Behavior-based security checks, will never not be funny to me.

Me: Uses own regular home IP, logs out then in again
Them: Who are you, this is highly unusual, explain yourself! You are now banned!

Me: Spins up VPN instance in Somalia
Them: Obviously, he just logged out, and now in again from Somalia one minute later, come in friend, all good here.

Do not work as a Hacker - A Warning to you all

You want to be a Pentester, a Redteamer, you wanna hack for a living, cause you heard it is great?

Don't. Keep your sanity. It does things to you. A mad Hackers warning:

https://rootcat.de/blog/do_not_work_hacker24/

Behold the Darknet! Leaks, drugs, exploits and shady services. A place where the scum of the galaxy meet.

Meanwhile, me in the Darknet: I'm gonna visit the sleeping kitten again and spread some glitter. 🪩✨

Big UwU to DarkVault gang 😻

Stichwort AI und Anthropomorphismus - Vermenschlichung.

Das is ja immer so positiv besetzt, ach schau mal die #AI denkt, kuck mal jetzt is sie wütend etc.

Das kann man aber eigentlich ja auch komplett rumdrehen. Bewerbungsgespräch #Cyber Sicherheit, #ChatGPT basierende Scan Lösung stellt sich vor:

"Hi, ich hab die letzten Jahre zum zwecke von besserer autocompletion mega viel uraltes zeug zum Thema #itsecurity gelernt. Überprüft würde dabeu nur ob das sinnvoll klingt, vong sprache her.

Ja und äh seit so Herbst 2021 les ich gar nichts mehr. Ja, genau seit Jahren bin ich nimmer aktuell und ne also auf neue sicherheitslücken kann ich gar net reagieren, eigentlich auch nur auf welche wo viel in den Lerndaten drin war, einmal is quasi keinmal :) "

Wie is so nen Sprachmodell, grade in nem Feld das einen mega up2date Aspekt hat, und das jedem der heise lesen kann Jahre hinterher is denn bidde ne Zukunftstechnologie?

Imagine you are in a #hacking exam, your goal is to own the DC, get flags, all that jazz...
Instead of all this ad hassle 😳, proxying🙄, kerberos 😱 and such complicated stuff, in some cases, you can just drop creds via #aws #ec2 userdata ☁️😼
Here is how:

As most exams nowadays use aws ec2 to deploy their virtual maschines, and this is not always done securely, this can enable you to
a)sidestep the exam-path
b)break out the exam-environment

Often meta-data such as the IP of a exam VM is displayed on the desktop, this can be abused under certain circumstances to drop the aws keys, which is generally speaking not a good thing 😼

In order to setup the exam itself, create local admins and such, deploys make use of user-data.
If this data can be accessed and is not secured properly, the whole juicy stuff - creds and everthing can become immediately accessible

Meaning: the whole idea of going through multiple windows clients, doing fancy ad magic, proxy-chaining some stuff can be entirely sidestepped, by accessing the user-data scripts and just look for the passwords
✨😺✨

Check out my blogpost if you like to read up on this in more detail, where to find user and meta-data and thoughts on how to make it a pawsibly a liddle more secure

https://www.rootcat.de/blog/ec2-meta_may23/

I just now found new non-techno beat for hacking, space western 80s style

https://www.youtube.com/watch?v=T_zS2TFmeqo

#hacking #sound