/netsec/ is dedicated to everything about computer security, networks, exploits, reverse engineering, social engineering, hacking, tricks, etc.
Daily Programming Thread: >>55559257
Web Dev General: >>55540825
How To Become a Hacker: http://catb.org/~esr/faqs/hacker-howto.html
Learning
https://cybrary.it/
https://n0where.net/
https://www.offensive-security.com/metasploit-unleashed
http://resources.infosecinstitute.com/
http://www.windowsecurity.com/articles-tutorials/
https://www.sans.org/reading-room/
https://www.corelan.be/index.php/articles/
http://opensecuritytraining.info/Training.html
https://www.blackhat.com/html/archives.html
http://www.securitytube.net/
News/CVE releases
https://threatpost.com/
https://www.deepdotweb.com/
https://packetstormsecurity.com/
https://www.cvedetails.com/
http://routerpwn.com/
http://www.exploit-db.com/
https://www.rapid7.com/db/
http://0day.today/
Wargames
https://overthewire.org/wargames/
https://www.pentesterlab.com/
http://www.itsecgames.com/
https://exploit-exercises.com/
https://www.enigmagroup.org/
http://smashthestack.org/
http://3564020356.org/
https://www.hackthissite.org/
http://www.hackertest.net/
http://0x0539.net/
https://vulnhub.com
https://ringzer0team.com/
https://root-me.org/
https://microcorruption.com/
https://starfighter.io/
How would you hack the Gibson
>>55564142
bumping
>>55564142
https://www.youtube.com/watch?v=7U-RbOKanYs
great video
btw anyone have a job as a cyber or network security?
>>55564326
>btw anyone have a job as a cyber or network security?
also curious. there was a twitter spat about bug bounties and i had always assumed those guys had real jobs at companies and universities, not just unsalaried handouts
Looking for an infosec career but don't have the resources, my current job screw my times.
How much time will take learning myself? I have patience and have been using Linux as a power user. Will learn networks, programming, etc, with online material. Plan on going for computer crime investigator job, or which is more likely for a self-taught?
>>55564142
I'm using currports to view all outgoing connections, what does it mean when a process says unknown and it has a process ID of 0? It seems to happen when I terminate a connection like I close firefox, but what is happening and why?
>>55564142
any good infosec or netsec irc channels?
>>55565141
is included in the wargames IRC first link
https://overthewire.org/about/contact.html
my advice is to go to some of these links and consider the initial site list as an index and the appropriate IRC a tree from there.
Bumpy bump
so how many boxes did /g/ pwn lately, hacking your own device doesn't count
How the fuck do you program for TOR?
The official site says to use SOCKS but I can't figure out what the fuck that means.
Say I use SDL_Net and open up a TCP socket to connect to some random chat program through TOR, how does SOCKS come into play, would this even work?
So.. somebody got into a social networking site of mine that I never use.
The website that they posted links to has an ip address of
>pic related
and an array of basic ports that are just wide open.
>also pic related
I don't care enough to fuck with them, but wanted to pass the info along to you guys if you weren't too busy playing tug-of-war with a boat.
Have fun.
>>55567534
what program did you use to scan the ports?
>>55567534
a russian hosting company? neat.
>>55567436
http://tor.stackexchange.com/questions/3421/route-c-through-tor-using-socks
"Tor is a socks5 proxy.
here is a guide to how socks5 works with tor read this, it is VERY useful
if using sockets (I assume c++ uses sockets) you will need to
connect to tor (127.0.0.1:9050 by default)
Send authentication (5,1,0) see rfc part 3
Receive the tor response (5,0) see rfc part 3
Send Client's Connection request (5,1,0,3 + host length + a binary representation of the host and port) see rfc part 4
receive the tor response (5,0,0,1,0,0,0,0,0,0) see rfc part 6 (there can be a bunch of errors here, so watch out)
Send a binary representation of a http request to tor (Tor will forward this to the destination)
Receive the http response (will send the header first then the web page)"
>>55564326
>>55564401
I work as an information security professional doing Red Team operations. First, bug bounties are a waste of time. Sure you gain some experience, but in the end the companies will pay you from $100 to max $10,000 for a vulnerability with PoC. They are doing this because an information security assessment (which goes through documentation), and an information security evaluation (which finds all possible vulns on a system) costs more than $50,000. Thus companies are taking advantages of kiddies with no jobs.
Second, this thread is pure cancer. The only good links are the wargames and maybe the SANS institute links (SANS are a bunch of scammers, they literally take your money and just teach you how to become a skid).
You want to be a real hacker? Research stuff yourself, reverse engineer protocols and software. Also, do not neglect documentation. A penetration tester or Red Team operation takes advantage of the low hanging fruit (first vuln found). An information security assessment and evaluation actually attempts to find ALL vulnerabilities. Understand that there are non-technical vulnerabilities such as lack of policies and procedures, undocumented behaviours, users who are not compliant with policies, etc.
>>55568240
thanks a bunch m8, this is very helpful
>>55568293
What did your resume look like before you got hired?
What do you have to put on a resume to get hired as a red team tester?
>>55568293
Forgot to add that, if you think it is all technical, you will have a bad time. Like I said, most of the time you will be creating your own tools (don't fall for the CEH meme that just run preexisiting scripts), and reading documentation (policies, procedures, leaked unshreded company documents through dumpster diving, etc.). Most of the pre-made tools all have a footprint that an IDS/IPS will catch. Again, this is okay if you are doing an InfoSec Evaluation. But if you are doing a red team operation, you WILL most likely need to either create your own exploit tool on the fly, or heavily modify a pre-existing one.
What is more important than technical skills? Reporting and your ability to read and understand policies and procedures. For example, if the organization lacks a password policy, you can be sure that employees will mostlikely use garbage passwords and reuse them. With a password policy enforced, you will encounter less users using garbage passwords (if any), and you will probably need to modify your brute forcing tools. Otherwise you might cause DoS to ALL the organization cause they might have an account lockout set.
Reporting is another valuable and peharps the most important. ANYONE can run a vulnerability scanner, ANYONE can run Metasploit and crack a box. But it takes a true professional to document the findings and turn the report into something management can understand. Sometimes the tools will find false positives, e.g. it will report a server is vulnerable because its banner says its an old version. But the reality is, the company compiled that package and fixed all the vulnerabilities. Validation is key.
In the end management doesn't care about a terminal popped on a box. They care about Cost Avoidance.
![guns_are_welcome[1].jpg](https://i.imgur.com/LrI3coH.jpg "guns_are_welcome[1].jpg")
>>55568425
Answer me.
>>55568400
>>55568400
My resume looked very empty as I lacked "business" experience.
What I did was work as a system administrator for a local school, then rapidly took a junior position as a penetration tester. Most pentesting companies DO NOT require certifications or any previous BUSINESS experience. HOWEVER, they will test you on the interview on both theory, non-technical things (policies, laws, procedures), then they will most likely set up a lab so you can break into. Most of the points are focused on the end documentation (which is what gets you the money).
Anyways, I did not have any certifications and my degree was in Math. However, from an early age (about when I was 8) I learned how to take advantage of buffer overflows. So I had a pretty good idea about exploitation and data exfiltration.
In the end, resume for my current Red Team operation job looked like:
Math Degree, system administration work, penetration tester work, infosec assessment junior, red teaming.
The only certifications I have now is cisco's CCNA and Security+. Again this was long after I got my job here.
Tip: look for openings as a pentester, you will see they dont care about GPA or certifications or any past jobs. They want you to understand laws, procedures, documentation, and how to leverage vulnerabilities. These are things books will never teach. Set up a home lab and practice practice practice.
>>55568527
Thank you anon.
there was an anon in the last thread who was reversing an android game and was using an on-phone proxy to bypass tls encryption. i am curious if the app was charles proxy or something else.
>>55567574
looks like nmap
What do you guys think of wireshark? Is it good to view every single connection on the network?
>>55570641
are you looking for something specific or just paranoid?
>>55570806
Call you paranoid all you want, but I'm curious and want to know what exactly is leaving and entering my network at all times.
>>55568527
based
this is very much helpful for me
>>55571605
Then wireshark is the right tool, since it's so easy on the eyes. You should really try to learn wireshark filters on the fly, it'll make your protocol analyzer time much more productive
>>55571605
Soft on router that catch all your traffic + some box that automatically analyze it would be better idea.
For example if there would be some communication with chinese or russian servers/tor traffic or other suspicious traffic you would be informed automatically with mail
>>55568527
Seeing as you seem to know what you are talking about, could you recommend somewhere to start learing this stuff? From what i've heard (and you seem to agree with this) textbooks and online courses don't really teach you anything except how to become a skid. Basically what i'm asking is where did you start? I'm willing to spend plenty of time on it aslong as i feel like i am actually learning something.
>>55572390
Bumping this.
>>55564733
I spent 4 years as a pen tester
be a quick study, familiarize yourself with systems you may not have seen before. Good research skills.
The thing most people forget is you need to be good at talking to all kinds of people. At the start of the job you need to get the IT guys and gals to help you familiarize yourself with their systems. At the end of the job, you are talking with corporate types about remediation and expanding budgets / expanding the scope of the review/ selling them shit
just my two cents
>>55568527
How did you even get an interview?
>My resume looked very empty as I lacked "business" experience.
All of my resumes always come back with "Lacking qualifications" or "Lacking experience".
Thoughts on this book? thinking about buying it.
Also bump
>>55564401
a friend of mine is hacking since he was 12 years old. today he has a company that exploits security vulnerabilities in enterprises to offer protection services
>>55573702
get a pdf and skim it before you actually buy it.
I didn't even like the page format so I didn't even so much as read a single line
>>55573702
It's very Windows-centric, but it does have some neat information about scripting your own debuggers.
>>55574293
reccommend any good books on reverse engineering/0day dev?
>>55572390
Make friends with real hackers. Hackers in the sense of people willing to tinker with hardware/software. The first time I learned about a buffer overflow was because a friend taught me this on a library, and he learned that from the Morris Worm. The community is what helped me get started, Phrack, 2600, and all those hacker communities. There was no course, hacking is not a pre-set of rules you can find on a book. Hacking is literally an art. I suggest you read up on the old phrack and 2600 articles, join up an IRC and ask questions. Do a lot of hands on practice, and ALWAYS ask the question "Why does this work like this? Can I make it do something its not supposed to?" It may take you years, but nothing as satisfying as a good hack.
Documentation wise, learn about the NIST SP 800's, boring to read, but the advice is great.
Learn about the laws and regulations out there. Patriot Act, Electronic Communications Privacy Act, DMCA, HIPAA, Sarbanes Oaxley, etc.
Lastly, learn about networking VERY WELL. This will help you learn how to pivot from public network to a private network.
>>55573080
As I mentioned, I looked for pentesting job ads that mentioned they do not care about prior experience. They will test you on theory and documentation, then the last phase is technical, so be ready, dont waste their time.
All these certifications are nice, but you are really wasting your money by trying to get them all. It is all a fad, making people script kiddies for a bunch of money $$$$. If it all really worked and was as methodical and perfect as they show, then there would be no more cyber security issues!
Remember, there is no such thing as security. Tools are just tools, a 3 year old can run Nessus, Metasploit, Hydra, etc. The real smart man is the one who made them. Are you a skid, willing to just blindly run tools and be happy with their "results"? Or will you find a new 0day, or create a new tool that redefines the security scene?
>>55574314
Unfortunately not.
As far as Reverse Engineering goes, I mostly just read blogs posted to /r/netsec and experiment. I haven't read any books on the topic (much less on 0day development).
There is "A Bug Hunter's Diary" for learning how to find things you can write exploits for: https://www.nostarch.com/bughunter
It's not really so much about reverse engineering (Though there are bits and pieces) or the actual development of 0days, but it definitely will be something you will need to know in order to exploit software.
As for reverse engineering itself, look at the methodologies that other people use to reverse things. This isn't so much about software, but it's super-interesting and kinda shows you the way someone might attempt to reverse engineer something:
https://www.youtube.com/watch?v=WOJfUcCOhJ0
https://www.youtube.com/watch?v=b_PZX6t_EF0
My biggest tip is to decrease your feedback loop when you are attempting to reverse engineer things. If you can set up something where you can test and take notes with pretty much zero effort, you have an incredible head start. I personally use Emacs Org Mode, but any literate programming system with live code blocks will be a great help. (If you can't find a full-blown literate system, then start with a language that has a REPL you can incrementally build things with at least.)
>>55564142
This thread ruins hacking.
While it may seem convenient to put every link there to help others, you are also spoon feeding them. The beauty of hacking is finding everything out yourself, and when you ask someone, they should not give you a spoon fed answer, rather than a clue for you to continue your journey.
These threads need to stop because they advocate lazyness, and hinder the research spirit every hacker needs. Hacking is no longer mysterious, if you google you could come up with these exact results in less than a second.
STOP ADVOCATING MEDIOCRITY
>>55574759
seconded
>>55574759
Oh, also, the last link is dead.
>tfw skiddying my way through vulnhubs boxes
>>55574661
Actually, the speaker here, Natalie Silvanovich, is one of the more notable members of Google Project Zero now.
>>55574759
>>55574767
None gives a fuck about your modded mimikatz "wow it fools av im so fuckin leet skids get out I taught myself" circlejerk bullshit. People have to start from somewhere, and this anti-skid crap has led to the shithole neckbeard cons that are defcon and BH. If this thread sparks some 15 year olds interest in the security community than its done its job.
>>55575269
skid detected
this a good book lads?
computer networking a top down approach 6th ed
>>55575269
GR8 J0B NSA WEW RECRUITING FROM IMG BOARDSSSS
R8 8/8
>>55575269
>implying laying everything out and spoonfeeding will spark interest
gj retard
>>55575269
You must be some of these frustrated kids that always toyed with SubSeven or NetBus because you couldn't get good.
>>55575269
kys
>>55575269
>implying that defcon and BH arent skid cons
>>55575361
Should be named KEK Con, LOOOOL
>>55575361
Nah. It's interesting to see the sorts of things that people make.
I was thinking of going to Defcon this year actually. Someone invited me a little while ago.
>>55575312
Lads?
>>55575361
He has never been to defcon. Skids and feds all over LOL OP probably dreams of working with the feds running automated tools with no knowledge whatsoever ROFLLLOLMAO
>>55575385
kys
>>55575385
kys
>>55575423
I love you too, anon.
>>55575385
Kill yourself
Good lord, this thread is shit.
>>55575385
Well the talks are neat most of the time , however most of the talks went from technical to political after those NSA leaks. And the con it self got way too mainstream that's why you have those blue haired dyke landwhales everywhere and 40 year olds using memes in the slides. My 2 cents at least, never been to defcon since eurofag
>>55575390
nobody read this book?
Any other networking books to recommend instead?
>>55575476
Idk lol just learn about the mainstream protocols and then look how the lower layers below it work
>>55574767
>>55575305
>>55575316
>>55575324
>>55575343
>>55575351
>>55575372
>>55575390
>>55575423
>>55575429
>>55575432
>>55575443
>>55575448
Cancer
>>55575305
>>55575316
>>55575324
>>55575343
>>55575351
>>55575361
Looks like I struck a nerve. Newsflash: the level of interest in security is at an all time low. VX scene is dead, your precious BO/netbus/s7/bifrost insults are irrelevant and are ancient history now. The various scenes were founded on the contribution of knowledge, not elitism. If you can't think back far enough to remember OTHERS sharing code snippets for EPO COM infectors or even sandboxie detectors for rats that's because you were never part of the communities that actually created anything, now stfu.
>>55575528
you mean just wiki that shit or what?
question:
whats more worth it?
CCNA
CCSA
>>55575565
>tossing this much bullshit in order to lie to an image board into thinking you are from the scene
wow dude, fucking cry about it
newsflash: kill yourself, hacking is by the community but they do not go out spoon feeding niggers. just look at the model railroad club how they accepted EVERYONE who had interest and researched
you are a fucking milennial
>>55575565
kys
>>55575565
KILL THYSELF OP FUCKING NIIIGGGEEEERRRRRRRRRRRRRRRRR
REEEEEEEEEEEEEEEEEEEEEE I WANNA MAKE A THREAD AND SPOONFEEEEED EVERYONE ON HACKIINNNNGGG BECAUSE I CANT RUN METASPLOIT ON KALI REEEEEEEEEEEEEEEEEEEEEEEEEEEE
>>55575565
>Hackforums the post
>>55575669
tell me honestly how did you achieve this level of butthurt? orally or anally?
why is it that sometimes these threads are good and people answer scrub questions like is X book good? and other times it's just full on shit flingin
>>55575591
More or less yeah , just look at everything you can find
>>55575718
Not him , but wow such comeback so strong wew
This thread is nothing more than i wenna werk in infosec what corporate cert should i waste my money on that does not mean anything and shuld i use nessus or the meatspin framework to pentest the latest client its basically the /g/ version of infosec
>>55564142
how do i hack some satellites
>>55575766
if you want to honestly work in any sec area you need certs if you dont know that you should inform yourself about sla´s and compliance
>>55575565
You are wrong, interest in security is at an all time high.
Companies hire more and more "information security professionals"* in order to avoid fines and losses.
*Information security professional in the business world is bullshit spewed certification monkeys that know jack shit about security. *
DEFCON and BlackHat are designed by governments to steal ideas from researchers. Yeah, DEFCON meant something back in the day, when there were just 10 faggots (including me), getting high as fuck and trashing the place. Exchanging knowledge and phreaking, now its a fed honeypot and a dick measuring contest. Fuck Jeff Moss, he made so much money out of that shitty con because he cant even hack into his own pants.
If you trully wanted to help and spark interest, don't spoon feed. Provide advice, and guide a person. If you give them all the answers, you do more wrong than good. After all, it is the learning path that has the most value.
Feds use these threads to create monkeys like you in order to justify the increased surveillance.
I for one wish people knew how to hack, we can bombard the fucking pentagon and crush governments. Fucking skid, understand that full disclosure is shit, and instead of making the world secure, you are handing exploits and techniques to the feds, creating a surveillance state.
Fuck you, and fuck full disclosure.
#Antisec
>>55575669
Sometimes you have to talk smack to get those who normally stay silent to speak up, I believe what I said but not that vehemently. What year/scene?
>>55575766
I'm not that guy.
>>55575814
you jest but we had a great theory thread about this at one point.
>>55575555
Beautiful quads are not to go unnoticed
It is ALMOST a palindrome number too... so close
>>55575841
>I for one wish people knew how to hack, we can bombard the fucking pentagon and crush governments. Fucking skid, understand that full disclosure is shit, and instead of making the world secure, you are handing exploits and techniques to the feds, creating a surveillance state.
if you honestly belive that full discolure helps the "bad" guys more then the "good" or anyone in between you should unplug.
>creating a surveillance state.
that boat has sailed a while ago
>>55575940
Fed spotted
>>55575940
Kill yourself faggot
i'm a noob. Just got this from a Russian thingy some time ago, that's all. I'm an idiot trying to learn.
Zeus botnet translated. It's the 2009 version though. I know fuck all about programming. I asked some bloke on the dark net and he told me to start programming with APL, but I made the switch to linux and I can't load the right key board font even though terminal brings up apl fairly easily. Then some other bloke said to try A+ instead because it accepts the ASCII stuff and the European layout. But every A+ is about emacs and cancer. I kid you not, no A+ tutorials worth mentioning. They told me APL and A+ allows you to try cooler shit because you're allowed to do more stuff. Then they told me to move onto C but only after I got A+ or APL. I tell them that the zeus translation is in c++, c and php for the command and control bits, and that i'd need a copy of windows server 2010. Not server, the windows thing you use to write c++, the thing that has c#. I have mono of course but fuck if i know how to use it.
>>55575940
retard
>>55575940
R E T A R D
E
T
A
R
D
>>55575940
bad person
>>55575940
AND THE FAGGOT OF THE YEAR AWARD GOES TO
THISSSS FAGOOOOTTTTTTT
>>55575645
major in math
>>55575940
CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER CANCER
>>55575955
>>55575961
>>55575968
>>55575973
>>55575978
>>55575992
>>55575996
>>55576007
grow up kids
surveillance states are already setup just because they dont bother you doesnt mean they arnt there
and if you belive that disclosure messes up security i got some magic boxes to sell to you
>>55576012
you quoted me >>55575996 wrong mate
pay more attention next time
>>55576012
are u retarded? of course they stated it exists and they are fucking angry about it
u most be drunk or a fucking fed
>analyzing a Word doc with VB macros at work
>the macros are 2500 lines and obfuscated
well fug
>>55575940
Exploits should be kept private and everyone should be not know about them. If only 10 people know an exploit, there is a good chance only developers know it and less exploitation.
what prerequisites should i have to start learning?
this thread is the exact reason I don't tell 9 out of 10 people that I do cyber forensics/ infosec.
>>55576276
A computer and some patience.
I'm half way through a university degree and boy am I just wasting time.
>>55576316
Why u say wasting time? In your university degree? why?
>>55576316
information security the first that i've come across that literally don't make a single idea of where to start ... and the bashing ITT makes it even more confusing.
>information security is the first thing that i've come across that i literally don't make a single idea of where to start ... and the bashing ITT makes it even more confusing.*
>>55576370
infosec is basically a bunch of pajeets running metasploit its not that complex
>>55575841
I'm the guy you quoted. I agree completely about teaching people how to learn, but the forum has to exist first - and it was those original morons who were against the idea of a thread like this existing who are against the free flow of knowledge. Infosec is huge now, but there is no knowledge transfer - you only have to compare the quality of old defcon talks to new to see that progress on tools and techniques have slowed to a halt or is repeating the work done in (one of) the scenes a decade ago. Feds benefiting from full disclosure, that's a new one. The ONLY people who benefit from RESPONSIBLE disclosure are the companies and the feds. Either you're brainwashed or a Fed, in which case you can fuck off. You can see the increased fed cooperation within infosec, now ask yourself why they are anti full disclosure.
>tfw wrote my first buffer overflow exploit today
am I 1337 yet guise?
>>55576691
>writing bofs on example vulnerable programs is hard
>>55576826
b-but it was my own IM program a-anon
Where can I load virii? I wanna see how these fuckers work. Preferably packaged in a non-retarded way.
inb4 hurr durr google pr0nz
>>55577041
Frankly youtube is a great source of it.
other than that there is vxheaven but its only about old malware, there is kernelmode.info , idk how many samples you can get off that
>>55575841
do you have any irc or anything other ways of contacting you to ask questions?
im the guy who asked the question on the 2nd reply post btw.
I'm trying to get into pentesting but I'm more of a book guy.
We should add a book list to the OP, these threads are the only good thing about /g/.
Relevant books I recommend:
>The Art of Exploitation
>Professional Assembly Programming
>Shellcoders Handbook
- I want to install some Linux distro but I'm playing too much games so am I fucked if I stay on Windows?
Any alternate solution?
- Apparently the only right way to secure your accounts is to have a different password nd username.
The process of having them all in a notepad and then opening it each time is not very practical so it seems like a password manager is the best way to do this.
But can those be trusted? Any rec for a password manager?
Also, is it dangerous if your browser memorizes your passwords? Do security "maniacs" and hackers really type their logpass everytime?
>>55579760
Leave games
Does anyone have experience working as a web developer and transitioning to application security? I'm not even sure what the title would be. I want to audit web app code bases for vulnerabilities. I don't want to focus as much on network security.
>>55572390
The fuck is a skid? I've never heard that before I looked in this thread.
>>55579974
http://www.urbandictionary.com/define.php?term=skid
>>55574759
Riddle me this, how many forums / discussion boards did you read to learn hacking? Stack overflow falls under discussion board by the way.
>>55579760
keepass
>>55575476
network warrior 2nd, little dated but protocol changes are measured in decades just like ISO/ANSI standards and language specifications
>>55575963
they were trolling you. c/c++/asm are the languages of choice with a scripting language like python or ruby added for development speed. php is the most popular language for insecure web servers meaning the rooted boxes you'll run c&c from. the language runtime should be on the internet, but visual studio will install it.
>>55576130
yeah, fuck patches
>>55579966
OWASP
>>55576069
can't you, like, sandbox them and see what they do? or debug them?
>>55576415
learn assembler then do microcorruption
>>55578871
the wiki is more or less used as a template for the OP
edit that and it might be in the next OP
>>55579760
>Also, is it dangerous if your browser memorizes your passwords?
well most people don't even use a master password for their stored passwords. even then you might be able to sniff that (thanks to X11 it's sort of easier on linux). and taht's assuming that setting a master password actually sets up strong encryption for your password database.
a large majority of users use them so they're attractive targets
>>55576069
i do that all the time, i get hundreds of fishing emails a day that are blocked
you are much better off letting the thing unpack itself and just grab the stage that comes first. if you are unlucky the macro itself will just run right inside of word
>>55582427
what the fuck are you talking about? you can only sniff passwords if they sent in cleartext otherwise you just get it encrypted no matter how it is entered.
having your browser saving your passwords is only an issue for physical access, and if someone gets a foothold of the machine they can just offload the profile and export the passwords from that.
>>55582548
sniff as in keylog
I'm currently on lena's reverse engineering tutorial part 26/40.
After I finish this, I'll crack bunch of crackme / keygenme, then a software that I bought long time ago.
This is a bit early for me to say, since I haven't finished all of the tutorial, but I think the most annoying part when cracking shit is when you encounter packer / protector.
>>55582309
someone should add:
trust no one, everyone could be an fbi agent or fbi snitch
trust no sites, any can be honeypots or compromised by hackers/law enforcement
if someone suggests you do something incriminating in a public way, even if it's just tied to your online handle, assume it's entrapment
do a quick google search on anything you plan to read, research or do so you know what you're getting into BEFORE you start
laws don't extend past their jurisdiction, but there are groups like interpol who work internationally and most countries have mutual legal assistance treaties with each other so do your research before assuming you are safe
moot was a faggot, but he was our faggot so never forget <3
>>55582652
most of the time the protectors are more annoying than difficult. there are tons of time sinks that you'll need to find an automated solution for otherwise you'll spend weeks doing everything by hand. immunity debugger has a python shell so you can write quick and dirty scripts. pykd is a windbg extension that lets you use python instead of c.
How does one set up a proxy on my computer? Funny enough I forgot how to fucking do this when I literally messed with it ten years ago.
Starting college this fall for a cyber security major. Wish me luck friends I haven't the slightest clue as to how this works. But I suppose they're supposed to teach me that, right?
>>55583655
OS?
I like these threads.
So is exploit development getting more and more difficult?
I mean obviously the days where you could just grep source files for vulnerable functions are over, but is it getting to the point where a motivated individual will take months just to find a very situational RCE?
Are state actors going to be the only ones with access to 0day in the future?
>>55584904
i've heard exploit development is harder because of the default compiler and os memory protections instead of the code becoming better.
i've heard you can still grep embedded system firmware images looking for bad strcpy calls. that's huge for iot devices.
i don't know enough about the state of the industry, but some smart pros tend to say stuff like "we need a new bug class."
>>55573080
I've been in infosec about 10 years, all of what >>55568527 has said is true for my experience, but understand that there are two types of security jobs:
1) General monkey work where they want compliance/procedures followed. Anyone can do this and it takes little mental energy or critical thinking. Typically they care about resume and certifications so they can prove to a client/manager that this person is "good enough." Largely interchangeable, less competitive pay (though not bad) and often dead-end career path.
2) Infosec jobs that are performance-based. Whether it's red-teaming, tool development, exploit writing or whatever, these jobs need to get done, even if they're hard or haven't been proven to be possible. Companies hiring for this kind of thing ONLY care about what you can do. It does them no good to hire 10 people with Master's degrees and certs who have paper experience if they don't have the hands-on experience to do the task at hand. My first job at a place like this, almost all the senior staff were high school graduates or dropouts.
Like previous poster said, the key to getting interviews is making connections and finding the right places that need skills at the keyboard, not on paper. My job gives a lot of interviews because we can't tell if someone actually knows their shit until we talk to them.
>>55574314
The fuzzing book with the bear on the cover is kind of out-of-date but the concepts are still true. It'd help to read that book and understand how to go about fuzzing an attack surface, and then ignore the tools the book recommends and roll your own solution for whatever you're looking at.
claim your infosec waifu
>>55585966
You're that guy and completely full of shit.
>>55568293
>calls thread cancer.
>states SANS isn't
You sound like you bought your papers and lucky that qualifies you to post here.
>>55586011
who's that fluid druid?
and are there really wimyn who know computers beyond facebook and le selfie?
>>55586011
her name, tho
>>55573790
cancer
>>55587035
he did say SANS are scammers, rofl you suck at reading
>>55567534
Those fools, they left port 80 open, I will inject some remote code right now!
>>55579760
The thing about Linux is a false dilemma. Nothing is preventing you from using both, Windows to game, Linux for whatever you want.
The easiest way to get started is to run Linux in a virtual machine. That way you can also try different distros rapidly.
>>55564142
'; DROP TABLE FAGGOT
>>55564142
Want to get into Net security but don't want to go to college for it. Been thinking about taking online Cisco courses though. Thing is, I don't have any other certifications. Should I start with CompTiA+ or CENT? Which ever helps me get atleast an entry level networking job
>>55587712
start with killing yourself
>>55586011
>she
>>55587035
are you fucking retarded? can you even read? he stated SANS are cucks m8
>>55587712
kys faggot
llleleeeeeeEeeeerEeeLLLLLLlll
>>55587814
>>55587842
I-I thought /g/ was a bully free zone
>>55587850
>I-I thought /g/ was a bully free zone
>>55587850
>>55587850
section .data
msg db "Kill yourself", 0xa
len equ $ - msg
section .text
global _start
_start:
mov al, 4
mov bl, 1
mov ecx, msg
mov edx, len
int 0x80
mov al, 1
xor ebx, ebx
int 0x80
Funny how you can easily tell who are the real thing and who are trying to fake it. The fakers talk about what certs they should get while those with a future or have jobs are talking about learning through experience. Fuck cert horders. They might show you metasploit but that doesn't mean you are an instant master. The only one I would respect would be oscp because ....damn, that is one tough lab.
>>55587922
What the hell are you talking about? Certs get people jobs. Its not about faking anything.You sound autistic
>>55587850
/g/ is pretty good usually, with the exception of this thread.
>>55587955
>>55587922
>Fuck cert horders.
FUUUUUUUUUUUCK YOU.
>>55588059
benis XD
>>55587424
>and are there really wimyn who know computers beyond facebook and le selfie?
look up radia perlman, very influential
>>55587958
>/g/
>good
After the /v/ invasion?
Protectors are cancer.
Stop using it in your software.
With or without protector, it'll get cracked anyway.
https://social.technet.microsoft.com/Forums/en-US/02974cdb-2603-46ba-a141-fa64bdbdb0bd/windows-10-breaks-nearly-all-armadillosoftware-passport-apps?forum=WinPreview2014Feedback
>>55568293
>>55568425
This is very consistent with my experience
>>55568527
Many people I know are similar but have some human network connection that gets them pulled in.
That said the business of infosec is insane.
>have a jobs telling people to patch
>have a jobs writing explanations of why they can't patch
>they have jobs doing cost benefit analysis of these
>they have jobs writing policies no one reads
>they have jobs telling users not to click on spam
>they have jobs running tools and never being technical
>they have jobs for trolling security forms and making power points with pictures for non techies
>they have jobs managing the above
>they have jobs auditing the above
>they have job educating all of the above
>they have jobs selling snake oil products for the above
Worse
>they make more than the sys admins and net ops who actually secure the system
>they make more than average programmers who need to write secure code to avoid the above.
>They make more than the 3rd worlders doing bug bounties
That being said
>>55587922
bro you make 20k more after you go to a one week bootcamp paid for by your company why wouldn't you have CISSP.
Repeat for HR filler shit.
I'm going to any vacation/cert bootcamp that gets paid for and adding more $ to my salary.
>>55587958
he thinks the normal spam situation of having
>a /guts/ thread
>atleast 2 linux circlejerk threads
>atleast 1 additional edgy "Why aren't you using %shittyhipsterdistro% yet anon?" thread
>atleast 3 graphics card threads
>thinkpad general
> ">STILL USING %productbrandname% BOTNET. FUCKIN NORMIES"
>desktop threads
>ricing threads
is good
>>55588967
>>55588533
I mean this thread almost has /fa/ tier levels of angst. Much more than the rest of /g/.
>>55589751
>/fa/ tier
WE HAVE A BOARD ABOUT "fashion"? Holy Shit.
>>55579760
>Also, is it dangerous if your browser memorizes your passwords?
about:logins or chrome://settings/search#Offer%20to%20save%20your%20web%20passwords, depending on your browser. They are just plaintext.
Use ChromeIPass or Keefox with Keepass if you want a level of security there.
>>55589951
I guess I'll answer the rest of your questions too...
>>55579760
>- I want to install some Linux distro but I'm playing too much games so am I fucked if I stay on Windows?
Not really, though you make anything to do with InfoSec more annoying.
>Any alternate solution?
You can use virtual machines... If you grab something like VMWare Player, you can have a full Linux system running as a program on Windows.
If you don't need to emulate hardware, Docker is a faster option than VMs for the most part, and there is a native Windows port now I believe.
You can also get a lot of tools working with the likes of MinGW.
Also, apparently Windows 10 will have BASH with the ability to run Linux programs at some point, and that is likely an option, but I honestly have no clue how well it will work.
>- Apparently the only right way to secure your accounts is to have a different password nd username.
>The process of having them all in a notepad and then opening it each time is not very practical so it seems like a password manager is the best way to do this.
>But can those be trusted? Any rec for a password manager?
If they are OSS, you can read and compile the code yourself--but for the most part, yes, I generally trust things like KeePass.
I am kinda iffy about the likes of LastPass though.
>>55589782
>newfag
Hey, does anyone here use dns tunnels? What bandwidth do you usually get, especially from captive portals? Do you use iodine or nstx?
>>55590881
>DNS tunneling
I thought you were talking about tunneling DNS over something...not tunneling IP over DNS. That's really cool!
Though I do have to ask, what are the advantages of this vs, say, having SSH listening on port 53?
>>55591034
when you probe port 53 you get a DNS server response instead of an SSH server response. Looks less suspicious.
>>55591157
Not if you have both with a multiplexer running on that port: https://github.com/yrutschle/sslh
Basically, if scanned, it looks like a DNS server, and acts like a DNS server...However if you connect with SSH, it will act like an SSH server. If it has no idea what it is, it defaults to a DNS response.
>>55591034
The access point you want to mooch bandwidth off may allow udp on 53 but not tcp.
>>55591432
Oh and dns tunnelling is shit, at least for me. It works and I can ssh into my boxes, but I get bandwidth limited to couple hundred bits per second.
I heard that 100 kbps is possible, but this perhaps depends on the captive portal setup, its own bandwidth, etc.
There's also IP over ICMP, known since 1996 at least, but 80% of access points already inspect that and drop your packets.
I wonder what other kinds of crazy things you can tunnel IP over...
>>55591432
>UDP
This, is a very compelling reason for DNS tunneling actually.
>>55591623
well, the main three were already mentioned: dns, icmp, wrapping traffic in valid ssl connect
really restricitive networks like great china firewall have all three defeated, either through packet inspection or just dropping suspected packets.
one idea i have is IP over port knocking. you need to be able to send tcp or udp through at least two ports to your server. most networks will allow 80 and 443. you treat one port as zero, the other as one and encode your traffic this way, bit by bit. massive error correction would be necessary, so throughput would be really bad. i think it's workable, but never got to write a poc.
>>55570719
that guy is a joke
https://www.youtube.com/watch?v=qI-Takf76RY
how do i become le hackerman of embedded systems?
>>55590084
>implying you would read and understand the code of a fucking encrypting password manager
one of the dumbest fucking things tools like you do is make other people believe you can audit the code you run
>>55587516
>>55587839
>Second, this thread is pure cancer. The only good links are the wargames and maybe the SANS institute links (SANS are a bunch of scammers, they literally take your money and just teach you how to become a skid).
>insults thread
>posts in thread
>supports SANS links
>calls SANS scammers
I do my best to read schizo, but you need to calm the fuck down
>>55589782
It's the most popular board and this is a make dominated site so
>>55594193
MOR-TAL REP-TARS doo doo dodood dodood dod od doo
>>55595664
*male dominated
>>55590881
I don't use DNS tunneling. Most carriers killed it long time ago in my area.
I manipulated HTTP query to get free internet from my carrier.
Speed is around 30 - 100 KB/s (3G speed). No 4G for my carrier.
I'm surprised I don't see people talking about this issue often on /g/.
I guess people know how to pirate software / game, but pirating internet isn't common so people don't mind paying to get access.
Anyone wanna tear my horribly made firewall apart? I could use informed critiques.
>>55596327
Eh, if anybody is interested:
http://pastebin.com/KCgeSALK
why did this thread go so wrong when the last one had been fairly decent?
was it when the hax0rs started measuring their dicks on a tuvan lutherie forum?
>>55574759
>>55574767
kill yourself
>>55597375
Found the 14 YEAR OLD who wants to hack his friends and leave dick pics everywhere and hack his crush in hopes of finding her nudies which he can blackmail her with. Fuck off retard.
>>55574759
>>55574767
3rded
>>55597480
>>55597482
die autismo
>>55574759
>>55575269
Who is the real hacker?, I'm lost.
>>55594613
I never said I would. I said it was an option if you were paranoid enough.
learned me some python and want to get started here. Anything I can do?
>>55597592
I heard Violent Python was pretty good.
Also, get away from here, before you become like the people in this thread.
>>55597595
>Violent Python
I'll look into that. What do you mean? Are you guys some kind of circle jerk? I'm bored and just want to play with my computers
>>55594613
the encryption will be hard to audit unless you have serious pure applied math chops, but the rest of the code should be easy. if a known good encryption library is used then you'll only need to audit the encryption function calls.
>>55597644
Metasploit
anyone have hoic link?
