>>106913537
Busy week.
>F5 gets popped back in August
>SNMP buffer overflow

>>106913571
>F5 gets popped
At least they didn't publish their private key in documentation. Oh wait . . .

Reposting the updated Data Broker Removal Links:
https://pastebin.com/9tc94g2T
https://pastebin.com/raw/9tc94g2T

>>106913571
Yet too quiet in here.
Solarpunk still running: >>>/sci/16778662

got my 3D printer this week
make sure to remove all the government spyware
stopped working for a couple of days, no idea why
managed to get it working again, it's airgapped so it can't tell the government what im printing
also working on getting property, finally have enough money for a couple of acres, gonna park a caravan on it and get to work

>page 10

Does full packet inpsection only pick up data once you start it or before as well?

>>106919331
Snort, which I used, had to run before it inspected.

I'm interested. I saved the links and I will start reading when I find some time.

>>106919331
>Does full packet inpsection only pick up data once you start it or before as well?
Some enterprise class solutions (ExtraHop comes to mind) have a giant in-memory packet buffer and can start a PCAP midway through a flow and retroactively pull relevant packets from the packet buffer once you've decided "yes, I'd like those packets".
If you think about it, it makes sense.
>SYN - don't care, could be benign
>SYN-ACK - don't care, could be benign
>ACK - don't care, could be benign
>GET - holy shit, there's a log4shell / jndi in the User-Agent header, grab those packets

File: signal-2025-10-16-16-09-07-702.jpg (68 KB, 681x963)

68 KB JPG

http://ankblog2rpsnci3w72l3zggiibu7l5y6nargwgjjnycgizwfdq72zfid.onion
rip an OG

File: 1591594108959-k.jpg (77 KB, 960x929)

77 KB JPG

https://blog.nullvoid.me/posts/mercku-exploits/

Critical flaws discovered in #Mercku routers, specifically the M6a model, that could allow attackers to achieve remote code execution with minimal effort.

shodan shows 702 nodes exposed

I have the IDA Pro source code, wat do ?

File: 1739402019865964.jpg (58 KB, 680x680)

58 KB JPG

>>106923674
leak it
use onionshare and post link here

>>106923693
Can't do that, I'd be throwing someone under the bus.
I'm thinking of making a femboy themed cracked version.

hexrays .su

>>106923781
this fucking nigger fag axe
>umm *full mouth breath* what do *exhale*
then says
>umm *full mouth breathe* no*exhale*
fuck you fag

Is it possible to decrypt TLS and https?

>>106925475

tls 1.2, sure. 1.3+ uses forward secrecy so technically possible, but harder.

>>106923505
Would it be safer to have pairs of serially connected routers from tywo different companies?

File: den6k3t-af4b9da5-64de-4b4(...).jpg (2.67 MB, 3500x2263)

2.67 MB JPG

>>106913571
>Busy week.
Seems traffic has moved elsewhere. I had not expected so many would move across to a.c.t

>>106925531
>1.3+ uses forward secrecy so technically possible, but harder.
not really. There are turnkey implementations that will pop 1.3
>still need the private key
>need something that will forward the session key
I've seen it done with as the session key forwarder.
I've also seen it done with PA doing full on break/inspect.

>>106925531
What about aes-128?

Remember to only use technology from countries that you trust

>>106931957
Thanks to globalism, you really don't know where the tech originated.

>>106932979
I guess all devices are going to have global supply chains but still, when you're choosing a piece of tech to use, you're making a choice about which company or people you're supporting. Those people are going to be making decisions about what they allow into their supply chain, and what they don't allow into their supply chain.

=== /sec/ News:
>Thousands of customers imperiled after nation-state ransacks F5’s network
https://archive.is/eOkur
>F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long-term.” Security researchers who have responded to similar intrusions in the past took the language to mean the hackers were inside the F5 network for years.
>During that time, F5 said, the hackers took control of the network segment the company uses to create and distribute updates for BIG IP, a line of server appliances that F5 says is used by 48 of the world’s top 50 corporations. Wednesday’s disclosure went on to say the threat group downloaded proprietary BIG-IP source code information about vulnerabilities that had been privately discovered but not yet patched. The hackers also obtained configuration settings that some customers used inside their networks.

>>106933395
>you're making a choice about which company or people you're supporting. Those people are going to be making decisions about what they allow into their supply chain, and what they don't allow into their supply chain
That is what people think until news like >>106933896 come up. In addition to such cases, there are cases with discruntled employees leaving time bombs in the corporate software.

>>106913537
For my new job, I have to use social media for our marketing. What can I do to use it at home without it tying shit together? I can't use a VPN on any of the work devices so that's already fucking me over.

=== /re/ News:
>Hacking A Banned Chinese Security Camera
https://hackaday.com/2025/10/18/hacking-a-banned-chinese-security-camera/
>After powering the camera with a power-over-Ethernet (PoE) adapter [Matt] sets about monitoring network activity with Wireshark. The first data comes from DNS for the host devaccess.easy4ipcloud.com, which whois reports is operated by Alibaba Cloud LLC in California. This is a Chinese owned company with servers in the United States.
>[Matt] covers some basics of TLS and how it works. He then goes on to explain how a Man in the Middle (MITM) attack works at a high level. To setup a MITM attack against the camera [Matt] sets up some port redirections using iptables for ports 443, 15301, 8683, 9898, and 12337 which his Wireshark analysis indicates were being used. His MITM attack works, which means the device is not properly verifying its certificate signing chain.
>[Matt] goes on to reverse engineer the custom UDP protocol used for transmitting video data. He uses a vibe-coded Python program along with ffmpeg for that and manages to reconstruct a few frames of video taken from the UDP packet capture.

>>106929877

if you have the key, anything is possible

Updated Firefox Zero user.js
https://pastebin.com/z2fsL15G
https://pastebin.com/raw/z2fsL15G

Dawg, I'm a fucking nigger.

Dawg, I'm a fucking nigger.

>>106933966
Okay then perhaps I should say this: use tech from countries, organisations, and/or individuals that you trust. Yes there is always the risk that a piece of tech has been compromised. I guess you should just do the best you can. Try to use the most trustworthy stuff you can.

I think this applies to open source stuff too. If something is open source then hopefully that means people are looking at the source code, but I don't think something should be considered safe just because it's open source. There could be something malicious and obfuscated in the source, or something in the binaries which isn't in the source you're seeing, etc.