can decrypt IPsec and TLS theoretically, but how would one decrypt the additional layer of your own custom encryption? He/She doesn't know the encryption/decryption method nor the keys used for it? Any links for discussions on this topic?
>>
>>63706176
Set your firewall to only accept whitelisted MAC addresses.
>>
>>6370798
Ah, forgot the VPN part so MAC won't work
>>
>>63707896
Usually the threads themselves
>>
>>63699278
Cyberpunk has nothing to do with cybersecurity.
>>
File: 1501828858276.png (2.88 MB, 1920x1080)
2.88 MB
2.88 MB PNG
>>63705816
Well, if the code isn't audited you need to look it up yourself to be secure about it's integrity, it's a matter of faith, wouldn't recommend having any kind of cryptowallet in your phone if you have a stock rom on it or use shaddy apps'.

Maybe im just being paranoid.
>>
File: 1511049634584.jpg (1.99 MB, 1920x1024)
1.99 MB
1.99 MB JPG
>>63708311
OP states both of them clearly, and in my personal opininion cybersecurity would be a given in a classic cyberpunk setting for the ones who are not willing to give up their personal lifes to the government for one reason or another.
>>
>>63708673

Oh snap he took the bait
>>
File: 1512372787211.jpg (2.18 MB, 1920x1920)
2.18 MB
2.18 MB JPG
>>63708724
Well played anon, i'll be wary next time :^)
>>
File: 1475147064143.gif (3.27 MB, 240x320)
3.27 MB
3.27 MB GIF
>>63703147
Probably, yes.

>>63704316
Thanks for bump!

>>63704455
I think it takes a lot more than 10 people to achieve what has been done
- at least 3 OPs to start these threads
- one of which is compiling resources
- one FTP archive getting filled up with a lot of contents
- one FAQ being built up, just compare version 4 with the latest release of version 5
- a lot of original pastas
- several people contributing to news
- several rounds of statistics
- a lot of original stuff
- we have even gotten ourselves a cliche-poster >>63708311
All making this one of, if not the best, general.

>>63707896
A few can be found on the FTP site, others are on Deviantart, the rest I do not know.
>>
>>63708846

>All making this one of, if not the best, general.

I'm inclined to agree.

/dpt/ has become a never ending "C vs. Rust" shitfest
/flg/ is an Arch circlejerk and full of "install gentoo"-tards
/wdg/ has some quality posts but way too many questions of newbies who don't even bother to read the OP

I like that /cyb/+/sec/ people are humble and earnest fellows and dreamers.


I salute you, good sir.
>>
>>63700359
That's a bright idea. Let me lay my skull right onto a sharp spike... I wonder what will happen?
>High tech
>Low IQ
>>
>>63700359
What are you, straight?
>>
>>63702181

I agree with >>63702141

Keep it up.
>>
File: books.png (33 KB, 778x390)
33 KB
33 KB PNG
With two months to prepare for an intensive codebreaking/crypto/reverse engineering challenge what resources would you turn to first?

I know Python, dabble in C, and I've done a few easy wargames on sites like overthewire. My networking knowledge is quite poor.

Sorry if this is a shit question and I should start poring over resources from the sticky, just not sure where to start, there's so much info there. I've also got a small collection of books, pic related.
>>
>linking to **dchan
>>
botnets
>>
File: 1494750414753.jpg (120 KB, 1680x1050)
120 KB
120 KB JPG
I am working to create an implementation of an Acoustic Keyboard Emission attack (basically just trying to figure out what you are typing from the sounds of the keys), and was wondering if anyone here had done anything similar. There seems to be some published work, a couple of githubs, but not much else.

Do you think attacks like this are live in the wild? Should I be worried about these things?
>>
>>63713506
>trying to figure out what you are typing from the sounds of the keys
How is this possible? Do different keys sound different?
>>
>>63713744
Yes. Also the impact sets the keyboard vibrating subtly differently. You can show this easily using Fourier analysis of a string plucked at different positions and then extend that from a 1D string to a 2D plate.
>>
There is always some new snake oil ... erm, I means new languages, that promise to solve our security issues. Rust is a new contender but Haskell is not taking this lying down either.

=== /sec/ News:
>Reflecting on Haskell in 2017
http://www.stephendiehl.com/posts/haskell_2018.html
>Haskell has had a great year and 2017 was defined by vast quantities of new code, including 14,000 new Haskell projects on Github . The amount of writing this year was voluminous and my list of interesting work is eight times as large as last year. At least seven new companies came into existence and many existing firms unexpectedly dropped large open source Haskell projects into the public sphere. Driven by a lot of software catastrophes, the intersection of security, software correctness and formal methods have been become quite an active area of investment and research across both industry and academia.

I like the enthusiasm but it is hard to see how a language can fix bad design such as the planet sized security hole in Debian a few years ago, a result of what was supposed to be a minor fix.
>>
>>63713744
Yeah there are a bunch of papers.
I'm basing my work off of this paper

https://www.researchgate.net/profile/Feng_Zhou56/publication/220593625_Keyboard_acoustic_emanations_revisited/links/5770085108ae621947487a14.pdf

Although at this point it's mostly just aping it an not doing too many improvements, because my math and AI knowledge leaves a lot to be desired (I want to go to grad school in it, but I have an EE degree and no job so I don't know if they will let me in, applying next year though)
>>
>>63713506

I'm not sure about this one.

I'd think that Van Eck phreaking has more applications and a higher range.
But then again if you only need a directional microphone and some software it's a much easier setup. Everybody and his dog can install a hidden microphone somwhere.

Keep up and post results.
>>
>>63714028
>I'd think that Van Eck phreaking has more applications and a higher range.
The acoustic route can be used by apps to listen in on the keyboard that otherwise be unavailable and then exfiltrate the data at really great distances.

Also you can imagine the microphone on your cell phone listening in on the keyboard of your laptop. With loudspeaker control you can even set up your own local net.
>>
>>63713791
A plucked string isn't anything at all like a keyboard. Your comparison is at best an attempt to confuse and redirect, whilst showing nothing useful.
>>
>>63714271
Do you know anything about oscillations and Fourier transform
>>
>>63714271
>>63714359
Gentlemen gentlemen please, this is the time for math, not namecalling.
>>
>>63714390
Indeed.

Pressing a key, especially a mechanical key, will cause a small but measurable impact on the board the key is mounted on. That impact is the "plucking". So even if all keys are identical, the sound will have to differ. A quick Google search will show a lot of graphs that show how the pluck position changes the harmonics.

If you still doubt me, you can try tapping on a table top at various positions. The harmonics will differ.
>>
>>63714434
Now place said table on a carpet, or cover it in a tablecloth. Or put it on a different surface. This seems like the sort of idea that could work in ideal, controlled laboratory conditions but not in the real world. Too many factors influence the acoustics of smacking something.
>>
>>63711661
You can use your skills to practice yourself on real situations like reverse engineering malwares.
Read a lot of books is useless if you don't practice what you learn.
>>
>>63699278
>₪ /cyb/ FTP
>> ftp://collectivecomputers.org:21212/Books/Cyberpunk/
>> user/password == guest

Might add, if there is enough space left, that this is where the FAQ is kept.
>>
>>63716117
I'll see what I can do and put it to the gitgud aswell.
>>
>>
>>63716169
Excellent stuff.

The FAQ itself is being updated, a few new sections are expected.
>>
>>63714434
I type on keyboards with swift movements, making my fingers softly hit random keys between the key I just pressed and the key I'm going to press, also pressing every key in a different angle than before. I've seen some pianists do it, their hands look like they're dancing. I also type in different keyboards.

I like to believe I'm immune to this.
>>
What should an "entry-level" security analyst know?
>>
>>63718106
you should at least know what assembly looks like and know how to program.
the latter isn't about programming itself, it's more about having an idea what has to happen in sequence.
Also, advanced knowledge about operating systems and networking.
... did I miss something?
>>
File: file.png (193 KB, 300x298)
193 KB
193 KB PNG
>>63711000
>>
are most of you guys commies?
>>
>>63719497
I think when it comes to computers we're all the same, and politics should be kept off the business. Otherwise I'm pretty right wing.
>>
>>63719497
Nah. Capitalism is good as a premise but the free market can't just solve everything like libertarian tards think. Corps put profit above everything else, they need to be regulated. I also believe that we need social programs to help the poorfags, everyone deserves a baseline standard of living.

Rightists are usually dumb on economic issues and ludicrously ass backwards on social issues. Leftists are sometimes good on social issues and sometimes good on economic issues.
>>
*sigh* guys, I am emulating router web GUI, and when I visit the ip address it asks me to put in a password for admin account, and I do, but it wont load proceed when I hit the "enter" button, but nothing happens, I am still working on understanding html/js whatever the fuck this shit is, so I can remove this annoying login, and I can view the rest of the webpages.
>>
File: 1510341667329.jpg (116 KB, 666x666)
116 KB
116 KB JPG
>>63719776
Totally agree with you, they classify me as a right winged because i'm politically incorrect, as it seems you need to be libertarian, neoliberal an politically correct to be part of the left wing, we are reducing our ideologies to a name and only that, to the point that it looses all of it's meaning. Im tired of this bullshit.
>>
>>63717230
Comfy as fuck
>>
>>63719998
I know this feel. The conservatives say I'm a leftist commie cuck, the liberals say I'm an alt right racist/sexist/ableist/etc.
Identity politics everywhere.
>>
Lets discuss why aren't we focusing on electrical/electronics engineering. Understanding the basics is required to understand how software operate. So...

Website prepared by anon:

>https://cyberneets.neocities.org/
>>
>>63707940

they can only mitm a tls connection with something like sslstrip or if there is a reverse ssl proxy on the network where they already have the private key. i don't think there are easy ways to decrypt an ipsec connection unless it uses single des. custom encryption wouldn't be needed, but standard cryptanalysis would apply.
>>
>>63720234

most physical hacking is just usb sticks and hardware implants, not actually measuring power differentials to determine a private key or algorithm solely from hardware usage. most hardware hacking can be understood from a hobbyist level book like complete digital design which covers analog and digital circuitry as well as computer hardware.
>>
Does anyone have any idea what the best language for audio processing is? I'm keyboard anon.
>>
Slow evening? Page 7.

Bumping with pic. Remember: "short, black hair".
>>
>>63720234
>Lets discuss why aren't we focusing on electrical/electronics engineering.
We have, at least in the past. This comes up in EMP bombs, radio communications, GPS navigation and electronic warfare.

We still have a radio pasta:
https://pastebin.com/9uYXMhVm
>>
File: 1508218184248-2.gif (174 KB, 800x600)
174 KB
174 KB GIF
>>63720234
I have a lot to learn but im on it , thanks for the link, i try to contribute with cool papes and some of my thoughts for bump.

I would love to talk about hydroponics but it doesn't like seem the right place
>>
>>63721149
>best language for audio processing
Typically that is assembly programming for a dedicated DSP running a hard real time kernel or a trivial scheduler. DSPs are very suited for hard real time at low power consumption.

I have programmed DSP56300 and it is very comfy in assembly language. If you want to be more fancy you can use the Hexagon DSP in Snapdragon, though it is a bit of pain to obtain the documentation - you need to register and sign an agreement first.
>>
>>63713506
>>63713744
this is nothing new
the touchscreen on phones works on almost exact principle except that yours is pretty shitty one
i imagine how is that keyboard supposed to look like whilst not being a touchpad itself
surrounded by fuckin sensors
>>
>>63699278
>i2g3vsckj67dnjvb.onion
Any reason why this is timing out while loading for me? Obviously using tor.
>>
>>63721974
maderas was changing something again and wanted to move it.
>>
>>63722013
:0
damn, i was looking for something. I'll just wait
>>
>>63720971
The decryption methods for all popular encryption algorithms are known, one side needs to decrypt the traffic, duh.

With enough processing power and time these can be broken, even if there is forward secrecy. What im asking is, how can one reverse engineer cyphertext that you don't know the encryption method of (a custom encryption) even if it is mathematically much weaker than popular encryption methods?
>>
File: 1487303590016.jpg (43 KB, 650x487)
43 KB
43 KB JPG
How did you first get involved in cybersecurity (or anything related)? It would be nice if you could tell me your stories, because I need ideas on which approach to take. Thanks.
>>
>>63722067
Perhaps what you are looking for is on the FTP site.
>>
I know nothing about IRC/ IRC security, when I join a channel it ends up showing my username on the PC on rizon. Is there any way to configure this stuff?
>>
>>63722776
>Is there any way to configure this stuff?
Sure, but every program has its own config. What are you using ? mIRC, xchat, hexchat ...
>>
>>63709267
>I like that /cyb/+/sec/ people are humble and earnest fellows and dreamers.

Couldn't express it better.
>>
>>63722906
Hexchat at the moment. Is there some kind of noob's guide to IRC? Last time I used it I was like 11 and didn't care about privacy and such things.
>>
>>63721087
You're kind of right. IMO EE/CE is a natural way to expand the cyberpunk mindset.Learning about everything

>>63721638
Thanks for the pasta!

>>63721668
I'm waiting for the papers.
Yeah, hydroponics doesn't quite fit in here, but the subject itself is very interesting. Maybe you can create a thread about it on /sci/
>>
>>63722228

no, they're not known. it's nearly impossible to decrypt secure tls, but there are attacks like beast, crime and heartbleed which help against older versions. the amount of processing power and time required to break strong encryption would exceed the death of the sun.

like i said, cryptanalysis will still apply regardless of what encryption is being used.
>>
>>63722937
>noob's guide to IRC?
I think the guys at /g/ternet have something basic
> https://mesh.gentoo.today/wiki/Tutorials
then here's this
> EDIT: can't post link because spam, just look for "irc guide opnewblood"
(I remember I had a good guide downloaded by some *guerrilla* url, but the only I found now is the one above, and it's not that. It was more exhaustive and also covered tor setup) I'll make sure to post it when I find it.

Last time I used hexchat was aeons ago. I only have mIRC now and that's in the connection > local info > local host. Should be something similar in hc.
>>
>>63719497
In the real world Communism has come a lot closer to creating a dystopian hellhole than the right wing ever has.
>>
>>63721406
Why would a sniper ever wear bright red and high heels?
>>
>>63723481
It is excellent camo in the neon lit rainy future we were promised, where women were catsuits and always high heels.

Not everything in /cyb/ literature came true...
>>
>>63722776
>>63723248

fugg, so I reinstalled hexchat and found out how to change that.
On main window, press (ctrl + s) or go to menu hexchat > network list.
Look on "user information", last field is "user name".
Change that and you're good.
>>
What are some cyberpunk snacks?
>>
>>63724399
Sunflower seeds
>>
>>63724399
Screws
>>
>>63722296
Got hired as a government contractor as a co-op during college. Learned most everything I know on-site. Helps when the company pays for an IDA license and your job requires you to either learn RE or drown.
>>
File: key01.jpg (41 KB, 677x550)
41 KB
41 KB JPG
cyb waifus when?
>>
Anybody do the canyouhack.us challenges?

(gonna try to write this w/o spoilers)

I’m a bit stuck on 3 (yeah, I’ve looked at their hints). So far I’m injecting fine, I have the names of the visible columns. But I’m stuck on two things:

1) being sure of my fingerprint. I think I have it right, but none of the db, table, user, version, or column info functions work.

2) because of 1, I can’t think of a way to get the names of the columns I don’t have.

I don’t want an anwser, but does anyone have an extra hint?
>>
>>63721974
Sorry for the delay; I am on an engagement that has gone off the fucking rails (in a fun, exciting way which also tripled my work load)/

OH should be good to go this weekend.

Everytime I drop by this place to grab resources for OH, I am struck how importantt this thread is.

I can;t wait to have a little bit of breathing room to add value/resources for this community.
>>
>>63723460

Fascism and totalitarianism are basically the same thing with different leadership structures.
>>
File: 1486043382145.jpg (471 KB, 1920x1080)
471 KB
471 KB JPG
>start falling asleep at my desk
>sudden realization and sense of emptiness that I have done nothing with my life
Can any /cyb/ or /sec/ stuff be done outside, or get me a job away from this NEET nightmare?

Or more, is there any way to make money from it so I can stop being a leech (preferably without leaving my home)?
>>
>>63725851
i got there, but now im stuck too
all ive been able to do is figure out the table name, three column names of that table, and number of columns.

i should probably learn sql instead of googling for examples and trying them.
>>
>tfw browing cyb through terminal
>>
>>63727272
For just making money there are plenty of legal and not so legal ways to use /sec/ knowledge to make money. The path you pick depends entirely on you. Although as a bit of friendly advice scrawny nerds tend not to do well in jail. Just look at what happened to weev. The industry seems to be booming right now anyways so if you wanna go legit now would probably be the best time to try and get in and make a job out of it.
>>
>>63727709
What is the best way to get into the industry these days? I have a degree in electrical engineering but I kind of had a breakdown and haven't gotten a job 2 years out of school.
>>
>>63727753
Well it really depends on where you live and what kind of position you want. Like where I live its fucking military or government based shit everywhere so you NEED to get the Security+ before getting an entry level job because of the DOD 8570 requirements. Personally the way I did it was grab my CCNA and Sec+ (because of where I live you might not need it if you aren't in a heavy military/government area I dunno desu) and started off doing networking and then I started grabbing security certs and I eventually made the switch into doing SOC stuff.
>>
>>63727825
Ah, I live in Canada so I can't really do the US government stuff. Perhaps I need to look into certs.
>>
>>63727846
How about your own Cyber Force?
https://ipolitics.ca/2017/10/23/military-fills-first-jobs-in-new-cyber-force-with-more-to-come/
https://www.canada.ca/en/department-national-defence/services/caf-jobs/career-options/fields-work/other-specialty-occupations/cyber-operator.html
>>
>>63727859
I don't think I could manage in the military. Maybe as a contractor but never as a serviceman.

Interesting though.
>>
>>63727846
Well I know some people might disagree here, but I really do think the Security+ is a nice entry level cert that gives you a nice high level overview of a lot of the different areas you can specialize in.
>>
>>63722937
literally in the OP
>>
>>63727863
A short stint in the military is the ultimate in catapulting yourself out of a NEET existence, straight from the basement and through the floors, as it were.

Here in Europe the national service was regarded as a rite of passage in growing up.
>>
>>63727859
Alternatively there is the Canadian electronic warfare units.
>>
>>63727873

Makes me think.

Everywhere you hear CompTIA A+ means you can hit the power button at the computer and Cisco stuff is what matters.

So are there benefits in going the extra mile and try to powerlevel yourself through A+ --> Networking+ --> Security+ in 1 or 2 years? Or just go for the CCent --> CCNA?
>>
>>63728929
Certs are for retards too dumb to do real security work
>>
>>63728942
certs are an indicator. the preselection for hiring for example is usually done by HR. Now take a guess how much they know about cyber. That's where certs come in - it allows HR to decide if a candidate is eligible despite not knowing shit
>>
>>63728942

So waht do you suggest?
Hacking into the company's website to show your supreme skills?
>>
I want to contribute with material hidden behind pay walls. Where can I fill requests for people? I've got access to a huge pool of articles, books etc.
>>
>>63729415
that sounds fantastic.
But first we'd need storage. Mega links are only valid for one month for free users iirc.
>>
File: IMG_6106.jpg (22 KB, 280x210)
22 KB
22 KB JPG
>>63725112
>>
>>63728929
>A+ --> Networking+ --> Security+ in 1 or 2 years? Or just go for the CCent --> CCNA?
Mate slow the fuck down and realise the certs you've posted aren't related at all.

CCNA and sec + have nothing in common; why would you even think a Cisco stream is equivalent to a comptia triad?

Just because they involve computers doesn't mean they are remotely related. It's not one or the other. Get the fucking all, but since you're debating the merits of entry level certs on a Japanese Seinfeld appreciation society forum, you aren't likely to actually do anything at all.
>>
>>63729415
There is a FTP site with plenty of space but it might not be good idea to flood it with excessively hot files. Also much is perhaps already available on scihub, depending on what you have.
>>
>>63729704

Let me put it like this:
I think we can agree that networking knowledge is crucial for security (see >>63718221 ). Even if you don't want to live the hacker meme, other jobs probably still have a big overlap with security and networking.
Of course it would make more sense to compare Security+ to something like 'CCNA Security'. But I got the impression that CompTia is way easier than Cicso stuff. I just had a look into the curriculum of CCNA and even the first part (CCENT) doesn't look too easy, considering you have to do some live networking for the exam.
The CompTIA Route seems to focus more on a broad theoretical background and my impresison is that I could learn that stuff in a short while. I recently looked into a online test and if you have a vague idea what a hub is and what a firewall does you can already score some points here.

Don't get me wrong, I'm only a networking newbie and don't want to come off like an idiot. That's why I asked if the CompTIA triad is worth it or if it's so shallow that it's more rewarding to do jump straight into Cisco stuff instead.
>>
File: 6O3rpn5.jpg (113 KB, 900x655)
113 KB
113 KB JPG
>>
>>63706639
fun to see another /fit/izen here
>>
>>63730424
From personal experience the only one of the CompTIA trio that is really worth it is Security+, but if you are just trying to break into the field there is value in getting the entire trio in order to get past HR filters. It basically says to HR "I'm not a complete retard it is safe to give me an interview I won't shove my dick in a FastEthernet port" Personally I would advise CCNA over Network+ because I feel like it completely overshadows the Network+ but it will take longer to study for. If you want to focus on getting a job now the CompTIA tests are easy as fuck and you can probably have all 3 of them in 6 to 8 months depending on your experience level. If you know for sure you want to do networking I would say just skip to the CCNA because that is the cert everybody recognizes in the networking world because it doesn't matter if you like Cisco or not, you can't ignore their girth.
>>
File: 05.jpg (810 KB, 1400x565)
810 KB
810 KB JPG
>>
>>63729100
They don't, not at any real security firm
The second someone from trail of bits sees your cissp or whatever gay cert shit you have on your resume, it goes in the trash.
Get internships, Raytheon SI is know as the training grounds to get into security, you don't need any certs to get in, just do ctfs and have a GitHub with challenge write ups.
>>
>>63733229
Even university module shit is CTFs nowadays. Had a pentesting exam yesterday as part of my degree in CS and did miserably because I hadn't practiced on CTFs. Will do a resit Monday hopefully have chance to practice a bit beyond what we studied (run msf, > exploit).
>>
>>63733303
What kind of ctfs are you doing where you run metasploit
You need to be reversing/fuzzing for crashes and weaponizing the bugs
>>
how does working in sec compare to being a dev?
I have a hard time figuring out what kind of position I should aim for
>>
>>63733382
We fucking weren't. It was 8 weeks of tutorials/practicals covering: nessus, msf, nfs mount + ssh exploits. Some medusa bruteforce shit. Then the exam is a CTF boot 2 root situation where all the ports are closed and there's an XSS vulnerable apache with a system(request["v"]) page running on "nobody".

I now have a low level user access but didn't have time left. There's probably some suid files and kernel priv esc exploits that i can run with my low level user (frodo lol) but i'll hv to wait till monday.
>>
>>63733442
It was an Illidan level "you are not prepared" clusterfuck.
>>
>>63733442
Just use the dirty cow vdso priv esc
>>
>>63733502
That's what I'm planning on. I don't think DC works on 2.6.20 but something should :)
>>
Hey /cyb/ what would be a good gift under 40 bucks that would be useful for cyber security?
>>
>>63733751
Just off the top of my head, but maybe a USB Rubber Ducky? Though its $45. A Raspberry Pi is always useful as well.
>>
>>63699278
>https://hastebin.com/oquzikafuz
Is this, and other hastebins, showing as completely blank for anyone else?
>>
>>63734840
Not just you friend. Someone was setting up a github directory, I think. Maybe look it up.
>>
File: fugg.jpg (90 KB, 960x540)
90 KB
90 KB JPG
>>63734840
I visited the irc one. Lucky me I still have the tab open so I could archive it.
>>
>>63734840
I guess that's the best example why decentral backups are important.
The pastes from the OP can also be found here:
https://gitgud.io/cyb/er/
>>
>>63722228
>>63723090

to clarify a bit, yes, you can decrypt if you know the private key and, if enabled, the forward secrecy one time key, but that's not the situation you were talking about. a stranger grabbing the packets from a middle point router somewhere will not know the private key and thus will not be able to decrypt anything at the ipsec or tls layers. the attacker doing the mitm won't even know the source or destination ip addresses of the traffic.
>>
>>63730424
>That's why I asked if the CompTIA triad is worth it or if it's so shallow that it's more rewarding to do jump straight into Cisco stuff instead.
That's the issue; asking if you should do one or the other is where you fall short. Do them both. Fill the resume. If you don't have experience, you're relying on the certs. And let's be honest, if you've got three, it'll look better than one, even if that means you know a lot less than if you went down the Cisco stream
>>
>>63735801
You're right. Slight caveat: It's always best to assume that an actor like the government who wants to know what you're doing will be able to.
>>
newfag here, do you need to know how to code to get into cybersecutity, or can anyone relatively '''tech savvy''' make their ways about? t. brainlet
>>
>>63736577
>do you need to know how to code to get into cybersecutity

you need at least one scripting language to make your own PoCs once you discovered a vulnerability.
If undecided, start with python. It's easy, yet one of the most powerful.
>>
>>63734840
>hastebins
Wasn't this chosen for enhanced security? From the source:
https://ajax.googleapis.com/


It is connected straight to the mothership.
>>
>>63736577
Only if you want to dev your own exploits. That said, it's good to know py and ruby. Most exploits use py or ruby and you don't want to run random shit without at least knowing how to read it.

Also bash scripting will make your life easymode.
>>
>>63731498
This..this photo is really something. Makes me think. Good post, poster.
>>
>>63734955
Seriously?
This is a nice idea. Not as anonymous as it could be, but good nonetheless.
>>
>>63714434
seems like there are too many variables

>Surface the keyboard is on
>The keyboard itself
>The typists individual pressure "fingerprint"
> Acoustic interference in the room

Maybe you could train an AI to recognize if you had enough information to feed it but I honestly dont think there is a cheap way of getting it training information. There are easier methods of key logging if thats your intention.
>>
>>63719497
I'm libertarian right. In the 'hacker' communities I've been involved in there has been a pretty good mix of libertarian right and left groups, a lot of anarchists. There have been some commies and ancoms, they usually keep to themselves though, they're always the biggest assholes too.

Most people in the communities ignore politics though because they share a common set of principles and ideas that allow them to get along without getting into the specifics of legislation and governance.
>>
>>63719497
I think there's a nice middleground that can be achieved.
>>
>>63733229

It may come as a surprise, but not everyone's planning to become a five star elite pentester. Yes, unless you hacked the gibson with 12 you're not gonna make it to eternal glory. So what.

But for some things certs do help and for some cerst they do show hard skills. Of course experience beats theoretical qualifications, but often you have jobs where you need different skills and you NEVER find the person who has the perfect skillset for the posistion.

(In fact you should never apply for something you already know perfectly, because it wouldn't help you to become better...)

my 2 ct
>>
>>63725501
thank you for being the only guy to respond to my post
>>
>>63737432
I'll give you a (You) if you want one so badly, anon.
<3
>>
>>63736734
>>63736910
thank you. ive been seeing these OPs for a while now, and its hard to pass up all the resources on offer.
>>
bump
>>
>>63734840
it requires javascript to display.

why anyone thinks this is a good idea i will never know.
>>
>>63737391
>Pentester
Skid job
If you aren't doing VR you aren't doing security
>>
File: 1512668923201.png (295 KB, 1306x665)
295 KB
295 KB PNG
Network and Security Certification Humble Bundle.

https://www.humblebundle.com/books/network-security-certification-books
>>
File: satcom.png (516 KB, 800x424)
516 KB
516 KB PNG
I'm bored. Lets talk about hacking satellites. Lets start off with a funny one that I'm sure not many of you guys will know about.

Fleet Satellite Communications System or also known by HAM's - SATCOM

These are owned by the U.S. Navy and started being used in the early 80's.

"Since the late 1990's rumors have abounded that it was possible to hack into American military satellites and use them for wide area communication."

In the early 2000's these rumors started to become true as the satellite started broadcasting dance music, images. audio chatter, telephone calls all of these transmissions were not in English and none had a military nature.

The initial hackers/pirates are believed to have been Brazilian, Russians have recently figured out how to broadcast to the satellite but no public information on this hack has ever been revealed.

Examples :
https://www.youtube.com/watch?v=Zi_qhjAMbNA
https://www.youtube.com/watch?v=Hz_TA8R6cXY

The problem got so bad the US Military in 2012 sent out a series of broadcasts begging the hackers to stop this activity.

Example :
http://www.solarix.net/wp-content/uploads/2012/09/260.625-US-Military-Channel-Warnings.mp3

We can attain from this that part of the fleet costing millions of dollars was now out of their control and was being used to play dance music and for BRBRBR cartel and drug dealers instead of for vital us mil communications.

There are 1,100 active satellites in orbit at this moment. How many can be hacked? Not a lot of research has been done in this area but the fact that the US Navy has been hit by this gives an insight on how bad security could potentially be on other satellites.

I've been following and piecing all this together for a while now and I thought I would let you guys hear about this. Tell me what you think.
>>
>>63738767
Wow, pretty cool, anon.
As a brazilian, I can assure you that we are not involved in this.
You better bet in russians or chinese people.
>>
>>63736734
>>63736577

The syntax is a bitch because it incorporates white space which can make it tedious to learn especially as a first language. If you do decide to go with python as a scripting language you do get the following benefits

>Lots of documentation and a huge community to help you figure out any issues you're having with a script

>Lot's of books specifically about how python can be used in cybersec/infosec (Black/grey/white hat python, Python web penetration cook book, Effective python penetration testing, Violent python, etc.)

>Once you learn the white space syntax you will incorporate it into all the other programming you do and it will help with the readability

Anyway you will definitely want to know at least one language
>>
>>63738767
>SDR
this is relevant to my interest please go on...
also
>LoRa
>>
>>63739077
>>63738874
The most publicly known hack has been of the Iridium Satellites. This is worth watching :
https://www.youtube.com/watch?v=cvKaC4pNvck

Iridium is a digital based system for the most part which required a lot of reverse engineering explained in the video. You also couldn't "take it over" like SATCOM.

While SATCOM gave the hacker and entire FM carrier to play with so they could throw any analogue or digital data down it they wanted. (How they managed to this is still unknown but I imagine it was much easier to hack these then iridium due to their age and it based on old analogue technology)
>>
>>63708846
awesome dog
>>
>>63719497
yes
>>
File: the-jews-did-911.png (190 KB, 515x331)
190 KB
190 KB PNG
why dont you guys like sam hyde?

https://www.youtube.com/watch?v=KDUqO5WZlgI
>>
>>63721149
csound or supercollider
>>
>>63738753
Anyone know if these are any good for someone new to networking and security?
>>
>>63738767
how do I into decoding signals?
I've got a HackRF but never managed to decode anything on my own. The workflows I found online worked but I can't wrap my head around them
>>
>>63742002
www.rtl.sdr.com has several articles about this. There are also videos to presentations there. It is now a news site for SDR, well worth following.

You might also want to check the 4chan radio pasta
>>
>>63741431
There's an equivalent of those in the MEGA link but if you wanna donate to charity do it.
I checked the books in the links and if you're "that"new, then i guess no those books won't be helpful. Depends on your level, but i'd recommend you to check the MEGA link in the OP there are all kind of books up there
>>
>>63738767
>I'm bored. Lets talk about hacking satellites.
Indeed boredom might be the reason for these stunts: https://en.wikipedia.org/wiki/Broadcast_signal_intrusion
The Max Headroom incident is in the FAQ.
>>
>>63742364
recently I sumbled upon a screenshot of dickbutt encoded in a waterfall. How'd you do that?
I think the topic was about said image being transmitted on an military band. If that was indeed true, what is the chance that someone even sees this?
>>
>>63738283
>VR
What the fuck about virtual reality needs security
>>
>>63742419
>How'd you do that?
Map the image one line at a time to frequency, do a FFT and transmit it that signal for enough time to be visible on a screen (time depends on the band you transmit on), then do the next line of the image until the end.

This stunt was used to hide a message in Elite: Dangerous a while ago. The clue was a weird sound and someone inevitably processed the signal with FFT.

>I think the topic was about said image being transmitted on an military band. If that was indeed true, what is the chance that someone even sees this?
Assume the chance is 100 percent. Radio waves are monitored by every country having SIGINT capacity. These days that is a large number, given that even teenagers can do it with a cheap SDR and a few hundred dollars in equipment.
>>
>>63742421
ICE is not just a hypothetical concept from books.
>>
>>63742737
but it has nothing to do with VR, visualization does occasionally help with stuff though
>>
>>63706639
>autopsy
TOO SOON BRAH TOO SOON
>>
>>63738767
https://ham.scd31.com/
https://hackaday.com/2017/09/12/satellite-tracking-with-friends/
>>
=== /sec/ News:
>Wi-Fi hackers may move to Zigbee, Bluetooth and Sigfox
https://www.electronicsweekly.com/blogs/distribution-world/wi-fi-hackers-may-move-zigbee-bluetooth-sigfox-2017-12/
>Wireless attack tools are becoming more accessible and has resulted in Wi-Fi hackers focusing their attention on intercepting and decoding traffic from wireless devices based on protocols such as Zigbee, Sigfox and Bluetooth along with RFID, LoRa, and 802.11 variations, according to researchers at WatchGuard Technologies.

Nobody should be surprised that all attack surfaces will be exposed to scrutiny. Yet many are.
>>
>>63740943
back to cyka chan or twitch faggot
>>
>>63744037
>Yet many are.
Nah, it's just sensationalism, like for everything else. "Journalism" never changes.
>>
>>63744603
True - assuming people think about these things. Trouble is, how many realise their wireless keyboards and mice use Zigbee etc. and are leaking all their passwords in real time? Hardly anyone is my guess.
>>
>>63744671
>assuming people think about these things
They think about it, and they don't really care. Think about all the personal data they share every minute with their smartphones to who-knows-who.
Personal data is useless to most people, they give up so easily.

About wireless keyb sniffing, here's some links:
>https://samy.pl/keysweeper/
>http://www.windytan.com/2013/03/eavesdropping-on-wireless-keyboard.html
^^ this whole blog is a fucking goldmine.
>>
>>63744763
>They think about it, and they don't really care.
I used to believe that too until I read this little gem:
https://www.wsj.com/articles/millennials-unearth-an-amazing-hack-to-get-free-tv-the-antenna-1501686958
http://www.sfgate.com/news/article/antenna-sales-surging-among-millennial-cord-cutter-11727999.php

At first I thought it was a joke. It was not. This does not feel good.
>>
>>63745046
Goddamn, fuck these condescending old fucks. Also more evidence that normies are retarded, since they don't just use Popcorn Time or something.
>>
File: p.txt.jpg (261 KB, 903x1300)
261 KB
261 KB JPG
>>63699278
Is this a Lainchan thread?
Are you guy Lainons?
>>
>>63745046
>This does not feel good.
It actually feels good. I've always been scared that new generations could be geniouses because they were more born into technology and I could become obsolete.
But the more faith in humanity declines, the more I get faith in myself.

>>63745130
>Is this a Lainchan thread?
No this is a cyberpunk/cybersecurity general, but we might discuss similar topics and share similar views with them.
> Are you guy Lainons?
Sometimes I lurk there.
>>
File: digital - store.jpg (194 KB, 1280x960)
194 KB
194 KB JPG
>>63745210
I see...
I shall add these threads to my watch list then :D
I feel comfy being here.
Being a security addict and all that
>>
OK, so Altered Carbon is about to hit the small screen and Wikipedos waste no time in proposing to delete the article. What is wrong with those guys?? Do they fear they are about to run out of disk space?
https://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion/Altered_Carbon_(TV_series)
>>
>>63745108
popcorn time can take a normie to jail
>>
File: dialup-final.png (1.1 MB, 2500x1301)
1.1 MB
1.1 MB PNG
>>63745279
You're welcome. These threads are generally friendly and comfy, enjoy your stay.
>>
File: 1511697299972.gif (177 KB, 370x300)
177 KB
177 KB GIF
>Grey hat hacking: the ethical hacker's handbook, 3rd edition
>hacking, the art of exploitation, 2nd ed

which one should i read first?
>>
>>63738258

>infosec sticky
>requires JS

go figure..


>>63738767
>>63739440

>hacking into military class satellites
>just like in the movies
>it's habbening !!

\(∀)"/


>>63742121

Apart from legal issues I do like some solid paper every now and then.
We spand enough time in front of a computer already, so whenever I can learn theoretical stuff with a goold old book I do.


>>63745046

VHF is not a crime!!


>>63745332

What do people unironically use today?
Torrents?
>>
>>63699278
>http://phrack.org/issues/7/3.html
Now this is some school shooter tier manifesto, holy shit
>>
>>63745428
those are waste of time, learn something more specific about some particular tech you like
ex. for windows rootkits, read windows internals by Ionescu and something on writing drivers, then lurk for particular exploitation techniques/tools and explore the kernel yourself with a debugger
that's much more practical
>>
>>63738963
Should I learn python 2 or 3?
>>
>>63745667
>>63745428
I disagree, though I only now Art of Exploitation, it gives a nice overview of RE, C, wifi etc
>>
>>63745603
You are new to the infosec aren't you ? Welcome aboard

>>63745730
Not an expert in python but the general concepts are the same. However some methods are deprecated. Maybe learn the up o date python 3 and you'll easily read/modify python 2,2.7 code
>>
>>63745603

If the guy was 16 when he wrote his, he would be 47 today..
>>
>>63745801
He was born in 65, was in some l33t h4x0r teams (legion of doom and exstasyy something)
>>
>>63745751
that overview isn't going to help you much though, it's like 0.01% of what needs to be done and just makes you feel good about yourself

if you really want to do something, you need to get familiar with all these technologies first, that's the hard part
>>
>>63745581
I think most normies just use netflix or less legal streaming sites, since you can watch those with out fear.
>>
>>63745912

But if you google "Top 5 hacker books" or something like that, "the art of exploitation" is always among them though..


>>63745922

Well that's dissapointing.
>>
>>63738767
You can do it yourself of course, it's nothing specialbut requires a bit of involvement. Familiarize yourself with radio stuff, with spacecraft dynamics and spacecraft TT&C, there's plenty of public info. I'm more of a GNSS guy but I know a thing or two and can probably recommend some info on Russian TT&C standards (English ones are easy to find since you speak it).

You also need an amateur radio license (not for listening), a good SDR and a tracking parabolic antenna for this. There's plenty of amateurs trying to listen and parse satelllite telemetry and ground station signals, there's usually nothing secret about it unless you're trying to poke military ones. Some of them are trying to interfere with older satellites, keep in mind that this is usually illegal regardless of their official status, and can be tracked much easier than you probably think.
>>
>>63746034
>But if you google "Top 5 hacker books" or something like that, "the art of exploitation" is always among them though..
There are plenty of meme lists in every field, but practice is what you really need. Not just books. Especially with RE/exploitation. And for this, you need to understand the underlying tech, both details and reasoning behind it.
>>
>>63745912
Overviews aren't always a bad thing. Its a good way to see if you have any interest in something before you go balls deep.
>>
File: fzd_neuro_art_01.jpg (317 KB, 1000x449)
317 KB
317 KB JPG
>>
>>63745279
Does this mean you run a VAX/VMS cluster in your basement?
>>
>>63719497
Im quite a bot to the right irl, but i think internet should be completely free and not controlled by any company. Internet should not have anything to do with the real world, and should be completely anarchist. Its a special case.
>>
>>63745108
>condescending old
Who, the journalists? In any case it was about what is legally freely available and, importantly, that the millennials were not aware of this.

>>63745210
>It actually feels good. I've always been scared that new generations could be geniouses because they were more born into technology and I could become obsolete.
The way it looks there is absolutely no danger of that, being able to click on links do not make them geniuses. I have heard anecdotes earlier but dismissed those, up to now. Electricians around here used to complain about unskilled hobbyists "fixing" their own electric system but now that is no longer the case. The reason, I was told, is that the new generation is absolutely helpless when facing elementary tools such as a screwdriver.

>But the more faith in humanity declines, the more I get faith in myself.
Will the millennials be able to help the older generation 20 years from now? Or will we have to rely entirely on generation Z?

>>63745581
>VHF is not a crime!!
That was the point.
>>
=== /sec/ News

Snapdragon 845 is announced

>Qualcomm sampling Snapdragon 845
https://www.electronicsweekly.com/news/business/qualcomm-sampling-snapdragon-845-2017-12/
And what is inside?
>-3rd Generation Qualcomm All-Ways AwareTM Sensor Hub
Basically a system that is on unless you remove the battery. What could possibly go wrong?
>– License Assisted Access (LAA)
They wish.
>– Citizens Broadband Radio Service (CBRS) shared radio spectrum
A system for co-existence with military radar systems. What could possibly go wrong, part 2?
>Secure Processing Unit
This one replaces an older secure area (which turned out to be not so secure after all) with a dedicated CPU. Will this too also be always on? For, you know, security?

https://www.qualcomm.com/products/snapdragon-845-mobile-platform
>Support for 6 satellite systems: GPS, GLONASS, Beidou, Galileo, QZSS, SBAS
OK but how about reception on L2 and L5? Broadcom has a chip for that announced already.


Getting spec sheets for these parts will of course be impossible. Nevertheless Qualcomm is so happy with this that they have done "A Day in the Life" video: https://youtu.be/WkVOtqVID7Y
>>
>>63742421
VR is vuln research you fucking retard
You know, the guys finding all the 0day that you run on metasplot 3 years after they get burned
>>
part of defence is offense.
knowing this, wha is some offensive pentesting tech? I know smurf village is nsa only but does anyone have a pirated download of it?
>>
>>63749119

...so you can get 30 bucks bounty from microshit for fixing their stupid shit OS. Hooray.
>>
>>63749119
>vuln research
>VR
>>
>>63711661
Depends on the challenge exactly. but I say brush up on networking regardless.
It's a massive part of info sec in general, and is a priceless field to be good in.
>>
>>63749486
Or I can sell my 0day to a contractor for 2m
You are dumb as fuck if you think people are turning bugs in to the companies

>>63749550
Yeah champ, that's what VR means in the context of security, maybe if you were actually in the field you'd know that
>>
Been using my uni's neural net for decryption brute forcing. And my processing limit for the month is approaching soon.
Any suggestions on efficient data decryption hardware?
RPI cluster, GPUs, x86 cpu cluster?
Just curious what the best bang for buck is.
>>
Is NordVPN known to be the most secure?
>>
=== /cyb/ News:

Battle Angel Alita - trailer https://youtu.be/mkZsFiVQQsk

Perhaps it is just me but I think the eye size moved her a bit too far into uncanny valley.
>>
File: 1512771459976.png (336 KB, 620x640)
336 KB
336 KB PNG
Are the exercises on hackthissite good for beginners? Is the hackthissite forum a good community to be in?
>>
>>63750106
Yeah, I want to like it but the eyes are creeping me the fuck out. Every time I got really invested and interested in the trailer they'd suddenly zoom in on her fucking anime eyes and I'd cringe.
>>
>>63749644
If you can escape Microsoft's hypervisor they are more inclined to be generous.
>>
>>63747650
>Will the millennials be able to help the older generation 20 years from now?
They will be on life support way before us.
>>
>>63750106
looks 110% awful
>>
>>63736219

if the government has enough math phds to break ipsec and secure tls then i doubt your custom encryption scheme will be difficult for them to crack.
>>
>>63744037

home automation will be big in the future and with that new adobe sound thingy that is basically photoshop for voice you can imagine how much fun hackers will have.
>>
>>63750807
>house gets automated
>house gets ransomwared
>pay 1btc worth 500 grand to get it unlocked
>>
>>63751327
That's why IoT security is such a big topic nowadays.
>>
>>63751346

>ALEXA PLAY GANGBANG PORN
>wtf i didn't say that my kids are here
>ALEXA SEARCH CHILD PORN
>wtf i'm getting v&
>ALEXA HOW DO I KILL A SENATOR
>wtf hello secret service

The possibilities are endless and very dangerous.
>>
>>63750481
You can also go and sell it to the government for 10x the bounty price
>>
>>63749744
Why the hell would you think an rpi cluster would be the best hash per second to dollar value?

Rack up gpus and use hashcat.

https://arstechnica.com/information-technology/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/

This article is half a decade old; imagine what you could do now.
>>
>>63749744
How much do you actually do? If you're not running the cluster 24x7, you could use spot instances in AWS which are quite cheap.
>>
any way to recover deleted texts on android to gather intel?
>inb4 nsa
>>
>>63754553
Nice try FBI.
>>
I gave the OP a little trim, you can find it here
https://gitgud.io/cyb/er/blob/0/op_message
The resources still need some polishing but I hope they're a little more inviting now.

Next thing would be an sec-FAQ.
Could someone write a little about useful/"neccessary" certs? I'd like to have the routes for operative business / pentesting / analysis separate.
I'm but a hobbyist, so I don't have any real world information here.
>>
>>63749966
If you want a reliable secure VPN then just roll your own, but don’t confuse security for privacy, if you want privacy then don’t use a VPN.
>>
Is Kali Linux the go-to distro for pentesting? I'm asking if there's anyone here that works in the industry and if Kali is used or if it's just a meme.
>>
>>63755518

Explain, please.
If someone doesn't have your IP you get both at the same time, don't you?


>>63755921

I'm not in the infosec industry, so take this with a grain of salt.

But Kali, Parrot, Black Arch, Blackbuntu and all those distros are simple Linux Distros with a bunch of tools.
So it might be interesting in cases where you can't use your own customized laptop or where you want to use a vanilla distro to not give away details about your system because you can expect some forensic guys getting a hold of your machine later.

But I guess that if you learned those tools most guys will probably have their own set of tools and will put them on whatever they want.

I don't know what real penters use in their daíly business, maybe SubgraphOS or a hardened CentOS?
>>
>>63756438
> But Kali, Parrot, Black Arch, Blackbuntu and all those distros are simple Linux Distros with a bunch of tools.

Yes, I figured. Recently someone posted a thread with a linked article by the sec advisor of the Mr Robot series and he uses Kali apparently. I thought it was a meme so I was slightly surprised.

Anyways, thanks for the reply.
>>
>>63756438
>you get both at the same time
Your VPN provider will be able to see your traffic and probably log it, even if they say they don't.
This way you get more privacy from your ISP, because they won't see your traffic, but that is just shifted to the VPN, because they will see it.
>>
any of you experts in python?
>>
>>63756939
Far from expert, but just spit out your question, someone might eventually help.
>>
>>63750392
>>63750645
Feedback is uniform: the eyes must be normalised. Avatar edged us towards the uncanny valley but not everyone can get away with that.

Now, is she instead had blue skin...
>>
>>63757788
>is she instead had blue skin
dude, that's racist.
>>
>>63755264
>I gave the OP a little trim
I had a look. A few things seem to be trimmed and moved to other pastes. The problem is, some pasta point to other pasta and I have no idea how deep this goes.

Personally I think the structure could do with more flattening as in no nesting of pasta, with separate pasta for
- /cyb/
- /sec/
- tech common to both

For instance http://67.225.133.110/~gbpprorg/#40 might be added to tech along with the free shell info and IRC guide.

Linking is all well and good but a list of linear texts has the advantage that you know you haven't missed any parts. As I wrote this is my opinion, let's first hear what others think.

Also the FTP site might add a notice that the /cyb/ FAQ lives there.

>Next thing would be an sec-FAQ.
That would be an excellent idea. There are a few (very) old Usenet News sec FAQs that could be the starting point for a renewal.
>>
>>63757788
the eyes are weird but dont bother me much. the real problem is the awful looking plot and atmosphere.
>>
>>63709267
>>63722910
gay idiot redditors kill yourselves
>>
File: 27525_battle_angel_alita.jpg (468 KB, 2560x1920)
468 KB
468 KB JPG
>>63758011
Was there much plot to be seen in that short trailer? All I could see was entirely generic.
>>
>>63758032>>63758032

Go back to /pol/ you cancerous twat
>>
>>63757908
Nope. Perhaps you are specieist?

>>63755264
>an sec-FAQ
Demanding but not impossible. Enjopy some working classic music to the task. https://www.youtube.com/watch?v=ZGBcWObxtPk
>>
>>63757943
>A few things seem to be trimmed and moved to other pastes
Yep, I moved things where I felt they'd belong. I'm far from done here>>63757943
>The problem is, some pasta point to other pasta and I have no idea how deep this goes.
IIRC the farthest was 6 pastes which is far too much. I'd like to have something like the IRC guide. But combining cyb and sec in one document would make it very long. Same goes for example for the armor/arms overview.
It's very good information but I'm feelong repulsed putting that in the main doc
>>
>>63759574
>Not even denying
you have to go back
>>
File: Tron.jpg (635 KB, 3948x1841)
635 KB
635 KB JPG
>>63760841
>But combining cyb and sec in one document would make it very long.
I agree. That is why I suggested splitting into three parts

In fact I am having a bit of the same problem now with the FAQ. I have updated to Preview 10 and it is 125 KB in size. I want to add something about cyb/sec work and I am not sure if I have to make an entire new section for it.
>>
>>63750807
Sadly all these companies will force you to use a separate fucking service for each thing (e.g. company1 for your doors/locks, company2 for security cams, company3 for your fucking toaster). At least let me control this shit through my own network.
>>
>>63720234
That old navy stuff is really good. Beats any "dude arduinos lmao" crap that most electronics guides are.
>>
FTP is down?
>>
have a bump guise

https://www.youtube.com/watch?v=lZtYHCfWXk8
>>
>>63761894
Seems so. It worked well yesterday.

>>63761424
That stuff could be moved to the FTP site.
>>
>>63713506
how would this be possible without a sound library of every keyboard, keycap, and switch type along with every combination of each?
>>
>>63762869
most likely by analyzing how frequent individual keys are pressed
>>
>>63762944
Letter frequency analysis wouldn't be useful for determining the content of anything shorter than an essay.
>>
>>63763089
Actually I take that back. Not as long as an essay but you'd need a few lines at least.
>>
>>63746217
>And for this, you need to understand the underlying tech, both details and reasoning behind it.
ok, and which books do i learn this from?
>>
>>63719497
Of course not, don't be ridiculous.
>>
What is the best setup for securely downloading over Tor?
>>
>>63719497
Just leave /pol/. We don't fucking want you here.
>>
>>63745912
It's an overview. Just to get you started and see where you would like to follow.
>>
How to I become a radio pirate?
I want to transmit some of my favorite underground songs from th 90's and shit across my town
>>
>>63765146
https://learn.pimoroni.com/tutorial/sandyj/assembling-pirate-radio
https://www.wired.com/2015/11/create-your-own-pirate-radio/
There are, of course, different approaches
>>
>>63765356
If I wanted to use like a big fucking antenna in my backyard
how do I calculate the mileage it will cover? is it the wattage?
>>
>>63765479
should be, yeah
>>
File: 1500041971004.jpg (301 KB, 1600x1076)
301 KB
301 KB JPG
>page 9
bumpity
>>
>>63730424

I am looking into a more Infosec role myself. I spent 10 years in the AF, doing IT duties. Got my AA and BA in IT Stuff, but I've always been more of a Generalist.

If you Networking Q's, im willing to help.
>>
I'm trying to make a career change. I'm currently a cop and fucking hate every minute of it, since I had to drop out of college because my family is dirt poor and I didn't want to be saddled with a yuge loan. I've spent the last year teaching myself various languages and building a portfolio, but I'm having trouble breaking through. I'm thinking about picking up some certs to use as a foot in the door. I'm going to start with the basics, at CompTIA A+. What are some good resources you guys would recommend for learning? Just pick up a study guide off Amazon and dive right in?

I'm planning on working my way to the Security+ cert and maybe aim for a DoD job. Is that feasible without a degree?
>>
What are some good books I should read/get that would help me with cyber security?
>>
File: Fedora tipper.jpg (42 KB, 703x694)
42 KB
42 KB JPG
>>63699278
>claims to not endorse lainchan .jp
>lists links in three of the hastebins to both lainchan jp and cyberpunk forums
>both sites are run by the same person
>>
File: 1512464628012.jpg (100 KB, 673x767)
100 KB
100 KB JPG
>>63740943
he's our goy
>>
File: 1493498774702.jpg (37 KB, 600x421)
37 KB
37 KB JPG
I'm gay.
>>
File: 21.jpg (209 KB, 1366x768)
209 KB
209 KB JPG
>>63756966

no question bro, just wondering if you cunts use python at all
>>
>>63765479
Emitted power counts but frequency counts more. FM stations are hardly intercontinental. Antennas are also important, especially directive antennas that direct the signal where you want it while reducing emission in other directions.

Did you check the radio pasta?
>>
Assume you're an unprivileged user on a Windows machine, with write access to directory that's in PATH.

Is there any command that Windows regularly executes in PATH?
>>
File: f1wa7e8f.jpg (586 KB, 1000x1481)
586 KB
586 KB JPG
>>
File: yse541fawef.jpg (701 KB, 1600x880)
701 KB
701 KB JPG
>>
RISC-V is looking interesting.
https://www.electronicsweekly.com/news/business/risc-v-gunning-arm-high-end-2017-11/
>An AI “supercomputer-on-a-chip” made on TSMC’s 7-nm process.
A 16-core “ET-Maxion” targeting highest single-thread performance
A 4,096-core “ET-Minion” targeting performance-per-watt with a vector floating-point unit in each core.

How can we ensure there are no backdoors in this thing?
>>
>>63774566
By fabricating your own.
>>
Is there such a thing as a good secure instant messenger I can run in the background on my PC
>>
File: sadstoklasa.jpg (148 KB, 512x512)
148 KB
148 KB JPG
>>63699278
Can someone tell me what's wrong with my syntax? I keep trying to bruteforce a handshake file and it seems like aircrack either doesn't recognize my handshake file or sees it as a wordlist or something.

>crunch 4 4 charset.lst mixalpha-numeric-space | aircrack-ng -w - /root/handshake.cap -e (I put in the SSID here)

then it just immediately spits out "Passphrase not in dictionary, Quitting Aircrack"
>>
>>63774763
XMPP with OTR
>>
>>63774628
Impractical. Moreover you will also need to be certain that the software to reduce the RTL down to mask writing commands has not been compromised.

I wonder if the ISA will not be amended a bit more. Seems the designers are more catholic than the pope in that pointers are not auto incrementing.
>>
anyone have the firefox browser prefs link saved?
>>
File: 2012-07-26 12.30.33 HDR.jpg (455 KB, 1600x1195)
455 KB
455 KB JPG
Has anyone thought of getting an old rape van and turning it into a cool hacker van full of tech?

It would be pretty neat to take on road trips to conferences.
>>
>>63701898
Can I help out with this?
>>
>>63776174
You might consider getting an old fire engine. Even more space and you will be given the right of way. Also long ladder will make for excellent antenna positioning.

We are approaching bump limit.
>>
>>63775467
you mean this one?
https://pastebin.com/raw/T8TeepZP
>>
>>63776683
Is that legal? Would that be considered impersonating a firefighter?
>>
new thread

>>63777966
>>63777966
>>63777966
>>
>>63771779

check scheduled tasks for the version of windows you are targeting. also check dll load order to see if you can hijack programs a user might run.




Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.