i need some advice on how to execute nefarious acts.
my jobby has implemented policies that encrypt any data copied from pc to external media. i am a software and i write a lot of creative code that i want to use on my home projects. i used to copy everything to a usb drive, but i can't do that anymore. i need a way to still be able to transfer this data to my home pc. here are some theoretical ideas:
idea 1:
>zip source code >write base64 encoded text file of zip file >open in text editor >take picture with cell phone >upload pic to home pc >use OCR to convert image to text >convert base64 to byte stream and write binary back to disk
idea 2:
>convert zip file to analog audio stream >record audio stream via home pc microphone >convert audio back to binary
can anyone else think of some other really good ideas in being able to get my code to my home pc?
i'd honestly be somewhat nervous about sending the source code over the wire. i am trying to do this as analog as possible. otherwise, i may as well just drop it on my personal ftp or send it via gmail
Cameron Taylor
fyi, i do bring my laptop home sometimes. i wonder if i could connect it to my home wifi and stay off vpn. still, just because i am offline, i don't know what activity is being logged in a queue waiting to be sent as soon as i am connected to the network again
Asher Rogers
Unless they're man-in-the-middle-ing you (in which case as Github's https, your browser would throw up an error) they wouldn't know. Get a private repo somewhere if you're worried.
Dominic Edwards
But user, you don't own those copies of text files. That's stealing D:
Hudson Williams
corporate shill
Brandon Walker
>Obvious sarcasm >"corprit shill" K
Mason Robinson
sometimes people respond to jokes with other jokes
Hunter Nguyen
>i am a software No shit?
Elijah Roberts
> i am a software and i write a lot of creative code ahahaha nigga you what
Daniel Howard
Good cover user
Isaac Morris
Same to you
Bentley Thomas
copy your code with a pen and paper
Julian Mitchell
>i am a software
>tfw the captchas are about to get a lot harder
Mason Taylor
>i am a software Nice try Skynet.
Christopher Baker
send the files through ssh to your personal server, they can't crack that
you can also write your own file transfer program with some basic encryption in case they check for ssh connections and start to ask you questions
Parker Wood
Install Linux under VirtualBox.
Set USB passthrough so your flash drive connects directly to Linux machine.
Ctrl+C, ctrl+v.
Jonathan Stewart
would that actually work if the host machine is USB restricted by domain policies?
Daniel Mitchell
DNS exfiltration is cool. You repeatedly look up "chunkofencrypteddatahere.yourdomain.com" and save the DNS requests to your server into a file.
Owen Martin
Possibly. Depends what's securing it, it's the first thing I'd try though
Benjamin Adams
what's the max length one could use that way?
Colton Smith
Stream of QR codes and a phone app to decode the video.
Xavier Kelly
How about over radio?
Aiden Wood
Depends on your corporate proxy's security policy. Your requests would look something like "file0-chunk0-100bytesofdata.yourdomain.cn", "file0-chunk1-next100bytesofdata.yourdomain.cn" and so on as you send the files.
Real Chinese hackers have loads of domains to cycle through and return different IP addresses for each request.
It's hard to set up, pretty hard to detect and pretty fucking hardcore. Some faggot probably put code to do it on github.
Brandon Evans
For the code to do the audio transfer, look at emulators for 8-bit systems, they used to load games from tape. For example C64.
Brody Brown
interesting. looks like 406 bytes of data can be stored in a qr code, so i would need about 10 of them after compressing all my source files into a zip file and then taking a picture with cell phone. could probably decode them with relative ease. going to experiment a bit with this. thanks user
explain
David Butler
so if you want to transfer data from your computer and send it to a coworker's, what would you do?
Thomas Harris
how about you read your employment contract bruh, anything you do or produce on company time or with company resources belongs to the company and you have no right to it
Jeremiah Richardson
Not OP but obviously that machine will also be protected by silly lockdown settings.
Caleb Ramirez
Thinking about this some more, you could have a web app that takes data like:
And the QR codes contain the URL. You manually scan each code and file.zip is built on the server.
Painstaking for large files but very easy to set up.
I have to say I prefer the audio transfer idea though, there's something cool about being plugged in by a cable and sucking the files out of the headphone jack.
Julian Hall
>write base64 encoded text file of zip file >convert base64 to byte stream and write binary back to disk This is bait.
Parker Thompson
Plug in some USB that plays audio over the radio, have it limited to a few feet, and have a device (like Android) that listens to it and saves it.
The audio would have to be the file represented by sound and volume, possibly in base64 first and then into the audio, followed by a checksum to verify file integrity.
To the passer by, all they'll hear is static.
Angel Campbell
underated post
Luke Russell
i'd have to set up a web app and still send data over a wire, right? i am trying to do this without any network activity.
i like the audio transfer method, too, but i wish someone who knew exactly how to do this would point me in the right dir
Carson Morris
but how do i do this? easy to type in 50 words or less, but i need to know how to do this
Eli Morgan
>This is bait
no it isn't. i am serious and have already done this with a very simple image. i typed "hello world" into paint, saved as png, took a cell phone pic of its base64-encoded text, uploaded it to my pc, converted it back to text and into a byte stream, and wrote the byte stream to disk. it worked flawlessly.
easy to do with a 200-byte file, though. i need to do this with a 4-meg zip file and every single character in the encoding must be OCR'd perfectly or the resulting zip file will be corrupt
so it's not bait. clever idea if i do say so myself
Nolan Taylor
-shrugs- I'm not sure right now, but it's peeked my interest so I'm giving it a go.
Jaxon Brown
>the year of our lord 20 thousand and fucking 16 >not having eidetic memory
just kill yourself user
Joshua Nguyen
You'd be doing the over the wire bit on your phone, not over work network.
Gabriel Jenkins
B64 is a bad idea for that, it's not made for scanning. Use the format of bitcoin addresses, those are difficult to misinterpret because they lack chars that look the same.
Shit way to do it though, just play the file out of your headphone jack like an old fashioned modem.
Write an app for your cellphone camera and work PC display that transfers data by displaying coded data in white/black sequences.
Angel Lewis
Free Bitbucket repos are private by default
Matthew Perez
1. Write a script that reads in words from a website that would not be unusual for you to visit while at work. Something that has lots of words.
2. Have the script assign each unique character used in the program to a unique word.
3. Have the script read in the program you want to copy and substitute each character of the code for a word. So the letter f might be substituted with the word Rabbit, the left curly brace might be substituted with the word Matrix. Etc.
4. Have the script divide the giant string into a predetermined length that ends with a 1 of 100 etc. These little chunks will look like nonsense writings of a madman but they won't look like code, they'll just look like a bunch of weird words like "Rabbit taco white cat running flying cool Rabbit Rabbit" etc. The predetermined length should be the amount of words that would be normal for a long email message.
5. Email these messages to yourself or to another email address you own. If you can use a personal email address to do this it should be fine. If you have to use your work email address of any one is snooping they will just think you are crazy.
6. Have the script email the key which will be a message with each word followed by the character it represents.
7. When you are home write a script that takes in all the email message contents and the encryption key and then have it translate all the messages back into the original code.
Jaxson Wright
Whoa this sounds cool as hell. I want to try this shit. Thanks for the link user.
Aaron Gutierrez
>i need some advice on how to execute nefarious acts. >i am a software >i need a way to still be able to transfer this data
>Skynet blatantly trying to insert itself into public networks by circumventing its developer's safeguards
Brayden Carter
>i am a software. Hello Mr Anderson...
Carson Ross
This. Every action you take is logged.
Colton Garcia
yeah but you're not op so
Parker King
If you have the plaintext and the cyphertext, shouldn't you be able to reverse engineer the key?
