5·
20 days agoLmao this is pretty funny
chingadera
- 21 Posts
- 2.14K Comments
Joined 2 years ago
Cake day: August 3rd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
7·20 days agoYou don’t have to care, you just have to know. And now you do.
4·20 days agoI have a little rinky dink credit union that only has a few locations locally, I got there’s to work. I even got cash app (the most problematic) to work, zelle works through my bank app, venmo works, everything works. You may have to do a setting workaround for your app that allows Google to be unsandboxed for that app only, or at least that is my understanding of what it’s doing.
If I remember right, it was this setting that finally made cash app work, I’m pretty sure my banking app just worked, but if I remember right, that hasn’t always been the case.
2·22 days agoForgive may be a bit generous, at least in a lot of cases, I’d even argue most cases. We knew it was an inevitability with the only choices we had.
Swamp drained? I’m so confused right now.
Only war is class war.
This is also the same thing that makes them vastly different.
We call for the heads of the corrupt on our side instead of worship them.
3·22 days agoThey’re so close to the truth, but they’ll never see it.
3·23 days agoSometimes you just gotta draxlum sclountszts
3·23 days agoVery true. Thanks for the education. SSH to me is just magic portal that lets me talk to my server in my closet lmao
And when you say “can’t know” do you mean it would be impossible to tell strictly through SSH?
I kind of figured it would be a shot in the dark, some scripting could definitely be done to assess that, and even run code per major OS depending on some automated recon.
Let’s say you’ve got that figured out, and the user is running putty on windows as an administrator. Is there anything that could take advantage of that fact?
I feel like this would be way easier/more feasible to run a script on your own machine as a defensive measure like OC mentioned early, but just more asking our of curiosity. I’m not skilled enough to even imagine what to do with this or write it, but I am fascinated by security stuff.
Partially for sure. Other part of this would be somehow executing a command on the attackers machine that originated as their own input, but they wouldn’t be privy to that due to the alias.
I’ve seen some videos where people will willingly let scammers into their machine, and Honeypot them with a file that they execute, typically named like credit card info or bank info or something. But they knowingly click that and open it, I don’t know what needs to be done on the “make this code execute on the attackers machine” part.
If someone is ssh’d into your machine, are there any escalated privileges you’d already have back to their machine because they’ve willingly come to yours?
Is there anything that is specific to ssh that would allow for this? Like a command that would allow something to execute back to the other machine similar to downloading? I’m not well versed just kind of a napkin idea I thought of.
Not quite, PC gets hacked, on hacked machine someone does something like cd, but on that PC cd has been set up as an alias for some sort of command that downloads a malicious executable to the hackers machine and executed it.
That executable very well could be a keylogger, but doesn’t necessarily have to be. It could be be rm -rf --no-preserve-root / or a reverse shell or whatever really.
I imagine cd would be a terrible choice to alias given how much it’s used, but maybe something else more obscure could be used that is frequently used when bots/attackers are rummaging through files for stuff to steal.
Yeah, that wouldve been a great opportunity to get me further interested.
I have never been in a job where “I don’t know” is an acceptable answer, but I’ve always been in a job where “I don’t know, but I can find out for you” always is.
I do friend, I ended up looking into a few years later/have other teachers explain it but I never had that spark about it again
Yeah, turned me off to science at that age too which sucks because I was pretty into it.
I asked my science teacher why and how the periodic table was setup like it was, I got “that’s how it’s setup”
But why, there as to be a reason
That’s just the way they made it
Yeah because they have to have gone by something what is that something
That’s just the way they did, stop asking questions (please don’t fucking learn in here)
Godamn that pissed me off.
Hopefully everyone can start dumping support into Linux for mobile