@electricCZ Arch 😁
InfoSec Tool Builder, Rust advocate, Linux lover. Connoisseur of temporary tattoos. He/Him
Yeah I don't think I'll ever post anything here I wouldn't want #searchable. Use your own discretion, but I assume I'm public anyway.
Pasties @ Shmoocon
- 85 Followers
- 113 Following
- 411 Posts
@0x00string damn those seem useful
@nigelharpur if it's SSH, my money is either on a small key or use of an old algorithm both of which were switched to disabled by default in the past fivish years.
@sp4rkr4t Honestly I think it'll just work. At the very least it is safe to plug them into another Linux machine and run `pvscan` and `lvscan`. These are read-only scans to try and detect and report on those physical and logical LVM volumes.
If you're also doing software raid you'll need to scan using mdadm (can't remember the flags off the top of my head).
If you're doing hardware raid then things may be a lot harder or not possible to migrate depending on your controller.
Frédéric JacobsChina targeted and might have held for months access to the infrastructure used to do wiretaps on the AT&T and Verizon networks.
This is a huge "told you so" moment for the cryptographic community that has been saying that such infrastructure does present a huge risk to national security. China reportedly used this capability for intelligence collection, obviously without a warrant ...
@rogueren That sounds like you're trying to artificially increase your reach through toxic self promotion. Most instances on Mastodon will ban you for that kind of bot behavior. Fair warning.
@fredbrooker that's not a joke, that's amplifying a problematic blog post that threat hunters need to take seriously and investigate.
@fredbrooker calling bull shit. Extraordinary claims require some evidence at least and saying it's embargoed is not an excuse if the researcher wants to complain about it.
RedHat and Canonical accept the existence of a registered CVE is not the same as it being accurate or correct. They don't validate findings just register reports of vulnerabilities to track.
Getting push back? You can demonstrate that without breaking an embargo but the push back is almost certainly deserved.
Speculating that it's a hard coded password? That would be an insane coup from whomever pulled it off and absolutely needs something to base it off of.