Router exploitation with Metasploit
Watching https://youtu.be/PdCQChYrxXg?t=1770 again after my first time a a few months after that video came out. Pointing to this section of the video in particular because while a lot is being said about the steps to detection nothing much in terms of the lead up to the first 'smell' of an attack.
Imagine seeing that graph as an alert fatigued analyst. This is where security automation comes in. And yes, I'm going to add a buzzword in it, ML via risk classification engines rather than handmade scoring.
I also plan to write an abbreviated version on vagn.es next week if you're not up to reading almost 80 pages :p
hence, this is what I wrote my thesis about: rubberduckies in a forensic environment
if you wanna read it, it's freely available here:
So it's actually not that cut and dry, because I looked at p4wnp1 and other existing solutions to be used in a forensic setting, but they never seem to really fit my specs.
tired: use existing rubberducky solutions
wired: create a new one in circuitpy 👀
@jerry thank you!
Oh, my new address is https://social.qore.no/users/vagnes
See you there))
I think my instance is stable enough to move to, so I think I will do just that.
Thanks for hosting me this long time @jerry , all the best!
Thank you and My #infosec Hopes For 2019
@R10T Compared to mastodon, it's lighter to run and it's a different technology than I'm used to, which makes it really interesting. I'm not moving for other reasons, just wanted to see how it worked and if I could manage my own instance. infosec.exchange is an awesome place and I've learned a lot here.
@kaniini I had to update the dockerfile bco elixir 1.7, but didn't change it apart from that. Angristan seems like he updated it for web push 21d ago https://github.com/angristan/docker-pleroma/commit/fbfa9f2172aff249b79f2d7afadfec43ed2eb3e4
@kaniini Thanks anyway))
@kaniini I think so, I sat it up with angristan's docker-pleroma guide, although I see in the dockerfile that it only says "CMD ["mix", "phx.server"]". Should it also mention the MIX_ENV here?
@kaniini Thanks! And if it logs "If you wish to enabled web push, please run "mix web_push.gen.keypair" and add the resulting output to your configuration file." even though I seemed to have configured it, is that also normal?