timb_machine: @autom8on PS our buspirates and logic analysers are packed, looking forward to some # prompts
timb_machine: @autom8on Thought you were a manager these days :P
timb_machine: RT @migueldeicaza Not sure what we gained by researchers describing the iOS/Mac SSL exploit, other than endangering people.< Lesigh.
timb_machine: @WadeAlcorn Good stuff :) Looking forward to the book BTW.
timb_machine: @sambowne Assume you've seen https://labs.portcullis.co.uk/blog/new-restricted-admin-feature-of-rdp-8-1-allows-pass-the-hash/?
timb_machine: @midnite_runr Yeh, they (do/did) expose it over CIFS too.
timb_machine: @midnite_runr Be interesting to know what their SMB implementation is like.
timb_machine: @4Dgifts LOL. Continuing in their rich history of helping the NSA.
timb_machine: @osxreverser --- @@ -1,49913 +1,49914 @@ +goto success; // definitely not a bug door, firstname.lastname@example.org
timb_machine: @gsuberland I actually wanted to look at hardware attacks on the AIX or HP-UX boxes (but no UNIX)
timb_machine: @gsuberland Has anyone ever taken a mainframe and pwned it hardware style :)
timb_machine: @gsuberland I did promise no more UNIX :)
timb_machine: @gsuberland How about you and I tackle iSeries? cc: @alien8, @44CON, @stevelord
timb_machine: @podskin, @stevelord Hmm, I still think there is joy to be had.
timb_machine: @4Dgifts, @solardiz, @jduck, @grsecurity, @Openwall Didn't see this before but agree. Anyway, TE is the new fresh meat.
timb_machine: @podskin Wouldn't actually surprise me if the bug I wrote up for @portcullislabs is exploitable on 5.2, support wise, it is basically dead
timb_machine: @stevelord, @podskin Or what about this one? http://www.securityfocus.com/bid/12041/exploit
timb_machine: @podskin https://labs.portcullis.co.uk/blog/in-the-lab-popping-cve-2013-4011-for-aix-7-1/ gives a general method for reversing AIX patches.
timb_machine: @stevelord, @podskin What software is running on it?
timb_machine: @stevelord, @podskin Every AIX box is rootable locally IMO. Short of dropping 0days, find a missing patch and reverse it.
timb_machine: @mainframed767 Seems legit :)
timb_machine: @midnitesnake Meh, clearly building a robot army!
timb_machine: @asshurtACKFlags No SSL #makesbabyjesussad
timb_machine: @asshurtACKFlags IO::Socket::SSL, kthx
timb_machine: $panics = 16/363; # Number of illumos-commits that address panic()s.
timb_machine: @gsuberland Arduino USB worked as soon as I removed the WiFi shield.
timb_machine: @__Freakyclown__ The plan is to make it semi regular, there will be more.
timb_machine: RT @gsuberland Hardware hacking evening with @timb_machine, @sqshr, and some others from work. Arduinos, logic analysers, SDR, and pizza!
timb_machine: @nelhage Just a shame that it's being forced down everyone's throats in a way that will likely lead to software no longer support other OS
timb_machine: @k8em0 et al, what's the MS policy if a "less critical" patch supersedes a "more critical" patch regarding ratings of the aggregate fix?
timb_machine: @jduck My Xperia Z (4.2.2 - vendor patches outstanding) isn't. I have some more "interesting" devices that I'll check at the weekend.
timb_machine: OH: "collect2: library libnsatrap not found" < Compiling something on AIX #isitatrap?
timb_machine: @hubert3 Interesting, I'll pass the feedback on.
timb_machine: @gdssecurity Re: HTTP and NTLM, @portcullislabs's hoppy is specifically designed to find these kinds of misconfigurations (and lots more)
timb_machine: @roman_soft 4096 bits good here.
timb_machine: @CoreSecurity Patching and passwords.
timb_machine: @kaepora Reliance on a single platform is dangerous. Did the days of IE 6 not teach you that?
timb_machine: @csoghoian TBH, email is preferred but either way include it in the OSVDB vendor dictionary.
timb_machine: @netsparker Congratulations to you and Niko. Last time I used it, it gave me an unauthenticated local root!
timb_machine: @antagonismorg Probably on a watch list due to one of those degrees :/
timb_machine: unlink("C:\Program Files\XXX\etc\certs"); # $vendor still shipping DigiNotar root CA!?!
timb_machine: @NetNezva, @MarioVilas Slight difference, no one forces you to use those web sites/products.
timb_machine: @AndroidAuth, @collinrm Now you have a new problem, "secure the OTP generator"...
timb_machine: @viprinet Looking forwards to taking a look at the new firmware.
timb_machine: @viprinet Thanks for the kind words for @portcullislabs in your "cutting-edge" release notes.
timb_machine: push(@advisories, $bugs ++); # I see your VPN and I raise you a MiTM: ftp://updates.vipri.net/firmware/cutting-edge/Release_Notes.pdf
timb_machine: @marshray Isn't that anti-fuzzing? cc: @iseezeroday
timb_machine: @ioerror Feel free to submit patches for http://labs.portcullis.co.uk/tools/ssl-cipher-suite-enum/, #sslscan's spiritual successor :)
timb_machine: @ivanristic Oh, didn't know about that. Arbitrary would be better, but all is welcome.
timb_machine: @ivanristic It'd be nice to get the same checks for clients i.e. open a port and let me connect.
timb_machine: @csoghoian We offer PGP with vendors, but too many turn us down.
timb_machine: @stalkr_, @MrPr0pre Makes me sad, @debian may become broken by design. @revskills, we're all counting on you.
timb_machine: @ioerror, @ivanristic Another request, Client checking.
timb_machine: @dive_monkey My fault, try now :)
timb_machine: @dive_monkey DM me :)
timb_machine: @JaredDeMott Companies don't operate extra judicial drones.
timb_machine: @revskills @revskills First job, rm -rf systemd
timb_machine: @DrWhax Edge case, but definitely bugs to find.
timb_machine: @DrWhax http://www.portcullis-security.com/security-research-and-downloads/upcoming-security-advisories/
timb_machine: @self --; // When your PoC fails to trigger
timb_machine: @PHMMcr Fascinating look at Socialism through the ages.
timb_machine: @h8888888t You're about to get taken to the cleaners. Order a new suit to be delivered at closing time before experimenting.
timb_machine: @4Dgifts vendor-sec is dead. linux-distros?
timb_machine: @dcuthbert @portcullislabs have submitted 2, 1 workshop, 1 talk
timb_machine: $mindblown ++; # Open X11 servers, then using Xvnc to actually connect
timb_machine: @jduck Perhaps it's still seen as pissing in your own well?
timb_machine: @matthew_d_green And by fail, I mean device class bugs, not you average Android application
timb_machine: @matthew_d_green Seen 2 examples of certificate validation fail this month alone :)
timb_machine: @hackerfantastic a) We're still due a hackdate and b) UI(n)AF(ield)? cc: @sqshr, @__freakyclown__
SAP Transaction Codes
timb_machine: OH: "...trying to execute code at <4K which is non-executable" < on talking to a vendor about a NULL pointer deref :)
timb_machine: @jduck Nice idea.
timb_machine: RT @portcullislabs SSL endpoints are often insecurely configured, but it's not all about the cipher suites: http://labs.portcullis.co.uk/whitepapers/ssl-certificate-good-practice-guide/
timb_machine: @j0hn__f Nice Cray bug :)
timb_machine: RT @llamasoft_ox ever since I saw emulation I considered my old games to be fortunately preserved history rather than wizened old cash cows
timb_machine: @OSVDB Cool, first bug out of new pipeline. We have a horrible backlog for you and other DBs :/
timb_machine: @OSVDB Since you're awake, did you get our Sophos AV submission?
timb_machine: @notsosecure Should have brought some last week for the @portcullislabs guys :)
timb_machine: @__Freakyclown__ Have you ever played with polymorph plastic?
timb_machine: $geeky ++; @curiousjag is doing @Espruino #blinkenlights whilst I mess around with with NFC writer
timb_machine: @cryptopathe For some femtocell testing a couple of years back @portcullislabs built one out of a biscuit tin and a grilled binl.
Patch to x3270 to make it ignore protected fields, and allow them to be modified. This provided some significant pwnage on an assessment where the mainframe (IMS) application appeared to pass the username from one field to another. I'm still researching
security - Exploitable PHP functions - Stack Overflow
Rechenzentrum Kreuznach - die AS/400-Profis
Configuration of hidden Sendmail SSL/TLS connection options « TriathlonMike
Native Extensions for Perl without Smoke and Mirrors
Deconstructing the Azure Point-to-Site VPN for Command Line usage - Diary Of A Ninja
Cryptographic flaws in Oracle Database authentication protocol | Marcel's Blog
OpenPGP Best Practices - Privacy and Authenticity Ou... - Riseup Labs - Groups - we.riseup.net
HOWTO: Linux NAT in Four Steps using iptables
Project Ouroboros — Reflashing a betemcu USBasp Programmer | Jonathan Thomson's web journal
Changes - ducky-decode - Dawn of the Ducky - a community edition of the Hak5 project USB Rubber Ducky - Google Project Hosting
A brief look at the Acer ChromeBook #2
A brief look at the Acer ChromeBook #1
Dead bugs society
A brief look at the RIM PlayBook
Breaking cpau, a dummies guide
Bypassing the Android pattern lock
Exploiting the Linux linker
Dumping Samba hashes
Defcon 18 CTF qualifiers: who is the h4x13st h4x0r of them all