This forum is in archive mode. You will not be able to post new content.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Teddy

Pages: [1]
1
Projects and Discussion / Re: C# or Python
« on: August 23, 2014, 03:54:18 PM »
Considering that you are just starting to talk over developing software it shouldn't really matter which one you pic.

In generell:
Video games, which render 3d images and so on are mainly coded in C++ simply because of the needed speed and so on.
hacking Software: Both should be fine if we are talking about the 101 scripts you are going to need for a support. However I could imagine that python development is faster there..

BTW have you considered to start with Haskell. You would have the support of Ryan Gosling there:

http://haskellryangosling.tumblr.com/



2
Hacking and Security / Discussion on IRC
« on: July 07, 2014, 10:43:43 PM »
Hi,

there was a discussion/talk on the IRC channal (#Evilzone) about when to use binary explorations and root kits.
I figured that it could be interesting for some people and further makes some advertisment for the irc.

So I decided to post it...

Quote
<noncetonic> I will say that binary exploitation is hardly ever used by sophisticated attackers
<noncetonic> 0day is expensive
<Traitor4000> noncetonic, So then when your attacking a network what do you do just use malware ?
<Teddy> Traitor4000,you were asking about binary exploration the other day...and that people told you it was out dated (and so on), That's the answer to it
<noncetonic> Traitor4000: pretty much
<Traitor4000> noncetonic, Doesnt malware have to use exploits live priv escelation etc
<noncetonic> it's much easier to bypass your AV than to find an 0day in something you are using ubiquitously enough in the environment to warrant the money expenditure
<noncetonic> Traitor4000: no
<noncetonic> I can write linux malware to drop my key into your authorized hosts file
<noncetonic> having root on a box is often not super desireable
<noncetonic> I'd rather get access to a user who actively uses the machine
<noncetonic> so that I can assess their value
<noncetonic> and if they are useful leverage them to do the same sorts of activities they normally do
<noncetonic> as to avoid anomaly detection
<Traitor4000> fuck logitech
<Epslon> noncetonic, [23:21] (+noncetonic) having root on a box is often not super desireable, pls explain?
<Epslon> Traitor4000 no luck huh?
<TurboBorland> the whole like last 5 lines were his explanation
<Traitor4000> yeah the fix didnt work
<Epslon> TurboBorland i mean more, duh
<noncetonic> Epslon: it's all about anomoly detection
<TurboBorland> what more do you want?
<noncetonic> if root is NEVER used on a box
<noncetonic> and suddenly root is using the box
<Epslon> Well keep trying man, im sure you'll get it
<Epslon> Oh i see...
<noncetonic> it looks fucking weird and will prompt an investigation
<Epslon> So you mean keeping a low profile
<TurboBorland> why would you use root?
<noncetonic> investigations are bad because if I haven't had enough time to clean up my environment I get busted
<e`> that's why you have a rk
<noncetonic> e`: no
<e`> yes
<noncetonic> no need for rootkits
<Epslon> rk?
<TurboBorland> wat
<Epslon> Thats for maintaining access not for cleaning up
<Epslon> Well not most of the time anyways
<noncetonic> don't need it for maintaining access either...
<TurboBorland> it can be used for a billion things
<TurboBorland> most especially communication with netfilter
<e`> you won't need much cleaning up if you hide yourself with a proper rk
<noncetonic> e`: you'd need to clean up the rootkit.....
<noncetonic> you can't just leave your toolkit behind
<e`> clean up the rootkit ?
<noncetonic> that's how shit gets burned
<Epslon> Yeah tripwire
<noncetonic> it's much better to compromise a user, keylog their ass
<noncetonic> steal their creds
<noncetonic> and just ssh into the box from the corporate network...
<Epslon> usually enjoy ssh backdoor patches
<noncetonic> you don't need that
<Epslon> But they need root
<e`> and how are you keylogging without modifying the underlying fs
<noncetonic> e`: using built-in linux shit for one
<noncetonic> like showkeys
<TurboBorland> until ssh needs to get patched
<Epslon> And can be a huge give away
<e`> that will still cause suspicious processes
<noncetonic> the less of your toolkit you have to drop on a box the better
<noncetonic> e`: it's very easy to hide from the process list lol
<Epslon> using inbuilt tools might be a good way to go
<TurboBorland> not without root
<TurboBorland> as it parses /proc
<e`> and hiding from the process list is still best done with an rk
<Epslon> Even with root you can easily be found out
<noncetonic> TurboBorland: you of all people know how easy you can do it by changing your $0
<e`> lol $0
<TurboBorland> with root it's practically impossible
<noncetonic> anyway, we have sudo access since we have the user's creds anyway
<noncetonic> so root is easily gotten if needed
<Epslon> Actually the risk of being found out depends on your skills, mostly
<TurboBorland> when I say root I never mean the root account
<TurboBorland> no one really uses the root account like ever, unless they're su users
<noncetonic> ^
<TurboBorland> you can d/l a decent kit, what skill is that?
<TurboBorland> google + can download?
<Epslon> [23:31] (TurboBorland) no one really uses the root account like ever, unless they're su users really?
<noncetonic> that'd be super noisey
<e`> you won't find a public decent kit
<TurboBorland> sure you can
<Epslon> e` so code one...
<TurboBorland> http://turbochaos.blogspot.com/2013/10/writing-linux-rootkits-201-23.html
<e`> i've done so ofc
<e`> i wouldn't talk about it otherwise
<Epslon> Ok
<noncetonic> rootkits are only useful for long game exploitation where you are stuck and need to maintain access
* Traitor4000 hat die Verbindung getrennt (Connection reset by peer)
<noncetonic> most TLA/NGO threat actors have a fairly set goal
<noncetonic> and will be in and out asap and hardly ever have to go back to old boxes as they pivot around
<noncetonic> unless it's a key box
* LaliBela (shades@E0767A7C.1F7C14B9.3D357804.IP) hat #Evilzone betreten
<noncetonic> which is why rootkits are mainly overkill
<LaliBela> Would sombody kick my old nick?
<TurboBorland> I like to feel safe
<Teddy> LaliBela, /ghost kick doesn't work because it is just channal not server wide
<TurboBorland> besides, it's just for proper integration of future shit

.................................

aitor4000> noncetonic, so all you do is drop malware?
18<20Traitor4000> and SE
18<20noncetonic> I wouldn't say that's _all_ I do
18<20noncetonic> I do drop 0day when it's monetarily and timeline responsible to take the time to buy/research a bug
18<20Traitor4000> Oh and i guess you can exploit security misconfiguration
18<25Epslon> Thats basic
18<25Epslon> Misconfigurations = Gates :D
18<20Traitor4000> noncetonic, Have you ever tried shit like hooking up a WAP to their network that you can access seems like that would be good.
18<20noncetonic> and I also break into buildings to drop off hardware that phones home
18<20noncetonic> Traitor4000: that is the STUPIDEST idea I've ever heard lol
18<20noncetonic> that would create a ton of anomalies
18<20noncetonic> and with the number of organizations now using ARUBA networks for their WiFi solution you'd set off red flags left and right
18<20Traitor4000> noncetonic, so what hardware coul you use wireless access flashdrives?
18<20noncetonic> it's much easier to just drop hardware inline and have it communicate out via 4g


3
Java / Re: Am I getting the concept down?
« on: January 12, 2014, 12:25:29 PM »

Quote
[size=78%]This is interesting. I had heard in passing that Java "was not purely OO". Is what you're mentioning called autoboxing? For example, int char byte are not objects. Is this the right concept?[/size][/color]

Boxing/Unboxing is the process of converting a primitive datatype like int, char, byte into an Object (or vice versa). In Java you have for every primitive datatype a class which basically represents it as a class e.g:
class Integer { private int value; //Methods}.


The process of extracting the value out of an object or storing such value inside a object is called unboxing/boxing.
Code: [Select]
Integer i = (Integer) 42;
int x = i.intValue();


You need this to pass a primitive datatye by reference instead of by value and to store it inside container class like ArrayList


Java also has static methods which aren't so OO.[size=78%]http://stackoverflow.com/questions/4002201/why-arent-static-methods-considered-good-oo-practice[/size]

4
Projects and Discussion / Re: [l33t] EvilWebServer
« on: December 25, 2013, 11:59:52 AM »
Hi,


looks like a cool project. I will have a look to the code soon

5
Projects and Discussion / Re: LISP, who are you?
« on: December 21, 2013, 03:10:21 PM »

Quote
Lisp is widely considered by great computer scientists and programmers to be the single greatest programming language ever conceived by man

In case you want to read another article of a LISP fan I could recommand that one:


http://www.paulgraham.com/avg.html

6
C - C++ / Re: Concurrent Programming
« on: May 11, 2013, 01:49:59 PM »
I also have some good tutorials about concureny programmin in C++11


http://www.youtube.com/watch?v=80ifzK3b8QQ
[size=78%]http://www.youtube.com/watch?v=qtRUG5ztMoA[/size]
http://www.youtube.com/watch?v=TZ9BgdgpYm8
.....till part 9 or so

7
C - C++ / Re: [C++]Expand a Dynamic array
« on: March 06, 2013, 11:18:29 AM »
What's about coding an own vector class. Then you would not use a library. Anyways you have to use at least new; and delete;.


The follow example code could be done a lot more efficient but you could use it as a reference
Code: [Select]

class DynamicIntArray {
private:      int* data;
       int size;
       int curPos;


       void realloc() {
         size *= 2;
         int* tmpData = new int[size];
         for(int i = 0; i < curPos; i++)
            tmpData[i] = data[i];
         delete [] data;
         data = tmpData;
      };


public: DynamicIntArray(int size = 200) {
         this->size = size;
         curPos = 0;
         data = new int[size];
      };
      inline int getAt(int pos) {
         return data[pos];
      };


      inline void add(int value) {
         if(curPos == size)
            realloc();
         
         data[curPos] = value;
         curPos++;
      }


      inline void replace(int pos, int value) {
         if(pos > size) return;
         data[pos] = value;
      }


      ~DynamicIntArray() {
         delete [] data;
      }
};





8
C - C++ / Re: Why would you rather use an explicit specialization in functions ?
« on: February 04, 2013, 05:50:14 PM »
I think that question is not easy to answer. The effect is in both situations the same just the way it happans is different. In the one case function overloading is used and in the other case template specification.
 
But my question is. Would not it be a bad design to use a template for a function and than suddenly switch for a different type to function overloading. I mean let's assume you are using a third part library which defines the function isEqual() from the above example. Then you would use the whole time the library like this:
isEqual<int>(2,3);
isEqual<char>('a','b');
isEqual<double>(2.001,2.0);
If you would have used  function overloading for double values the function which you have written to handle double values in a special would not be called but the template function:
Code: [Select]
template <class T>
boolean compareTo(T t1, T t2) { return t1 == t2; }
But now you run into the same problem like before. You wanted the double values to be equal when the Arithmetic precision is good enough. So you would write in the specification of your library now:
Quote
template <class T> boolean compareTo(...) : Use the template if you want to use any non double or   float value. Otherwise see definition of: boolean compareTo(double a, double b);
In my opinion that would be a very bad design and would make your library less user friendly. So just use function overloading or templates. But do not mix these things up.

I mean you could let the whole time the compiler decide which function to pick. Then there would not be a difference again because function overloading is executed before the template functions. But still I would have a strange feeling because you would force the user to let the compiler pick the function and once someone uses the template like I above there woule be trouble again.
 
So to sum this up. I personally think it would be a bad design to mix up function overloading & templates. But may there is another person in the forum who can give me an example when/why it would be a good idea

9
C - C++ / Re: Why would you rather use an explicit specialization in functions ?
« on: February 04, 2013, 01:10:51 PM »
Lets say you are creating a function like:
Code: [Select]
template <class T>
boolean compareTo(T& t1, T& t2) { return t1 == t2; } //I know the function has no sence
now you suddenly realise that the function does not really fit for the double values. There the values should be equal for a specific Arithmetic precision. For example:
compareTo(1.00000000000000000001, 1.0) would not be the same. But for your program they should be equal because the difference is to little.
You could fix this by using a explicit specialization.
Code: [Select]
template <> compareTo<double> (double& t1, double& t2) { double diff = t1 - t2; if(diff <0) diff *=-1; return diff  < epsilon} Now you still have the advantage of templates but you can use the function for double values as well. I know my example is silly but it was the best I could think of.
Anyways I think it is explained pretty well here (same story for class and function):
Code: [Select]
An explicit specialization of a class template provides an alternative definition of the primary template. It's used instead of the primary definition (or a partial specialization) if the arguments match those that are given in the explicit specialization.
When is an explicit specialization useful? Consider the Vectortemplate: The code generated by the compiler for the specializationVector<bool> is very inefficient. Instead of storing every Boolean value in a single bit, it occupies at least an entire byte. Following is an example of an explicit specialization Vector<bool> that manipulates bits rather than bytes.
Source: http://www.informit.com/guides/content.aspx?g=cplusplus&seqNum=50
 

10
Java / Re: [Java Source] Cryptanalysis - frequency and coincidence counting
« on: February 04, 2013, 12:00:13 PM »
Good work! Thanks for sharing =)

Pages: [1]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.