User Controls
Posts by Sophie
-
2022-04-01 at 8:11 PM UTC in Surprise peace treaty in Russian Ukraine negotiationsIs this a joke?
-
2022-04-01 at 7:40 PM UTC in Military Genius Zelensky wants Ukrainians to throw molotovs at Russian tanks
-
2022-04-01 at 7:38 PM UTC in Military Genius Zelensky wants Ukrainians to throw molotovs at Russian tanks
Originally posted by Donald Trump
It's too bizarre. So much about Ukraine is childish and weird and cringe.
Fucking lol. Also that person at the end, yeah yeah, i know we're captives i'm facing the floor alright, don't shoot. But damn my legs are uncomfy, let me slowly adjust my person while you guys play the piano.
I think they might have bigger problems in the immediate future. But you know, you gotta go, might as well be comfortable. I hope they're alright. -
2022-04-01 at 7:21 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME edition
Originally posted by Nile okay, i have my rent, set to meet this guy at 2, hopefully all goes well and no odd twists of fate befall me and i can achieve non-homeless status.
if things continue in such a dare i say upward trajectory, i'll be getting a hand out straight from the pope himself.
…ye
Go to Rome he might wash your feet. Which is the most ridiculous Catholic tradition i have ever had the misfortune of learning about. Yes, yes, you're supposed to be the Vicar of Christ and Christ is humble and loves everyone. But it's such shit optics. -
2022-04-01 at 7:19 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME edition
Originally posted by aldra if I were to make a pair of sap gloves with horse shoes on them, how many people could I beat to death before the police realise that it's not a horse trampling people in their own homes
You can purchase Kevlar lined SAP gloves from the UK for like 40 pounds sterling. Just looks like thick leather gloves. It's very nice, good value for the price tbh. IDK if you're paying the same when they have to ship to down under but i thought it was a steal. -
2022-04-01 at 4:06 AM UTC in Shit, I missed the temple.
-
2022-04-01 at 3:54 AM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME editionDid you know that Open Source Genetic Engineering is a thing? I didn't. That's pretty neat. Nurgle would be proud.
-
2022-03-31 at 10:20 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME editionRussian Indy Folk best Indy Folk.
That's Anna Vorfolomeeva in case you can't read cyrilic. -
2022-03-31 at 10:18 PM UTC in Military Genius Zelensky wants Ukrainians to throw molotovs at Russian tanksThis is totally off topic and unrelated but Russian Indy Folk best Indy Folk.
That's Anna Vorfolomeeva in case you can't read cyrilic. BRB X-posting in TRT. -
2022-03-31 at 9:19 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME edition
Originally posted by mmQ How dieded?
Apparently when the 5-0 broke his windows to gain entry they found him dead on the floor with bruising on the head. He wasn't that old, nor an alcoholic so i'm guessing he had some underlying heart condition, suffered a heart attack or similar condition where a blood clot comes loose and blocks some important veins. Lost consciousness, bumped his head and that was that. Thanks God, that was pretty swell of you. -
2022-03-31 at 9:12 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME editionOne of my neighbors died a few days ago, he was a real problem. Problem solved.
-
2022-03-31 at 8:53 PM UTC in Military Genius Zelensky wants Ukrainians to throw molotovs at Russian tanksWhile Azov proper is currently in big trouble, i do find it interesting how far reaching their influence has been especially the commentary Aldra made on them and pals functioning as Commissars to regular units of multiple branches. How the hell did that happen?
It's also a pretty brilliant strategy of taking over the armed forces of a country with little numbers(Comparatively). Combine this with political elements and good PR. It is reminiscent of how the NSDAP came to power in Germany. By the time Hitler was made Chancellor the entire framework of government had a 'shadow' in the form of a parallel organizational structure from the NSDAP with their distinctive ideological bent.
I've read that Azov has a branch for policing and security duties and that in fact before the war were actively involved in low level police operations alongside the regular police. Think patrols and such. And that's just another example of having a shadow organization ready and waiting.
It is plausible then, that given enough time the NatSoc columns would have at least attempted something similar to an 'Machtergreifung'. Or the complete overthrow of the previous political system. Now that would have been interesting, and i wonder how The West would have reacted if then and only then Russia would have invaded.
Interesting to think about.
Also, thanks Aldra for the SitRep, i mentally checked out of the conflict for like a week and a half because i find 95% of sources to be lacking. Your analysis is always appreciated. -
2022-03-28 at 4:32 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME edition
-
2022-03-28 at 4:15 PM UTC in Server maintenance and security scripts.These days my philosophy is, why use a scripting language to automate anything on Linux when i can just write a shell script which can be expanded with a little config script to run as a daemon or 'start-stop-daemon' or a cron job. In my opinion automating Linux is a job for Bash, even if you prefer not to have a lot of utilities on your machine, BusyBox generally has almost everything you need, including 'awk' and a built in Bourne shell. Even if you need something out of the ordinary to occur you can invoke any scripting language you have the interpreter installed for. Whenever this occurs i just plonk a one liner in there and boom extra functionality.
Now this isn't a thread where i go deep on offensive security with regards to shell scripts, but i got two scripts for you today that are quite convenient.
#!/bin/bash
# Coloring scheme for notfications
ESC="\x1b["
RESET=$ESC"39;49;00m"
RED=$ESC"31;01m"
GREEN=$ESC"32;01m"
# Warning
function warning()
{ echo -e "\n$RED [!] $1 $RESET\n"
}
# Green notification
function notification()
{ echo -e "\n$GREEN [+] $1 $RESET\n"
}
function file_ops()
{ printf "Please be patient while we collect relevant files..."
cwd=$(pwd)
cd $output
mkdir Archive
# Set up array to copy relevant files
while IFS= read -d $'\0' -r file ; do
file_list=("${file_list[@]}" "$file")
# Uncomment line 43 and comment line 44 in order to force the script to look for log files instead
# done < <( sudo find / -name "*.log" -print0)
done < <( sudo find / -mmin -60 -print0)
notification "All relevant data has been collected, processing..."
# Copy files to the specified Dir + temporary Archive directory
for file in "${file_list[@]}"
do
sudo cp -p -f $file -t Archive
done
notification "Archiving data with password..."
cd Archive
7z a results.7z * -p
mv results.7z ..
read -p "Secure delete 'Archive' files and dir? [Y/n]: " choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
# Shred files and delete Archive dir
cd ..
find Archive -depth -type f -exec shred -v -n 1 -z -u {} \; && rm -rf Archive
sleep 1 && clear
cd $cwd
notification "All operations completed."
exit 0
else
cd $cwd
notification "All operations completed."
exit 0
fi
}
# Funtion to handle operations related to a provided directory that does not exist
function dir_ops()
{ read -p 'Create directory? [Y/n]: ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
mkdir $output
stat $output || warning "Could not create directory. Exiting" && exit 0
file_ops
else
warning "Aborted..."
exit 0
fi
}
# Starting function
function main()
{ printf "%b\nWelcome.
This script will copy all files and dirs that were
altered in the last hour to a directory of your
choosing and store them in an encrypted archive.\n\n\n"
read -p 'Enter full path to output location : ' output
printf "%b\n\n"
notification "Checking output location..."
stat $output || dirstat=0
if [[ $dirstat == 0 ]]; then
dir_ops
fi
notification "Directory checked, proceeding with file operations..."
sleep 2
# Call file operations function
file_ops
}
# Check for root
if [[ "$EUID" -ne 0 ]]; then
warning "It is recommeded the script is run as root"
read -p 'Continue without root? [Y/n]: ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
main
else
exit 0
fi
else
main
fi
This script looks for files that have been modified in the last hour, copies them, saves them in an archive and shreds the copies. This is so you can do some forensic work on them to see if any fuckery has occurred. That's the security part. A little bit in the vein of SOC stuff.
This next one i wrote because on some distros when i did apt-get dist-upgrade it wouldn't get rid of any old kernel images, which is a waste of space. I open sourced it, which is why it has a name and a little ascii logo, i like doing that when i put things out as OSS on Github and such.
#!/bin/bash
if [[ "$EUID" -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
function logo()
{ echo " _____ _____ "
echo "| | |___ ___ ___| |___ ___ "
echo "| -| -_| _| | | | | .'| |"
echo "|__|__|___|_| |_|_|_|_|_|__,|_|_|"
printf "\nKernMan - Kernel Management Assistant.\n"
}
logo
function usage()
{ printf "\nKernMan is a script written for the purpose of simplifying Kernel Management.
Select the option 'List' to display all installed kernels Select the option 'Purge' to display
all kernels that can be removed and subsequently do so\n\n"
}
PS3='Please enter your choice: '
options=("Usage" "List" "Purge" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Usage")
usage
;;
"List")
dpkg -l linux-image-\* | grep ^ii
;;
"Purge")
kernelver=$(uname -r | sed -r 's/-[a-z]+//')
dpkg -l linux-{image,headers}-"[0-9]*" | awk '/ii/{print $2}' | grep -ve $kernelver
printf "\nThese items will be deleted.\n"
read -p 'Continue? Y/n ' choice
if [[ $choice == "y" ]]; then
sudo apt-get purge $(dpkg -l linux-{image,headers}-"[0-9]*" | awk '/ii/{print $2}' | grep -ve "$(uname -r | sed -r 's/-[a-z]+//')")
else
echo "Aborted"
break
fi
;;
"Quit")
break
;;
*) echo invalid option;;
esac
done
Figured i'd post these in case they're the sort of thing you find useful to have around.
What i think would be useful if we all posted some of the scripts we wrote to automate security and maintenance tasks for *Nix, then we can have one thread as a sort of catalog for this type of automation. It doesn't have to be Bash, Perl, Lua, Python and Ruby are fine too. Hell even if you have something useful written in C, feel free to contribute. Thanks guys. -
2022-03-28 at 3:39 PM UTC in Why the fuck is she sending me this shit now
-
2022-03-28 at 3:38 PM UTC in The TRT Thread: Its the end of the world as we know it so GET WHOLESOME edition
-
2022-03-28 at 3:06 PM UTC in I need a new e-mail client.
Originally posted by Misterigh I've been considering just using my own email server running on my own physical device. Maybe just use a rPI. I actually did this in the past but my ISP stopped all that.
I would suggest using multiple servers, a couple that act as relays and forward any emails to your main server. -
2022-03-28 at 3:02 PM UTC in Creating Databases From Public InformationAn entity that i run with a colleague of mine has close to a Terabyte of such information. I have multiple Github, Gitlab and Bitbucket accounts plus secure cloud storage that i use for various purposes. I could set up a meeting if you'd like and we could use one of my data storage assets where i will grant you admin privileges where we can exchange data, if you'd like.
-
2022-03-28 at 2:43 PM UTC in Static sites for Hidden Services.Speaking of pentesting, there's a potential vector for click jacking in ISS but it's probably a false positive due to Captchas, they tend to do that, and i also have reason to believe there is a Cross Site Request Forgery vuln, i'll look into it some more and if it's serious i'll report back to you Lon Lon-Chon.
-
2022-03-28 at 2:41 PM UTC in Static sites for Hidden Services.
Originally posted by Lanny I think any CSS framework will work without a CDN, historically it’s just been encouraged because e.g. bootstrap is likely to already be in your cache. Don’t think that holds true for modern browsers anymore though.
Idk tho, tailwind is the hot one. Everyone knows BS. Foundation used to be the cool option for people who thought BS was overused.
I haven’t used a CSS framework in years though. CSS is one of those things where everyone wants something custom and it’s simple enough that frameworks lose their value proposition after not that much custom stuff being piled on top
That's a good point, but as a hacker i am a fundamentally lazy developer lmao. I could write something myself, true.
On a related note. There is an addon for Firefox, Chrome and Brave called Local CDN. It installs the third party CSS stuff locally so your browser doesn't need to waste bandwidth requesting it. Supposedly it makes your browser run faster. Now i am pretty good Node and all it's funky little frameworks, like dev-ext, which is the flavor used to build extensions and addons and i bet i could reverse engineer Local CDN, or just pluck out the stuff that gets loaded locally so i have a wide array to choose from.
Although that seems like a lot of work compared to just writing something simple but effective myself.
Originally posted by Misterigh I'm not sure if it's what you're discussing, but I wrote up a little android app that creates a web forum and it only uses html and css. I ran it for a little while on TOR. It was ghetto, you posted on it and I had you pentesting it.
It actually had quite a few bugs and there were serious security issues on it that I had not noticed at first.
I am planning on hosting it on my smol datacenter/VM lab. And yeah i remember that, good times, i am always up for helping a fellow cyborg out (n_n")
