User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > Sophie's OPSEC guide.

Sophie's OPSEC guide.

  1. 2015-10-07 at 6:25 PM UTC
    #1
    Sophie Pedophile Tech Support
    If you want to get into shenanigans but don't feel like getting vanned Sophie's OPSEC guide is for you! Now as we all know TOR is pretty great for anonymity but if you wanna' hax something through TOR it's going to be slow. Take for instance SQLmap, it needs a lot of bandwidth to be of any reasonable speed. Now you could use a trusted VPN but if the NSA/FBI is out to get you they can pull all kinds of crap to make your life difficult even if you use a VPN. So what you do is you download VeraCrypt.

    https://veracrypt.codeplex.com/

    It's based on TrueCrypt but better and is still being maintained, it's basically a fork of the original program with better security. Now what you do is you use it to make a VeraCrypt volume, make it like 40GB. Inside this volume you'll create another hidden volume. After doing so you fill the outer volume with suspicious looking crap that you actually don't care about. This ensures plausible deniability, since in the hidden volume you are going to be installing your favorite Linux distro. With VMware, get VMware player for free here.

    https://www.vmware.com/products/player

    Now the next part will cost you some shekels but will ensure you'll be set. After you install your favorite Linux VM you go to this site:

    http://cryto.net/~joepie91/bitcoinvps.html

    And you pick a VPS host, they all accept cryptocoin and if you take a service say in Russia there will be no questions asked after you shovel over some shekels. Now when you get your VPS you basically have your attack platform. You put everything on it that you may need, Nikto, Nmap, Nexpose, Metasploit, Armitage, Cobalt Strike or whatever scripts/tools your heart desires. You only connect to your VPS via TOR from within your Linux install. Since you're just sending commands to the terminal on the server you won't be bothered by TOR's slow speeds and your VPS will do all the work.

    If you're rich, you could even feasibly hire 10 VPSs and put some DoS scripts on them for a VPS DDoS 'botnet', if you wanna'.

    Furthermore, you NEVER do your ordinary computing tasks, like downloading, e-mail or what have you from within your VM and you never do your haxxing from outside it.
  2. 2015-10-07 at 7:17 PM UTC
    #2
    arthur treacher African Astronaut
    my interests would lie more towards secure, anonymous communication and bankless banking (i.e. cashing out bitcoins anonymously), not attacking or hacking anything. are their scripts for that sort of thing with this setup, or would it be simpler to just do the old 'burner laptop with tails' thing?


    I am not very imaginative when I sit down in front of a computer so I have no concept of what I would ever do with a botnet or any of this stuff that would make me some money. It's like how an ant doesn't know what America is, or something like that.
  3. 2015-10-07 at 7:29 PM UTC
    #3
    Sophie Pedophile Tech Support
    my interests would lie more towards secure, anonymous communication and bankless banking (i.e. cashing out bitcoins anonymously), not attacking or hacking anything. are their scripts for that sort of thing with this setup, or would it be simpler to just do the old 'burner laptop with tails' thing?


    I am not very imaginative when I sit down in front of a computer so I have no concept of what I would ever do with a botnet or any of this stuff that would make me some money. It's like how an ant doesn't know what America is, or something like that.

    Realistically, if all you care for is secure communication TOR would suffice. If you don't want to leave any trace of your activities what so ever, a laptop that boots into tails from a flashdrive would be good. The purpose of the VPS is to ensure good bandwidth for the various tools you wanna' run while ensuring it's not traceable back to your own machine via TOR. Basically a VPS is just a computer that you hire, it can do everything you want but for secure communication you won't need all the bandwidth the VPS can provide. So in that scenario the VPS just acts as proxy and an expensive one at that. While you could easily chain SOCKS if your intent is to hide you're on TOR. Software to chain SOCKS is called proxifier for Windows or proxychains for unix.
  4. 2015-10-07 at 7:37 PM UTC
    #4
    Sophie Pedophile Tech Support
    Also i forgot to mention, the VeraCrypt hidden volume is so that forensic analysis can't be done on your Linux VM so that it's even harder to prove you were sending commands over to the VPS you hired. If you don't have a spare laptop for TAILS, this would be an alternative. But scrape the VPS you don't need it if you're not running high bandwidth tools.
  5. 2015-10-07 at 11:49 PM UTC
    #5
    SBTlauien African Astronaut
    my interests would lie more towards secure, anonymous communication and bankless banking (i.e. cashing out bitcoins anonymously),

    I would also like to know more about this, more so the bankless banking.

    I don't really know a whole lot about bitcoin, but I'd like a nice tutorial on how to use it, as well as other alternatives. The most secure way I know of, is to have someone send the track data from either a gift card or a debit card, write to a card, and then spend/withdrawal the funds. The shared debit card would be good for two people that exchange funds regularly.

    It would be interesting to see vendors selling track data, account data, logins, everything, for prepaid debit card that they took out using other people's PI. Then a person could just buy, change to login and PIN, and have a bank account with a card that could be used at a ATM, for regular business.
  6. 2015-10-08 at 12:40 AM UTC
    #6
    arthur treacher African Astronaut
    From what I understand, a lot of times they cash out by using the bitcoins to buy some shit like second life lindens, then selling those for cash, or some other byzantine, rube-goldberg-esque series of altcoin purchases. Or else they use the old 'I won it at a bitcoin gambling site' excuse.


    If I could get my shit together and actually put some effort into it, I could double my income using the internet. Maybe someday.
  7. 2015-10-08 at 12:46 AM UTC
    #7
    aldra JIDF Controlled Opposition
    isn't joepie that lulzsec guy who narrowly evaded the long dick of the law? fuck him with prison-nigger dicks.
  8. 2015-10-08 at 12:49 AM UTC
    #8
    Sophie Pedophile Tech Support
    isn't joepie that lulzsec guy who narrowly evaded the long dick of the law? fuck him with prison-nigger dicks.

    Lol i agree, fuck lulzsec but even if it is him the list is pretty comprehensive. If all else fails you could probably find a nice VPS host on the derpweb.
  9. 2015-10-08 at 1:07 AM UTC
    #9
    aldra JIDF Controlled Opposition
    I'm actually considering buying a cheap ultralight laptop and getting back into it. it's mostly just been work, drugs, videogames for me lately, though I have at least been doing a fair bit of coding at work.
  10. 2015-10-08 at 1:24 AM UTC
    #10
    Sophie Pedophile Tech Support
    I'm actually considering buying a cheap ultralight laptop and getting back into it. it's mostly just been work, drugs, videogames for me lately, though I have at least been doing a fair bit of coding at work.

    Nice, i've been coding a bit as well lately, well trying to at least, i got the book Black Hat Python and so far it's helped a lot but i think it'll be a while before i'm decent at it.
  11. 2015-10-08 at 5:22 PM UTC
    #11
    Hewfil1 Houston
    Nice nice. Will look more into later.
Jump to Top