Don't use super cheap VPS providers.
The Githubification of InfoSec by John Lambert https://link.medium.com/eT0PehE0f2
@whonose123 @bcl I’m actually not so worried about him. I’m worried about him taking care of the pets.
@smallsees I always assumed it was obvious to everyone else and I was just the slow one.
@bcl I built an oscilloscope then. He is not the nerd I was.
@m4iler @TheGibson @ryen it’s very difficult to maintain that amount of muscle mass AND have time left for hacking/sleeping/eating.
@m4iler @TheGibson @tinker @ryen it’s all good. This is the fun part. Getting the shell is just opening the door. The tools just help with automation - the magic comes in developing an intuition on where to look for common mistakes/misconfigurations/unpatched vulns (hint: no one patches local priv esc vulns, because YOLO)
@m4iler @TheGibson @tinker @ryen there are often privilege escalation vulnerabilities laying around - editable scripts that run as root, etc. take stock of the system, what is on it, etc, look for vulnerabilities. Get ya pwn on
@m4iler @TheGibson @tinker @ryen depends on what you want to do and what UID you are. If not root/system, tune to elevate! (If you can)
Blog post: Your xkcd passwords are pwned - https://www.unix-ninja.com/p/your_xkcd_passwords_are_pwned
Reading: 12 min
Published: 12/04/2019
@TheGibson I have a feeling I’ll be on a conference call while riding it’s a small world for the 20th time
10th named Atlantic storm of 2019
Podcast: https://defensivesecurity.org
Blog: https://infosec.engineering
Twitter: @maliciouslink
#infosec #security #llamas