Nothing to hide? - The importance of a cyberpunk mindset applied to a cybersecurity skillset. >[YouTube] Glenn Greenwald: Why privacy matters Resources: Cyberpunk: Cyberpunk directory: >pastebin.com/9JaJFqB2 Cyberpunk resources: >pastebin.com/7DWCsAc8
highly recommend anyone learn assembly even if you're just doing capture the flags to have fun. it's vitally important and really fun to be able to debug stuff and look inside compiled executables that aren't supposed to be looked inside of
Chase Williams
do you think python is a language worth learning?
Robert Sanchez
anyone who programs a compiled language should know assembly if you can't debug your code what's the point of being a programmer
Kevin White
>if you can't debug your code what's the point of being a programmer to write fizzbuzz in interviews and get hired due to diversity quotas
Dylan Fisher
if you already know a scripting language? no particular reason to. if you don't know any scripting languages or any languages full stop? go for it. it's not a particularly elegant language and not my favorite, but it has easy syntax and lots of libraries
Matthew Rodriguez
OP you need to deleted the "embeds" and post the link for that youtube video
James Clark
I'm trying to learn x86 assembly right now, not for skiddie stuff though. It's ironic how dealing with pointers and memory is easier than in C because of all the ass-pain labor put into assemblers since the seventies.
Christopher Lee
Sorry dude, I'm not the "regular op" who edits the pasta and shit. I'm just a phone poster who loves this thread and tried to keep it alive as often as possible. It's bloody hard to remove the embeds and shit on phone
Jordan Thompson
>yfw jewgle just fired that guy that wrote the pdf
Hunter Butler
To post in this thread you need to post one thing you are currently working on.
Sebastian Johnson
I recommend the Edx micro-masters in Cybersecurity from RIT (Rochester Institute of Technology).
I recently finished the Forensic module and now I'm in the Risk Management module.
Each module last 8 weeks. There are 5 modules in the entire course.
I'm really liking it.
Camden Cox
i think it may just seen easier because they're working on more trivial things in assembly than in C, or because it's clarified any confusion you may have had about what pointers are or w/e. although it's true that you don't have to memorize the workings of malloc vs calloc when you just have the memory in your bss section. but in total C is probably the better of the two to develop with if you had to pick :)
Jordan Parker
ironic. all he did was say that you are not free to voice your opinion at google if you are right of center, and in google's response they say "we LOVE when our employees share their opinions!" not surprised though. our time will come soon enough
Nicholas Ward
I hope google starts to lose talent long term because of this. Definitely making me think twice about trying to go for project zero.
John Adams
>CCNA Cyber ops >setting up a professional data centre type lab with domain controllers, firewalls and dmz >pen testing book Slowly slowly learning more and more than my peers. I'll be entering the stratosphere soon while they continue to be shitful scrubs
Isaac Perez
take joy in your own success, not the failures of others
Sebastian Baker
I do take some joy in it because these people dismissed me and looked at me like I was retarded for CHOOSING to study, for VOLUNTEERING to be sent on PAID courses; they are happy and content to do the same hardware repair forever, but try make me feel like a loser for wanting more.
Landon Ward
61788022 (last thread)
Your right man...whenever I have thought about exploit development, for some reason my mind always falls back on binary stuff, not development toward web apps...what you said makes sense, as drive-by exploits are incredibly lethal...I thinking combining even the poorest level of exploit develpment in that are would pay big dividends for me given my other skills...
I have exploited basic web application vulns in the past, but these were always much more predatory/opportunistic then I would like...
I appreciate the new looks on things man...Thank you!
Jonathan Howard
Guys my spelling is atrocious tonight given my working and trying to keep up on the thread as well...
user who got this thread up again after last one closed, thank you.
Whats a good assembler to get into? Any good resources for them?
MASM is too narrow, and NASM seems to not have alot of resources, even if I am learning it.
Isaiah Powell
Definitely am. Thanks!
Brandon Russell
So there's probably no way to say it without actually spelling it out.
How often do you pro guys wrap things using veil evasion?
I cooked up a real basic Trojan into a portable application, used veil evasion and it with no issues slipped past and worked on a 100% updated w10, 7, server 2012, and once I installed wine, os sierra for fucks sake.
That made me real paranoid about how often I've used warez cracks with reverse shells in them, but I was just blown away how easy that was..
Wyatt Murphy
FASM is good, but all the x86 ones do the same shit really.
Jordan Smith
If your payload gets spread around it will start being picked up by AV. Until then it will be relatively undetectable. You might want to set up a bunch of VMs with up to date anti virus and test in there if you know your target will have a certain vendor. Just make sure it can't submit the sample to the cloud. Enjoy your new found paranoia.
Easton Sullivan
Veil is real cool, I use it on occasion. I generally spend an hour or two making a batch of payloads amd keep a text file noting the differences of each file.
Honestly, just run them in a sandbox and monitor network communications. If any, something's up. A keygen has no business calling home.
Jaxson Peterson
Do you need some background for it?
t. EE freshmen.
Robert Perry
I have a question leading on from the other thread about ISP's.
I always thought that your ISP only see's what comes out of the router and not the individual devices behind the router, if this is the case then how does an ISP have such detailed information about the hardware you are using?
Nolan Garcia
The best reason to use python is the libraries and programs written in it
Jeremiah Gomez
not really answering your question, but take a look at shellter. AFAIK it's the golden egg for AV evasion.
Easton Price
Shellter free is kinda meh, the paid version is uber1337 tho
David Jenkins
Is this the place to be asking how exactly veil works? I don't like even bringing up the name because eventually it'll get banhmered like msfvenom exploits ala nakashakita (yep that's totally how you spell it /s)
But if I get the same Exe, make three copies,and run all three through veil with the same properties three separate times, am I going to get 1 or 3 different payloads?
Ethan White
it's spelled shikata na gai, baka
Tyler Richardson
or shikata ga nai
Easton Williams
Veil is on it's third iteration to be honest I am not sure how it works on a deep level anymore. nakakashakbaka was just an xor encoder.
Hunter Nguyen
Are you asking if your ISP can only see that traffic is coming from the router?
If so you are correct, the ISP won't know how many people or what devices are being used behind the router, they would need physical access to the router to gain that information. In the case of ISP provided routers, they come backdoored so that the ISP can remotely update the firmware.
Jackson Lopez
>nakakashakbaka I cannot stop smirking
Ryder Harris
i'm using NASM
Brayden Watson
You're not going to get code exec from browsers easily, downloading a file is one thing, forcing a browser to execute it is a lot harder real browser 0day is worth a fucking lot of money for a good reason
Ian Russell
Was there a big fuck off gpu cluster put together to crack NTLM V2 hashes?
Nolan Collins
I guess I was mistaken then
Aiden Bailey
...
Elijah Watson
...
Eli Howard
Im still going to get this done on myself. I love it so much. Not a replica, the general idea
Jeremiah Lewis
man wireshark
Ethan Torres
I've heard wireshark man is a good guy
Benjamin Campbell
...
Nathaniel Brooks
...
Dominic Parker
For cybsec C is the only answer.
Josiah Campbell
For the most part it's quicker and easier to write userland exploits in python. For kernel exploits however, yeah. Quite strong knowledge of C or some other systems language is advisable.
Tokyo Metropolitan Building appears to have a few DF antennas. Looking over using Google maps shows something else. Strange.
Adrian Nguyen
So as I promised in the previous thread, I'll post my brief points about Neuromancer. Generally it's a worthwhile read, at least for the cultural aspect alone. It's not as outdated as some people talk, it goes beyond being just an 80s rendition of the future. Pic related in the cover from the graphic novel, that thing is horrible and is no substitute for the book.
The presentaiton of low life high tech is really good, though I don't appreciate how far it goes into the future with outer space colonies midway through the book, as at that point the cyberpunk aspect takes a nosedive. That's why I liked Burning Chrome more, it's more minimal, less ambitious or unrecognizable.
I found the portrayal of the cyberspace quite confusing. Previously I read Burning Chrome and the matrix there was described as something geometrical, bearing no lifelike form. The abstractness was easy to grasp. In Neuromancer however there seems to be a mix of everything, physical and abstract representation. The storytelling when both are in play is absolutely chaotic, hard to follow. Things I was imagining as abstract blobs turn out to be in physical shape of sorts in other parts.
continued...
Sebastian Hall
(continued)
3Janes' motivation seems very dubious, I would say badly written even. She is familiar with the characters for several hours at best, her compassion seems unfound, moreso foolish as she fails to see how her willing cooperation leads to an apparent downfall. She takes no step to verify the claims of eminent destruction. Everyone else is always on their toes, except this girl.
Wikipedia article says Gibson rewrote the first two-thirds of Neuromancer after seeing Bladerunner. Well he should've rewritten the rest too.
I think a somewhat missed out point about Neuromancer is how everything is interconnected and how that might hurt those who follow the naive wiredness. In the book, society and even the people or machines that utilize the weaknesses of extreme wiredness don't seem to express any estimation of how they are sucessful thanks to that, everything seems so complacent. Maybe that's why the interpretations are muted when it comes to interconnectness, it's not signaled explicitly anyhow. Anyhow, the relevance and risks have a strong current day foothold as companies rush out products with internet connectivity without properly investigating how the devices might be utilized to remotely intrude upon owners or how said devices with little or no protection might be used for attacks large enough to cripple even the biggest internet providers. The book here really has some predictive power for the situation that is still evolving.
And that's about it, this cover is taken from a smaller graphical novel that tried to publish whatever was left after the discontinued original.
Carter Myers
>I found the portrayal of the cyberspace quite confusing. My understanding was that information and databases in Cyberspace were represented by geometrical structures but actors and AIs were not.
The inspiration was computer games from the 1980's where Wm Gibson saw players looking deep into the screen, absorbed in the virtual world of the game.
Pic. related is probably close to what we are talking about.
Nathaniel Edwards
In Burning Chrome everything is abstract geometry. After having read that, that's what I imagined the cyberspace would be too in Neuromancer. Gibson made no attempt to portray it as having physical properties at the start so when it shifted to having humanoid visions got me really confused. I then went to imagining these semi-geometric semi-humanoid descriptions. For example, I imagined the cyberspace description of Armitage as a flying cube with one side textured with his face (pic related minus ears).
Matthew Morris
The graphic novel while shit, attempted something sane, both abstract and concrete at the same image for cyberspace. Attaching
I started reading it last year when I first got my kindle. I read some 50~ pages and found it boring, even though I really love cyberpunk. Should I give it another shot? Does it get better later on or does the book keeps on the same pace?
Jackson Phillips
If you didn't enjoy anything following the Sense/Net hacking, don't bother, it will not get better.
>even though I really love cyberpunk What in particular?
Samuel Martin
To me the book feels like riding shotgun, so just strap in and enjoy the ride. It's writting in fast pace anyways, so you can finish it in a couple of nights.
Give it another shot and then pick up the other books of the Sprawl.
Jeremiah Allen
>Sense/Net hacking I don't remember any hacking in the book, though it's been a while since I read it. Though this idea piqued my interest.
>What in particular? I'm not sure how to put it into words (English is my second language) but I find it very interesting the way that the "net" is portrayed in GitS. The idea of you projecting (is this the right word?) your conscience into the network and directly interacting with it has a very high appeal to me and I'd like to see more of it. Does it make sense?
Yeah, I just re-read the points the other user (or was it you?) made about the book and I'm considering giving it another chance. I just might do that.
Also, directed to both of you, what do you think about the other books in the trilogy?
Aiden Nelson
>Also, directed to both of you, what do you think about the other books in the trilogy?
They are more focused and thus structured. It still feels like Cyberpunk obviously, but Neuromancer is literally all over the place. At least it felt like that when I first read it. Now that I read it again it makes more sense, but compared to the other two, it's much more "anarchic punkish".
Jordan Adams
Yeah, modern day browsers are battle tested and go through quite a rigorous secure development lifecycle. You need to jump through a number of exploit mitigations after you find a vulnerability and it can be a major pain in the ass during exploit development. So it's certainly possible, but it generally requires a lot of time/effort which translates to higher payouts.
Isaac Thomas
>I don't remember any hacking in the book, though it's been a while since I read it. Though this idea piqued my interest.
The start of the book has the main protag play a street degenerate until his senses and abilities are restored. There's much less neo noir moments as such afterwards. The whole backstory starts to get uncovered as separate missions get completed. Cyberspace exploration is key in this. If you haven't yet gotten through the very first hacking mission, at least consider finishing that. If you still don't feel good about it by then, then consider skipping.
Jordan Green
Do the courses cost money?
Noah Hughes
I see. I'll start reading it again since I forgot most of it and I'll report here in due time. Thanks.
Brody Scott
>install linux >fuck up >stuck on tty1 >keyboard doesn't work >usb keyboards don't seem to take either
fuck
Aiden Brown
How can I keep myself as safe as possible while using windows 10? I work in an industrial environment where windows is a real necessity because of all the retarded proprietary software (I use linux at home).
Ayden Edwards
Safe against what and against whom specifically?
Cooper Brooks
Against peeking eyes. Privacy. I know, I know, windows and privacy, hence "safe as possible". Or is it a pipe dream?
Aaron Sanchez
Do your work on your employer-issued Windows machine. Do nothing on it that isn't work. Do all your non-work stuff that you want to keep private on your own non-windows machine when you aren't at work.
Your employer will always have a lot of visibility into anything you do on their machines, networks, or that involves them in any way, so keep your activities segregated.
Carter Johnson
Well, I would not say pipe dream, but you probably know the limitation of windows for all around privacy already.
Standard OPSEC is obvously advices. Seperate your private life as much as you can from your work life. Don't use Social Media during work, encrypt your emails, use seperate passwords that you don't use anywhere else.
And again, you need to get more into detail. Not trying to talk you down or anything, but if you know the potential threats you are facing, it makes it easier to find appropriate defence.
Xavier Ortiz
which distro? a lot of people use debian or ubuntu because it just "werks" and does stuff for them.
Adrian Perez
Opinion on adnauseam?
Ayden Wright
Also, if you want to have some stuff to read in that regard: 1. The art of deception - controlling the human element of security 2. Secrets and Lies Digital Security 3. Social Engineering - The Art of Human Hacking 4. Security engineering
If possible, read in that order.
Jaxon Williams
Ubuntu, but I tried to install a script to get the trackpad working properly.
I think if I can get control of it again, I'll just wipe it and reinstall Ubuntu. How do I boot from USB exactly? Hold Shift?
Kayden Hill
to boot from devices, there should be a prompt telling you how on start up screen which will show the logo of computer manufacturer (lenovo, dell,etc..) or motherboard manufacturer (asrock, evga,) press that then press enter after going on your usb device
Juan Sanders
I don't get that when booting up. I did when I had Windows, but last night I wiped it and installed Ubuntu.
Did I fuck up even more severely than I though?
Levi Rodriguez
Does anyone know if those little programs to stop windows 10 from phoning home are effective?
Josiah Nelson
Try F1-F4 or F9-F12, usually one of those eight keys brings up the bootloader
Daniel Foster
nah, the motherboard of your system has a bios battery which you probably havent been tampering with, so you probably have fast boot, or utlra fast boot on, im not sure if your pc manufacturer has the program to remove ultra fast boot supported on linux.
Isaac Green
I'll keep those in mind, then. Meanwhile, I think I'm just gonna have to either wait out my laptop's battery running out, which sucks because the battery tends to last for several hours, or until it finishes processing whatever events it claims to have when I hit the power button and bring up a message that the CPU clock is throttled.
Gavin Ortiz
How do Install gentoo on my Intel thinkpad laptop? Is there a certain iso I have to get for laptops? I also how do I install I never installed Linux before except on a rasberry pi but I know the process is different.
Also does disabling the drivers for the Webcam and mic in the bios safe? Or am I better off tearing the system down and removing the camera and the mic?
Logan Gonzalez
just use the regular iso, not the minimal one, installation is the same as arch and is pretty easy if you follow the instructions, OR, do it repetitively
Nicholas Bell
Is there like special drivers or something I need to get because it is a laptop?
Ryder Adams
How do websites know exactly what hardware I'm using then? I'm behind a Pfsense router
Hudson Brown
nah, its just software
Matthew Watson
You're OP for as long as you want to be OP, user. I'm 'usual OP', by the way.
Landon Howard
Imo Veil is shit. It was good, but not anymore.
Benjamin Butler
Come back please. You were doing a beautiful job. Although the other user kept the game alright.
Nolan Roberts
I will, but I'm still working on updating and streamlining the pasta. A New OP pointed out to me last thread, it is mammoth. However, I don't want to stop adding it to as I think the information should be kept as up-to-date as possible, so this means that it needs to be easy to navigate.
Andrew Ramirez
Cool, we will be waiting, OOP.
Ian Gutierrez
How about presenting the compilation so far? Perfection is not required.
There is also the FAQ. And the FTP site.
And the long dark tea time of the quietness of /cyb/.
Last update appears to be April 2017. Is it on hiatus?
Also on the FAQ there are further pointers: >planetdamage.com/faq/ Several magazines are listed including The Dose (Pic related) Seems rather Cybergoth. Are there anything newer than 2010?
Carter Mitchell
Knowing assembly also gives you an opening into embedded software. that is a line of work less prone to be outsourced to Asia. Embedded with C code is often done in China and Taiwan, hence all the GNU problems. Assembly stuff is loser to the important IPR of the company and they will not let that part out of the gates. Unless they are suicidal.