User Controls

help i dont wanna get banned again

  1. #21
    Sophie Pedophile Tech Support
    Originally posted by the man who put it in my hood by brute force he means I held him up with a broken glass bottle

    Well if you're going to those lengths to get an account on NiS you really must need one extra.
  2. #22
    he knew my password because it was the same as my minecraft and we shared a minecraft account back in the day
  3. #23
    Sophie Pedophile Tech Support
    Originally posted by spacepantz2 he knew my password because it was the same as my minecraft and we shared a minecraft account back in the day

    Cyber Security 101. Use a different password for every service you use. Preferably different emails too, you can set up relay servers.
  4. #24
    With the vast majority of people, all you need is control of their email account, and then you can see all the places they registered to, and you can use the email account to reset all those passwords. It turns into a genuine smorgasbord.
  5. #25
    Originally posted by ⠀⠀⠀⠀⠀⠀ With the vast majority of people, all you need is control of their email account, and then you can see all the places they registered to, and you can use the email account to reset all those passwords. It turns into a genuine smorgasbord.

    I use a special password for my email that is different that i have never given out and i dont use it on other websites
  6. #26
    Originally posted by spacepantz2 I use a special password for my email…

    Performing a keystroke logger shellcode injection on your device would resolve that problem.
  7. #27
    Originally posted by ⠀⠀⠀⠀⠀⠀ Performing a keystroke logger shellcode injection on your device would resolve that problem.

    you would have to get me to download the keystroke logger then.
  8. #28
    Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named 'Beacon' on the victim machine. Beacon includes a wealth of functionality to the attacker, including, but not limited to command execution, key logging, file transfer, SOCKS proxying, privilege escalation, mimikatz, port scanning and lateral movement. Beacon is in-memory/file-less, in that it consists of stageless or multi-stage shellcode that once loaded by exploiting a vulnerability or executing a shellcode loader, will reflectively load itself into the memory of a process without touching the disk. It supports C2 and staging over HTTP, HTTPS, DNS, SMB named pipes as well as forward and reverse TCP; Beacons can be daisy-chained. Cobalt Strike comes with a toolkit for developing shellcode loaders, called Artifact Kit.
  9. #29
    Aleister Crowley African Astronaut
    Op needs to test for Canadian Rat face disease.
  10. #30
    Sophie Pedophile Tech Support
    Originally posted by ⠀⠀⠀⠀⠀⠀ Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named 'Beacon' on the victim machine. Beacon includes a wealth of functionality to the attacker, including, but not limited to command execution, key logging, file transfer, SOCKS proxying, privilege escalation, mimikatz, port scanning and lateral movement. Beacon is in-memory/file-less, in that it consists of stageless or multi-stage shellcode that once loaded by exploiting a vulnerability or executing a shellcode loader, will reflectively load itself into the memory of a process without touching the disk. It supports C2 and staging over HTTP, HTTPS, DNS, SMB named pipes as well as forward and reverse TCP; Beacons can be daisy-chained. Cobalt Strike comes with a toolkit for developing shellcode loaders, called Artifact Kit.

    Cobalt Strike is pretty useful in a controlled environment. I.E. if you get hired to do some security testing. Cobalt strike is your basic payload generator. Yes it has exploits, yes it has keylogging options, yes it can do reverse connections, yes it has both server and client modes. But for all the neat stuff, you still need to inject a DLL or PE into some vulnerable process, or spawn a process to do so, through legitimate means or otherwise.

    The hard part isn't generating your payload, or even configuring it. The hard part is getting it on target. Obviously there's a lot of ways to do so, but they're not trivial if you are not familiar with these concepts.

    Also, popularity == bad. Every half assed AV has checksums for any variation you can generate. Therefore all your payloads need to be encoded and obfuscated which makes them too huge to use in any classical OS/App vuln, generally. Plus big payloads are a bitch to move around, even if you drop a stager that grabs a base64 encoded payload over HTTP/S. Preferably a payload masquerading as a cert file. But there's more...

    If you wanna do it well the assets and the time you need get exponentially more. Just write your own malware, you can include exploits as Inline Asm in a C program. If you wanna.
  11. #31
    Sophie Pedophile Tech Support
    Oh and we don't need anyone to download anything if we can force the websites you go to to drop/run a payload. Either through XXE, Persistent XSS, or what have you.
  12. #32
    the man who put it in my hood Black Hole [miraculously counterclaim my golf]
    Lanny please respond
  13. #33
    Sophie Pedophile Tech Support
    Originally posted by the man who put it in my hood Lanny please respond

    Why? Lon is pretty good at security.
  14. #34
    the man who put it in my hood Black Hole [miraculously counterclaim my golf]
    My friend would like to post. If you can see auras like mine through people's posts you can see that his is true and honest and I feel that I owe him and effort to restore posting privilege because when I was on meth I wrecked his account

    I am doing what 12 steppers call making ammends but I'm not in a program or doing it to stay sober I am just trying to write my wrongs
  15. #35
    Lil sporty gave me another account for to give op if he wants it to bypass the totalitarian rejeem
  16. #36
    the man who put it in my hood Black Hole [miraculously counterclaim my golf]
    I got an alt for him too but Lanny put a gay enhancement that prevents you from account switching too much and he is over it . The IP ban screen called him a cunt

    This does not help for user retention
  17. #37
    Sophie Pedophile Tech Support
    Originally posted by the man who put it in my hood My friend would like to post. If you can see auras like mine through people's posts you can see that his is true and honest and I feel that I owe him and effort to restore posting privilege because when I was on meth I wrecked his account

    I am doing what 12 steppers call making ammends but I'm not in a program or doing it to stay sober I am just trying to write my wrongs

    Word.
  18. #38
    So, I talked to Lil spotty the admin and got the posting limit tooken off you're account bud
  19. #39
    That was nice of little shitty to do that.
  20. #40
    Sophie Pedophile Tech Support
    Originally posted by I Live In Your Crawlspace Secretly4 So, I talked to Lil spotty the admin and got the posting limit tooken off you're account bud

    I find that hard to believe.
Jump to Top