-:- SignOff zandi: #soldierx (Ping timeout) -:- SignOff bnistor: #soldierx (Ping timeout) -:- SignOff Kayin: #soldierx (Quit: soldierx web irc client (Ping timeout)) was cisc0 drunk? https://www.soldierx.com/bbs/201009/password-protectprompt-winpe-usb#comment-7729 -:- SignOff cisc0ninja: #soldierx (Input/output error) -:- cisc0ninja [cisc0ninja@omghax-E22BF82D.uvs.rcsntx.sbcglobal.net] has joined #soldierx -:- SignOff LK: #soldierx (Connection reset by peer) where everybody be? hereizzy -:- lattera [lattera@omghax-FCF271BD.hfc.comcastbusiness.net] has joined #soldierx -:- mode/#soldierx [+o lattera] by ChanServ -:- bnistor [bnistor@omghax-EEFAF64B.lightspeed.pewkwi.sbcglobal.net] has joined #soldierx -:- SignOff bnistor: #soldierx (Quit: Leaving) -:- bnistor [bnistor@omghax-EEFAF64B.lightspeed.pewkwi.sbcglobal.net] has joined #soldierx iz here what's going on? not much, rat passwd out b/c nobody got on i've got a headache from hell and may do the same just reconfiguring some shit -:- LK [LK@2CC2232F.F8841E02.4F86F25F.IP] has joined #soldierx -:- Kayin [ad1dd945@omghax-FD3731B6.uvs.rcsntx.sbcglobal.net] has joined #soldierx yo yo heya Kayin how's it going? hey man. it's going. I'm awake now how are you doin doing all right just about to hit the sack ah yea? wasn't there a meeting? no clue it's the only reason i'm still up ouch cisc0ninja just related rat's in bed already great... 2nd time in a row there are not many newb tutorials in the tuts section sorry to interrupt bnistor - try these: http://entropy.soldierx.com/~kayin/archive/ 1. how would someone have found this without you telling them? 2. how old are the files that are in here? i just see things from all over the history of the computer world im not criticizing at all im just asking because if someone didn't know where to begin, i wouldn't want to steer them on the course of irrelevant information there's a lot of good stuff in here it seems there is no such thing as irrelevant information lol but yea. . this isn't public necessarily on the SX website. There is/was a project going to put a UI around it well, i mean as in information that has changed so much that it's now irrelevant to the current meta-information it's also been posted a few times on the forums crazy, i must have missed it somehow that archive is an archive of things i've collected over the last 10 years or so so yes some of it is old in retrospect.. you'd be surprised how much hasn't actually changed in the computer world vs how much has computers are really just a few simple concepts applied over and over and over you're right, i do agree so - you see a lot of new ideas cropping up - but they're usually just old ideas resurrected or reinvented it's kinda like masterbation, only w/o the pay off haha, funny analogy masturbation is a pay off ;-) well, i was going to contribute some stuff, but there's a lot of things to go through on here already also a swordfish quote lol contribute some newbie tutorials? I'd say go for it. yea if you had trouble finding them then obviously others will too there was a number today looking to dual-boot windows and linux and i know there's stuff out there but he came here looking for the info so i was going to write a tut on something simple to read go for it I will applaud you for it you should put some info up about grub2 & windows 7, i've had like 10 ppl asking me about it i could do that I'd be interested in reading something about new boot loader configurations with modern OS's what cisconinja said would be pretty awesome you mean dual booting with grub as the bootloader and having windows 7 or something entirely different? the last time I installed ubuntu I caught my first glimpse of grub2 .. and promptly destroyed my windows partition on accident :) haha i guess i could check, but can we post pics in the forum? yea you can i'd like to show screenshots step by ste step* Everest has done that in a few of his tutorials awesome if you're willing to contribute a little time, there's no reason why we couldn't make you an inductee the only key thing is you gotta keep at it like be active which is where most ppl fall short if you have inductee status i believe you can put them in the tutorials section which is the preferred place obviously oh oh oh - you also have to get me coffee once a day im sure most people would jump at the opportunity, but i don't want to underdeliver and overpromise. let me get one tutorial under my belt and see the feedback from that i don't even know how to make coffee O.O rofl I work at mcdonalds so you can bring it to me there - i'll let you use the coffee machine you gotta think of it more like a frat rather than a cyber gang lol hahaha oh, kayin while i have you here, java versus C/C++ and..... go if rat were here i can just see the words across the screen "yea cyber gang, that's what we did to your sister" lol him and gang banging sisters.... (he has a thing for making jokes about my sister fyi) oooh thats what it was well anyones sister who's decent looking lol bnistor - Java > C++ / end i think it started w/the phrase "so i rooted your gf and didnt use a trojan" LOL ugh haha, awesome lol that's surprisingly a common phrase c OR c# > java OR c++ but why? i read the one post you kinda gave some insight into about it, but RaT mentioned C as a first language. not to throw you guys into a programmer's argument, but i'd like to hear your side kayin and i can both agree on c# as a good starter language or overall actually anything managed ultimately my distaste with c++ stems from it being simply outdated and as a result outclassed if you have c and understand it like really really well, then you'll be like god mode when it comes to learning other things but most ppl dont try for that -:- lattera_ [lattera@omghax-FCF271BD.hfc.comcastbusiness.net] has joined #soldierx 1. it's not true OO in several ways it was a good test bed for OO .. and lets you do OO things -:- SignOff lattera: #soldierx (Ping timeout) -:- lattera_ is now known as lattera my only argument is people not understand memory management and how ppl always throw the argument that java does that for you so you dont have to worry about vulnerabilities, but they dont understand there can still be vulnerabilities w/the way java interprets the code C++ isn't true object oriented? no it's not purists bitch about the fact that you can do multiple inheritance which .. isn't really OO I mainly bitch that it lets you break the OO paradigm too easily and at its core does not follow OO principles. C# and Java were created to solve this so, cisc0ninja, you're saying that although the memory management learning process is difficult, it makes it worthwhile to really know what's going on in the code? cisconinja brings up a good point that java is managed and people misunderstand managed memory for security. Needless to say, managing your own memory is a complete waste of time - effort - and thought these days even Ken Thompson said this manual memory management is just a thing of the past and annoying as hell. does it have any benefit? i think most ppl would agree in saying yes, but it takes a lot longer to learn, most ppl drop out of school or change majors because they don't wanna learn pointers and proper memory management, they sometimes get away with using classes in certain situations but still it's difficult to understand the right way Garbage collectors are sophisticated enough now to keep up with the "efficiencies" gained in manual management so there's really no point in doing manual memory management? not unless you're doing some embedded programming where you have a very limited amount of memory unless you are going to get a phd in information security from mit or berkley then no which today is ... rare yea if you are building your own secure operating system then yes so or if you are programming exploits for a living then yes take a guru C programmer and a guru Java programmer lol, i dont like where this is going the java programmer can put out code faster, that's just as efficient and capable? or, better questions there are other factors than just creating a program that works if one was to enter the field of either penetration testing, what language would suit that better? sure, i understand that. i'm just trying to keep it simplified, and if it can't be that simplified, than so be it C is a very good language that I recommend everyone learn python, perl, things like that, mostly scripting languages for pentesting you go low level and actually have to see how you're arranging bytes, working with the stack, working with fundamental principles inside every application. it's unnecessary if you're building large scale enterprise sized applications or really even a desktop app to do something for you but it teaches you a lot. helps you understand what the higher level languages are doing behind the scenes and also explains why they automated the processes what do you think the programming language of choice of hackers are/is? unfortunately perl if they're younger then python lol but that's a shot in the dark just from what i've seen pentesting is about running other peoples apps for the most part, and being able to create your own small simple apps/scripts, you dont need to know how to reverse engineer software or look for vulnerabilities in code and then write exploits for them if you are pentesting really? i thought for pentesting that's exactly what you'd want to do to be a great pentester maybe my definition is wrong about pentesting it's not really proper time management which im ok with as long as i learn the correct stuff you'd need to know things that you learn from C but typically if you're going to write something you'll use a simpler language if you are pentesting an application then you have to know the programming language, and you should be a decent guru in it, if you are pentesting a company, most companies just want reports of insecurities not necessarily of the software but insecurities come from the ability to exploit software applications, right? not always the problem w/pentesting companies software is you say, i found a vuln function that could allow a remote attacker a shell companies dont give a shit about that, they want to know hardcore, ok, we found this major vuln. in your shit and just got everyones payroll information b/c your firewall is incorrectly configured cisc0ninja's right. Business plays a factor in all of this I think pen testing is overrated maybe, but it might be huge in the near future it's kind of hacking but the purist say, the only real form of hacking is writing exploits in c, but w/all of this "new tech" w/grsec/pax, dep, aslr, emet, etc.. it's hard as shit to do seeing as everybody knows that shit's insecure everywhere nowadays good ol dave has it right who's dave? watch dave aitel's shit on youtube if you havn't seen it already most of what I see out of those security analyses is just sooo nit picky low risk unexploitable vulnerabilities... "you didn't filter hostile javascript out of a text field on this contact form" - yea because that data isn't going to be rendered by an html engine so who gives a shit shit like that basically he says that there is a good chance that exploits are getting harder & harder to pull off so not everyone's going to be worrying about them, and the ppl that know their shit are just going to get better and better and the handful that exist are just going to around rooting everything/everyone and no one will know man i feel like there's so much to learn and i don't even know where to begin anymore haha if you learned something from this conversation then you're going the right direction sorry the shit we're talking is a little over your head, and maybe a little over my head rofl, but it's just the truth -:- SignOff lattera: #soldierx (Quit: lattera) no, it's fine i learned that you can't get better unless you engage with others that are better than you you always have to keep in mind the security vs usability argument i do understand that the more security layers you add, the less usability for the end user more or less i believe much less lol unless you get clever ;-) you have to think about the right ways to implement security like, implementing security that people understand if i turn on dep for these windows users and enable ntlm, then they have 100% more security than a base install which doesn't and they dont affect the user at all the only security that people understand is the security that they don't have to look at or interact with but if i lock down the machine where they can't right click i'm just going to end up pissing ppl off and they're still vulnerable understood man i need to setup a lab or something i've done wep/wpa cracking stuff but that's really easy once you know how to do it which is why everyone knows how to do it lol, well the name l0pht is taken should we call it the n00k oh wait that's in competition w/a kindle rofl lol you've just summed up computers i know, but i hate being at the bottom of the totem pole in anything dude it's a long ride i know well but consistancy is what gets you there i guess im going to start on learning C or Java i guess once i learn one of them, the other shouldn't be terribly more difficult want to know a secret? yes, secrets are good especially if they're relevant programming doesn't have anything to do with syntax lol is it just a matter of how to know what you're trying to do with what you have to work with? more or less like learning a different verbal language? it's methodolgy can you put that into context if you understand how shit works then you can pretty much do it in any language i don't quite understand you just have to understand rules logically, and things like scope it's just writing instructions that a computer will perform to solve a program if you know what a variable is then no matter how you write it it's a variable here: http://entropy.soldierx.com/~kayin/archive/taoprogram.pro.txt read that i will definitely read that that doc is more just funny than anything but it does convey some truth i guess that c# is like mandarin and c is like cantonese in a way what is java? russian LOL awesome lol i read a document the other day that compared programming languages to religions so... do i want to learn cantonese, mandarin or russian... none of the above bnistor you want to learn to communicate ASM :-p so i should take a deeper look at how the processor works with memory instead? it's like reading the book "how to read a book" look at programming basics haha I think we've exceeded our buddhist metaphors for the night lol, yes we have ok learn programming basics, pick a language, learn it in and out and move on there are numbers that are defined as integers, characters, strings, all these things can be variables or staticly assigned data the point is that when you start to program in a language... don't focus on the syntax of the language. Focus on what you're doing to solve the problem so maybe i should find a problem to solve after i learn the basics? yes - exactly take a class on programming if you want, it's not that bad and it's an easy way to get started classes make it easy since they give you projects that you have to complete lol i wouldn't recommend taking multiple languages at once though that didn't end well for me alright i think im gong to start with C maybe it would have been better had the circumstances not been what they were one class in college had me juggling C, ASM, and Java in 1 project.... and after school I'd go to work and code php oh wow jerks lol that's crazy lol so many headaches kayin is also insane =] but he's luckier than me in all fairness the project was a practical one we were writing a driver to a custom device in a lab hmmm man the end user application was in java, the driver was primarily in the C - but the low level communication was ASM i dream of a day when i can leave everything behind and just sit a computer and work on code you guys have given me a lot to think about haha, one day im sure you'll be able to alright, i hate to cut this short, but i have to get up in a few hours for work... again. i really appreciate everything cisc0 actually does leave everything behind and code... but ...... drinks a lot lol (doesn't remember) But do not program in COBOL if you can avoid it. lol yes words of wisdom if there ever were any hahaha ok rofl, true i won't even ask why i'll just believe you guys oh oh oh your first programming language LOLCODE http://lolcode.com/ hahaha everyone always makes fun of me b/c i'm probably one of the least experienced coders even though i've been "looking in to it for years" and my drinking knows no bounds HAI CAN HAS STDIO? I HAS A VAR IM IN YR LOOP UP VAR!!1 VISIBLE VAR IZ VAR BIGGER THAN 10? KTHXBYE IM OUTTA YR LOOP KTHXBYE that's pretty funny lol yes, you declare varibles using "CAN HAS" hahaha that's great and declare loops with "IM IN YR LOOP" lolcode was equated to the scientology religion everyone really hoped it was just a joke... then the realized it wasn't, and were sad scientology religion? sounds like an oxymoron it's an oxymoron lol IM IN YR LOOP (STDIO,STDIO IZ BIGGER THAN 10?, STDIO++); alright guys, im out. thanks again. have a good night everyone idk, just making shit up night lol c-ya later -:- SignOff bnistor: #soldierx (Quit: Leaving) I might as well leave too k, gnite bro goodnight -:- SignOff Kayin: #soldierx (Quit: CGI:IRC 0.5.9 (2006/06/06)) -:- EverestX [Yoda@solderjunkiefumes.org] has joined #soldierx What's up folks. late muthafucker ? YOu out its only 1am brother everyone else is What are you up to man I officially hate Apple less for putting a cake song in the new commercial. brb k back sry lol btw jump on msnger everest u there? any of you ever setup a community site? what are you talking about? like a facebook or myspace clone i'm looking for some free software for that i've tried a bunch but the server i'm using apparently is shitty (this is for a friend) no we dont do shit like that, no need/reason to okay, just thought it was worth a shot Yeah im here sorry got my hands full with soldering iron jump on im really quick or call me im on Whats everyone else up to? kayin & rat are passed out, pirrup's prolly @ wk, havn't seen nights on lattera's been off and on you missed a decent convo about programming earlier, me and kayin explaining basics to some new guy well some of it was advanced lol pirrup do you have access to purchase the same types of phones that we have? like do you guys have a store or soemthing you can just walk in and buy an iphone, droid, or blackberry? i imagine you can just purchase things online, but curious of what's readily available i know i can send you a blackberry, and i'm looking into iphone and droid call it a christmas present =] as long as it's a 4 band phone, should be able to get the same phones there.. but who knows other than pirrup lol idk what the "international" laws are, and i would imagine they operate on different frequencies, also some of the may have crypto idk -:- Connection closed from irc.binrev.net: Success -:- Closing SSL connection