Jump to content
Not connected, Your IP: 3.235.101.141

cm0s

Members2
  • Content Count

    303
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    9

Everything posted by cm0s

  1. watch eli the computer guy on youtube he's got one of the best channels and personally i think he's off his medz which that and of itself is awesum security like anything else, whether for your business or home or stuff in general is all about layers think of a bullet proof vest as example, itz layers also there is the question of the 'threat model' that means what am i defending myself against if i'm defending against say my neighbor's grandmother who is a pro hacker and she has been trying to steal my apple pie recipe to build her empire with, well that's one person or two or three most and probably with limited resources if i'm defending against a state actor or well funded group of fun loven folks then yeah, that is a completely diff threat model even if they are after the same thing, the apple pie recipe plus, goes further, protecting an apple pie recipe is different than say protecting someone in a geo location from human rights violations, so that is sumthin to really keep in mind yer questions are absolutely valid but they are also relative to what your specific threat model is plus, lets not forget and i'll use myself as an example, coz well, i love talken about puppy treats, how am i configd? how am i accessing my box and where to from when etc yeah, itz all fun an gamez till someone loses a packet.... k, i'm gonna go google 'why do i sniff other folk's butts' now....
  2. connect it like giganerd would and you'll be fine bruh
  3. cm0s

    Xabber

    i think i posted this elsewhere but just in case: /load xmpp/load otr/set timestamps off/set use_msgs_window off/set autocreate_query_level none/set autolog off/set window_history off/xmppconnect sumfuknic@xmpp.airvpn.orgenter pass/join lounge@conference.xmpp.airvpn.org/clear/n/q userz_nik/otr init userz_nikto gen key.../otr genkey sumfuknic@xmpp.airvpn.orgto set secret question.../otr authq [who farted ?] u_didto auth with secret answer/otr auth sharedanswer/otr trust/otr finish/wcleave channel/partshow prints:/otr info check stuff/otr contextsirssi_scriptz--->>>show loaded scripts:/scriptload a script:/script load xyz.plunload a script:/script unload xyz.plrun script once:/script exec xyz.pl
  4. don't forget ya can run static, meaning from your router to yer box, take over yer whole local if yer on a 'pentest' distro that's fine and all but truth is just roll yer own and go with one tool at a time i've been playing with this stuff for years and first to tell you, my dd-wrt router does more than i got a clue about learning and understanding how just one box can talk with a printer and back and forth still in awe of it as ya prolly already figured out pentest distros tend to load up a lot of services and tools at boot this is actually the correct config because they are designed to simply 'test' yep you can mod them and all that to roll as a daily driver, nothin wrong with that but actually yer better off just grabben xyz tools you want and starten from scratch, gentoo, arch etc and add yer mcluvn there oh, and don't drop 40 hits of acid all at once, it's bad for the gerbals....
  5. yeah he keeps staring at me starten to scare me a bit...
  6. that's cool ya got a chat room for the forum also nyce
  7. Bill has 90 billion tax free reasons why he luvz your credz wwwwwwwweeeeeeeeeeeeeeee........
  8. cm0s

    Tor or not Tor

    use as many layers as ya can cheerz
  9. i might look into usenet
  10. right now using 1337x.to and demonoid plus pirate bay with heavy css tweax
  11. note: 060417 a tor onion service set to stealth mode is NOT listed in the tor directory and in order for a visitor to access the site they need the 'key' as explained below added to their torrc or torrc file in the tor browser bundle this means your site is not tied to any gen'd hidden service addy and you have full control of the traffic, basically a 'closed' site member only you can not even access the site from the server itself without the 'key' added to the torrc file to me, this is one of the best fucken ways to host a site # # nginx/naxsi | tor website # stealth mode # 022517_edit | arch linux # ----- tor hidden service stealth mode nginx config on arch linux # ----- darknet info: en.wikipedia dot org/wiki/Darknet tor stealth info: whonix dot org/wiki/Hidden_Services deep web info: en.wikipedia dot org/wiki/Deep_Web tor info: en.wikipedia dot org/wiki/Tor_%28anonymity_network%29 stunnel: en.wikipedia dot org/wiki/Stunnel openvpn: en.wikipedia dot org/wiki/OpenVPN airvpn ssl: airvpn dot org/ssl/ nginx info: en.wikipedia dot org/wiki/Nginx web app firewall: en.wikipedia dot org/wiki/Web_application_firewall naxsi: proteansec dot com/application-security/naxsi/ duz/dontz: hongkiat dot com/blog/do-donts-tor-network crenshaw: youtube dot com/watch?v=eQ2OZKitRwc # ----- gen the tor hidden service name... # netctl stop eth0 # ip link set eth0 down # cp /etc/tor/torrc /etc/tor/torrcbkup # nano /etc/tor/torrc at the end add this shit: # ----- ##hidden service site in stealth mode HiddenServiceDir /var/lib/tor/ # HiddenServicePort 80 127.0.0.1:80 HiddenSErvicePort 443 127.0.0.1:443 HiddenServiceAuthorizeClient stealth SUMFUKGROUP # ----- fire up shit... # netctl start eth0 # /usr/bin/tor -f /etc/tor/torrc give couple secs then stop tor... # kill $(ps aux | grep '/usr/bin/tor' | awk '{print $2}') snag the hostname... # cat /var/lib/tor/hostname you'll get sumthin like this: c6yn3YERSITEk3o7.onion u8fAQVZixxxx/kbqTJkzHR # client: SUMFUKGROUP the hostname is to be placed in anyone on tor at the bottom of their torrc file, in the browser bundle usually located: /browser/TorBrowser/Data/Tor/torrc gets added as such: HidServAuth c6yn3YERSITEk3o7.onion u8fAQVZixxxx/kbqTJkzHR on the box running the nginx server you do not need to add it to your /etc/tor/torrc config file but if you are running tor regular without the tbb on another box you do need to add it to your torrc so your 'torified' browser can access the site via the tor network harden the hosts file: h0stz harden the .httaccess: htaxx to config AUR scroll down to 'packer' section run those commands then... # cd /home/build # sudo -u nobody packer -S nginx-mainline-waf example config for tor hidden service/naxsi: # # ----- nginx config -----## user www-data; worker_processes auto; pcre_jit on; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # nginx-naxsi config ## Uncomment it if you installed nginx-naxsi ## include /etc/nginx/naxsi_core.rules; ## # nginx-passenger config ## # Uncomment it if you installed nginx-passenger ## #passenger_root /usr; #passenger_ruby /usr/bin/ruby; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; ## Include for blocking include blacklist.conf; include blockips.conf; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} ####################################################### # # sites-available config: # server { listen 127.0.0.1; root /srv/html/; index home.html; server_name c6yn3YERSITEk3o7.onion; # replace this with your own } # ####################################################### # # sites-enabled: # server { listen 127.0.0.1:443; root /srv/html/; index 1ndx.html; server_name c6yn3YERSITEk3o7.onion ssl on; ssl_certificate /etc/nginx/ssl/yerkey.crt; ssl_certificate_key /etc/nginx/ssl/yerkey.key; add_header X-Frame-Options "DENY"; server_tokens off; location / { try_files $uri $uri/ =404; include /etc/nginx/naxsi.rules; } } server { listen 127.0.0.1; server_name c6yn3YERSITEk3o7.onion return 301 https://c6yn3YERSITEk3o7.onion$request_uri; } # ######################################################## # the config above is set to allow only https traffic often question is 'why do that, tor is encrypted' plus the 'untrusted connection window' annoyance for me itz just a preference, i like layerz and the untrusted window acts as a blocker in a way so config this shit how you want yer shit to roll # mkdir /etc/nginx/ssl # openssl req -x509 -sha256 -newkey rsa:2048 -keyout /etc/nginx/ssl/yerkey.key -out /etc/nginx/ssl/yercert.crt -days 1024 -nodes -subj '/CN=c6yn3YERSITEk3o7.onion' there ya go, a nyce one liner, make sure yer site's domain is after the '/CN' common name make sure in the config that naxsi core rules are uncommented and herez the blakl15t the blokip should be in the config also add this into your /etc/nginx/naxsi.rules: # ------ # Sample rules file for default vhost. # LearningMode; SecRulesEnabled; #SecRulesDisabled; DeniedUrl "/RequestDenied"; ## check rules CheckRule "$SQL >= 8" BLOCK; CheckRule "$RFI >= 8" BLOCK; CheckRule "$TRAVERSAL >= 4" BLOCK; CheckRule "$EVADE >= 4" BLOCK; CheckRule "$XSS >= 8" BLOCK; # ------- this has learning mode OFF which means shit is blocked # systemctl start nginx # systemctl status nginx go to your site's addy try to access a file say: https://c6yn3YERSITEk3o7.onion/blank.html?asd=---- to see if the 'attack' hit yer logz... # tail -f /var/log/nginx/error.log should see something like this: 2016/11/16 15:28:18 [error] 15277#0: *1 NAXSI_FMT: ip=127.0.0.1&server=c6yn3YERSITEk3o7.onion&uri=/blankshit.html&learning=0&total_processed=6&total_blocked=1&zone0=ARGS&id0=1007&var_name0=asd, client: 127.0.0.1, server: c6yn3YERSITEk3o7.onion, request: "GET /blankshit.html?asd=---- HTTP/1.1", host: "c6yn3YERSITEk3o7.onion" that means shit is working mod any of the configz to yer needs, any improvements, suggestions please contact # https://github.com/mariusv/nginx-badbot-blocker https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker http://7bj57iubvkvwe3n4vozvx5qiixm67te4yue76tsdu6l5aeoti342spqd.onion/nav/linux/nginx.html
  12. cm0s

    Linux TCP Flaw

    what LZ1 said cheerz
  13. cm0s

    Linux TCP Flaw

    thatz the good thing about opensource everyone can take a look and help keep an eye on things
  14. Firas22 read your posts wanted to post some links for you that might help you may already know some of this but just in case for hardening firefox: https://airvpn.org/topic/15769-how-to-harden-firefox-extreme-edition/ windows services via blackviper: http://www.blackviper.com/service-configurations/black-vipers-windows-10-service-configurations/ harden tips for win8 take what ya can for 10: http://www.hardenwindows8forsecurity.com/Harden%20Windows%208.1%2064bit%20Home.html major geeks tips: http://www.majorgeeks.com/files/details/destroy_windows_10_spying.html tools for 10: https://bgr.com/2015/08/14/windows-10-spying-prevention-privacy-tools/ minor 'gaming tweaks': http://www.howto-connect.com/how-to-make-windows-10-pc-fast-for-gaming/ i forgot to mention ask someone if having a router like ddwrt and static dns stunnel on your box etc is better for gaming, i don't know, i get uber speeds with airvpn stunnel never use what i got on lots of servers, i don't game or use windows but regardless if it helps ya out with security maybe someone on here knows mohr will be able to answer that cheers
  15. girl was walken by, didn't know she was in the no spin zone.... things got out of hand.....
  16. LOVE the AK-47 survival kit cheerz
  17. cm0s

    Zero Days

    thanx again to everyone cheerz
  18. cm0s

    Zero Days

    got a hold of comcast figured out what i was doing wrong what i was doing wrong was in the ddwrt from my sb6121 moto modem i'd cat 5 to the ddwrt what i was doing was i saw 'dhcp automatic' and made that static not understanding that that was the setting for comcast's side of my local down below i set things as usual to static dns settings blah blah thanx for the help everyone finally got it solid very happy cheerz
×
×
  • Create New...