Bought an old ProLiant Workstation on eBay recently. Navigating through "Intelligent Provisioning" EFI utility, hitting TAB until I got this on the left bottom screen. Can't fall asleep. Afraid of nightmares.
winnie
boosted
I just convinced the CEO, CFO, and CTO to transition our entire dev team to be internal #OPNsense developers. :) :) :)
Building security appliances that can do full pcap at 40Gbps line rate based on #HardenedBSD, #OPNsense, and other awesome tech.
As of today, I've reached my dream job.
winnie
boosted
Windows PrivEsc Guide. Good summary with basic approaches. Some links to more juicy stuff at the bottom. https://sec-consult.com/en/blog/2019/04/windows-privilege-escalation-an-approach-for-penetration-testers/
#Ansible role to bootstrap a @Hetzner_Online Cloud VM with an encrypted rootfs. It's ugly and not idempotent, but does the job pretty well. SSH hostkeys management included. Most of it can be used for other hosters/bare metal. https://github.com/msgpeek/ansible-role-hetzner-encrypted-rootfs
winnie
boosted
More emergencies, Internet Archive
The Internet Archive had been experimenting with a digital lending library, and when covid severely limited public libraries, the IA started allowing unlimited checkouts (which essentially mean they allowed piracy of their book scans)
This was probably a huge mistake, but now four of the biggest publishers are suing the IA
Losing this means archive.org goes down
FabLab's #IoT OCTOPUS board is in stock again! #esp8266 https://www.tindie.com/products/FabLab/iot-octopus-badge-for-iot-evaluation/
Can anybody explain why this behavior does not affect the #IPv6 address? Spec?
Spend ours debugging why webserver wouldn't bind to a local, fix IPv4 address. Solution was set kernel param net.ipv4.ip_nonlocal_bind = 1.
Usually needed only for elastic IPs... Seems like Linux does not play well with the virtualized interfaces of my provider.
winnie
boosted
"Tale of two hypervisor bugs - Escaping from #FreeBSD #bhyve"
http://phrack.org/papers/escaping_from_freebsd_bhyve.html
^ Author had to reintroduce a vulnerability to successfully exploit on #HardenedBSD:
"All the previously detailed techniques will no
longer work."
Great writeup on the evolution oft the Bisonal RAT https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html?m=1
Blog post "Attacking Jenkins": https://msgpeek.net/blog/2020/02/attacking-jenkins/
I wrote down common mistakes and security problems I encountered during reviews of build systems based on #Jenkins. Credits for review: @carloz_spicey
Thank you @LinkedIn for you suggestions. But I think I'll stay with offensive security...
Uploaded my slides from "Attacking Jenkins" talk at #unfuck2019: msgpeek.net/slides/attacking-jenkins-unfuck2019-16-11-2019, blogpost will follow during the next days.
Joined Nov 2017
