pastebin - pastebin.com
IRC - #Sup Forumssec
Currently recruiting for CTF Team on ctftime.org. This team will be particpating in plaidctf. The CTF start the 21st
Vote for the team name here - strawpoll.me
The team will be made at 12pm PTD | 7 UTC. Make sure you make an account. This team is open to all people.
Other urls found in this thread:
wiki.installgentoo.com
twitter.com
can anyone help or point me in the right direction?
man xxd and look into hex
kek, I bet he wants to kill himself with that answer
This is all very interesting. What can you do with the data after it has been reverse-dumped??
I want to give lain many pats on her head.
Sup Forumsentoo men looks like is recovering and might end up winning huh.
look for word like in the matrix
trips have spoken more people should vote lainshill
But lainshill sounds like shit.
Is the CTF team planning to participate on DEFCON CTF qualifier too?
I responded in your other thread
LONG LIVE Sup ForumsENTOO MEN
anything between 00 and 7f is ascii printable text.
Just a hint ..
What can you do once you get a shadow file?
john the ripper and sometime
sure we can definiatly do that
bump
The Team Name is Sup Forumsentoomen
Make sure you have an account on CTFtime.org
here is the team code
Sup Forumsentoomen:1d1IbO:j4yx0csuEThOzKLsWWVxuBHhFMA
alright right so new code
Sup Forumsentoo men:1d1Ief:jpI2JPUwuoJRmjJMlpKllpuGyn4
bump
Brute force the password hashes. The first dollar sign marks the type of the has, the second the salt, and the third the hash.
>most dutch registrars set up dnssec by default
>none of the foreign registrars (read American) seem to do it
>wonder if I should let it affect my decision whether or not I should use an American registrar
Does dnssec really matter for personal email? It seems a bit unlikely to be targeted for a dns poisoning attack. Or am I wrong?
you could always do on a later date and focus on low hanging fruit first
Dutch registrars get a discount on .nl domains from the registry if they set up dnssec. Thats why they do it.
...
Does that mean you could just do a hex to ascii conversion?
yes
I tried that but just got random characters.
I'm missing something, surely.
Also where's a good place to learn about this stuff. Could you maybe give me some key words to start researching with?
maybe it is substation cypher
Is all this hexadecimal stuff related to machine language?
pretty much
Good enough for me
bump
JOIN THE CTF TEAM
I'm pretty shit and would just be in it to learn so I can suck less. Can I still join?
sure like the op says it is open to all
Joining on ctftime won't actually do anything.
same with shit posting
What's the IRC server?
Rizon
It'll help with Sup Forumss e-penis issue.
I have not translated those chars and maybe Im firing bullets to air, BUT i would check for endiandness and look if makes more sense.
I'll look into it, thanks
/sec/ convince me to watch Lain.
How are you liking it?
Liking what?
Lain
I wouldn't know, I haven't started. She seems to be cute though
what's the IRC server on? freenode?
I'm too new to know otherwise, but I promise not to shit it up with questions, I just wanna lurk and learn.
Rizon. Not a single issue with making questions, most of us are here to learn after all, be it at a lower or higher level.
BUMP CTF SOON
Actually, here's a question, how does one use a socks5 proxy legit?
As in, everything is piped through it, even shit like Flash.
I never did get that working right and still can't.
Admittedly with minimal trying.
Why? Why for shitposting of course!
Every try I did, Flash always got the actual IP and not the proxy.
no
You guys know about the Charlie hashes for pctf right? I hope you're in irc
It give off a great nostalgic feeling for the Internet of the 90s and has a nice soundtrack.
>internet of the 90's
sigh ^_^
Getting old fuckin' sucks.
Can someone give me the use case for passphrase-protected encrypted SSH keys, as opposed to unencrypted keys?
Everyone says you better use encrypted keys if you know whats good for you, but as far as I can see they protect against a very narrow threat. First, they protect against physical access. Someone steals your laptop or clones your drive while you're not around. Full-disk encryption is available, easy, and protects much more than just your SSH keys. Second, they protect against someone stealing your keys some other way and then using them, like via malware or some kind of remote exploit. But if someone exploits my machine to the extent that they can exfiltrate my encrypted SSH keys, they could also just keylog me when I type in the passphrase to use my SSH keys, snatch the keys out of memory when I have them unlocked, or whatever.
So encrypted SSH keys defend me against someone who exploits my machine, but whose ability to use that exploit is intermittent or incomplete, so that they can't crab the keys when I decrypt them for use. How is this very helpful? What am I missing here?
Guys, don't forget the Sup Forums wiki has a netsec general article on the wiki. It can use some improvements.
wiki.installgentoo.com
not that OP, but where to go from this?
This, improve the wiki article.
we have a pastebin either of you guys could improve it yourself
Could OP next thread link to the wiki article?
it does not add anything that is not in the pastebin