Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - F1n

Pages: [1]

Beginner's Corner / Ideas for a Security project?

« on: December 05, 2015, 07:16:03 pm »

Hey guys, I've got a couple days to do a small final project for a class, just wondering if anyone's got an idea for something I could write/research in that time that's still somewhat useful or unique. Most kids are doing something like a hash cracker but I'd really like to show off a little or at least bring something new to the table. I think this would be a cool intro to writing my own tools and contributing to the community rather than just imitating and learning from it as well.

Much thanks

General discussion / Re: Anonymous declares war on Isil

« on: November 18, 2015, 06:25:17 pm »

I would liken their vids more to 6 year olds playing dress up than the dramatic revolution they wish it were

It's not like Anons accomplish shit anyways, unless you're HBGary. I'm gonna guess ISIS doesn't coordinate their attacks through 5500 public-facing twitter accounts.

Beginner's Corner / Ultimate "Where to Start" resource

« on: June 18, 2015, 09:04:32 pm »

Sorry for the click-baity title but that's kinda what this is. Came across this fellow's site awhile back, his name's Aman Hardikar and his profile lists a dozen certs and specialties related to InfoSec, working out of Asia and the UK. He's posted 20+ Mind Maps, which are basically visual representations of all info related to whatever topic, from VPN to VoIP to worm/virus classification to forensics and home security. My favorites are the ones for creating a practice hack lab, testing/breaking web apps, and beginning cryptography

There's no tutorials, though he does list URL resources for many of the topics in each map, but that's what google/ebooks are for. This pretty much answers every "Where do I start?" post on this forum, hence the Newbie sub.

Here's the main page url http://www.amanhardikar.com/

Tutorials / Re: Digital Logic Series

« on: June 18, 2015, 08:33:28 pm »

Well you've got the name for it

But really, this is very helpful for the DL course I'm in. Much appreciated

Mobile Hacking / How safe are password managers?

« on: June 08, 2015, 10:31:52 pm »

All the major products (1Password, LastPass, KeePass, etc.) encrypt each stored password with some AES/PBKDF2 combo using a master password as a key, then store the data locally or on some server (usually iCloud or Dropbox). Most claim that the master key is never stored, so I guess that means the user needs to enter it anytime they need to use one of these apps, which also perform autofill on most sites via a browser plug-in and can create custom passwords as well. Other than brute forcing the master password or keylogging the phone, I would assume the best/only way to access the manager app would be an exploit in one of these plug-ins, but I don't know if that could get you into the entire app or just the password to a specific website.

Just wondering if anyone's taken a good look at these apps or messed around with them. Please note I'm not asking anyone to do anything, just wondering if an attack on one of these is plausible. Might do a write-up for a class. The amount of information people put on these things is staggering considering it's all behind a single password.

Also, I thought I hastily posted this earlier today on my way out the door, but I may not have gotten it up after all. If I did and someone took it down for whatever reason, my bad.