Collaborate Disseminate
I’ve been trying to find a Safe box for my home that requires more than the standard 4 digit key code to unlock it but I haven’t been successful finding any. Or maybe I just don’t know how to properly search for this particular type of saf… Continue reading Is there a safe box that requires more than 4 digits for the keycode? [closed]
From what I gathered, the gist of XerXes is doing this (snippet in Python):
with socket(AF_INET, SOCK_STREAM) as s:
s.connect((host, port))
s.send(b"0")
simultaneously, i.e. the opening and closing a large number of… Continue reading Would XerXes be effective without sending anything over the connections it opens?
In the eighth episode of the second series of Mr. Robot, Trenton
does this to the video that was recorded by a VHS camera before releasing it to the public via Vimeo.
ffmpeg -i fuxFBI.mp4 -map 0 -map_metadata 0:s:0 -c copy fuxFBI.mp4
From … Continue reading What might one want to accomplish by running ffmpeg -i video.mp4 -map 0 -map_metadata 0:s:0 -c copy video.mp4 in terms of forensics?
I heard recently that WPA2 passwords can be brute forced if somebody captures handshake (which is not very difficult). Can somebody tell if a similar method exists for cracking SSH traffic? I mean some method for brute forcing my password … Continue reading Is brute force for SSH similar to cracking WPA2 handshake?
Is the drone shipped with any operating system? I haven’t found any info here.
Is it all just embedded software without an OS?
How customizable, in terms of software, TB2 is?
Continue reading What OS is the Bayraktar TB2 shipped with? [closed]
An attacker tweaks xerxes by setting the number of CONNECTIONS in xerxes to 1 instead of 8, like so:
#define CONNECTIONS 1
They then attack with xerxes-executable mydomain 433.
Their strategy is to use eight time less connections from eac… Continue reading How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?
The following code:
#!/usr/bin/bash
TARGETS=("nalog.gov.ru" "www.nalog.gov.ru"
"customs.gov.ru" "www.customs.gov.ru"
"ffs.ru" "www.ffs.ru"
"crimea-post.ru" "www.c… Continue reading What other than ping tools might be suitable for overwhelming a server that has disabled its functionality of being pinged? [closed]
What are some of the risks when encrypting “plaintext” with a receiver’s public key?
I have been Googling for hours, and been reading in the Computer Security Principles and Practice 3rd edition.
It’s NOT similar:
In PGP, why not just encrypt message with recipient’s public key? Why the meta-encryption?
When we perform encryption with Public or Private Key, Asymmetric AES with RSA and CBC 128, and when we use the padding as well. Why do we have to bother adding the additional:
Key + IV?
******************
* Encrypted Key *
*************… Continue reading Why bother to generate Key, IV and encrypt them?
I want to run a piece of untrusted code on my machine.
I’ve disabled all syscalls (besides exit, sigreturn, read and write) with seccomp for a process. Now, I’d like to spawn a child process that will execute the untrusted code.