K. Reid Wightman :verified: 🌻
:donor: :clippy:
K. Reid Wightman :verified: 🌻 :donor: :clippy:The US version of Tank Man is the Hoagie Guy.
K. Reid Wightman :verified: 🌻 :donor: :clippy:"The Hero that DC deserves, but not the one it eats right now."
K. Reid Wightman :verified: 🌻 :donor: :clippy:The US version of Tank Man is the Hoagie Guy.
K. Reid Wightman :verified: 🌻 :donor: :clippy:I just wanna give a shout-out to all the game cheaters out there.
I just bought some pcileech hardware for a research project. It only dawned on me when I got the kit that the biggest buyer of these things are kids that use DMA attacks in order to cheat? I figured that out when the knockoff pcileech hardware I got has a weird USB doohickey, meant to bridge your keyboard and mouse into your PC. The card itself is meant to function as an aim-bot by using DMA and directing this USB monstrosity to aim for you.
I plan to use the card to extract some encryption keys from a computer but hey, this wouldn't be affordable if it were not for the gamers. Or really, for the griefers I guess. Are they still called griefers? I haven't played a FPS in like 15 years...
K. Reid Wightman :verified: 🌻 :donor: :clippy:Anyway. An addendum to the sources of our best technical advances as a species. The list is now:
1) war
2) porn
and the new addition
3) game cheaters
It's actually a relief that something innocuous has made it onto the list.
K. Reid Wightman :verified: 🌻 :donor: :clippy:I just wanna give a shout-out to all the game cheaters out there.
I just bought some pcileech hardware for a research project. It only dawned on me when I got the kit that the biggest buyer of these things are kids that use DMA attacks in order to cheat? I figured that out when the knockoff pcileech hardware I got has a weird USB doohickey, meant to bridge your keyboard and mouse into your PC. The card itself is meant to function as an aim-bot by using DMA and directing this USB monstrosity to aim for you.
I plan to use the card to extract some encryption keys from a computer but hey, this wouldn't be affordable if it were not for the gamers. Or really, for the griefers I guess. Are they still called griefers? I haven't played a FPS in like 15 years...
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange This project did teach me something funny: if infosec doesn't work out for me, I can make a killing by repairing and configuring door/badge control systems.
A couple of the devices I got used which had failed, and I found a ton of forum posts about how door controllers failed in an identical manner. I was able to repair them, all the forum people lamented that the controllers were irreparable according to the vendor and they had to buy new.
There are a LOT of failed boards out there. I can pick them up for $20-50, fix them, and sell them for $500 easily.
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange If I put on my evil hat I could also preload all said repaired boards with some backdoors, lulz. Magic Card to let me into any building? Is possible.
K. Reid Wightman :verified: 🌻 :donor: :clippy:Whee, bugs in badge control systems: https://www.cisa.gov/news-events/ics-advisories/icsa-25-224-02
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange Yeah. I seem to remember some supernerd friends having this argument about email a long time ago. Whether it's considered AV:N and UI:R or not.
I say 'yes' to both because the CVSS specification says that UI includes a "user-initiated process".
By default, Outlook does not start on a computer until the user at minimum logs in to the computer (usually they have to start Outlook manually to boot), which initiate the process.
Reading the CVSS spec is hard though, let's go shopping.
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange You could actually argue this is: AV:N/AC:H/UI:R, high attack complexity because the default configuration of Outlook has no accounts attached and thus does not actually check any email from any server; triggering the vulnerability therefore requires a nonstandard configuration.
CVSS pedantry? In this economy?
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange I am actually super duper confused: AV:L and UI:N and PR:N. That is theoretically an impossible combination.
K. Reid Wightman :verified: 🌻 :donor: :clippy:@cR0w@infosec.exchange You need local access, but no privileges, nor does the user have to click anything.
So if you have code execution on the system, you get code execution on the system I guess. QED.
K. Reid Wightman :verified: 🌻 :donor: :clippy:Things might be awful everywhere right now, but I put a radon detector in my basement and it's been 0.5-0.8pci/L for over a week so that's pretty good I guess.
K. Reid Wightman :verified: 🌻 :donor: :clippy:Gonna write a /cgi-bin handler that gives the result of the 20th prior OS command injection in its response message, just to mess with hackers.
K. Reid Wightman :verified: 🌻 :donor: :clippy:What if we wrote one of those weird crowdinputted /cgi-bin handlers, where it takes one parameter from each request (requests have to come from unique IP addresses and have a unique session cookie), and only after it receives N requests (where N is the number of parameters required) does it execute the handler.