Conversation
Notices
-
Embed this notice
brett (brett@brettiverse.com)'s status on Thursday, 14-Nov-2024 08:13:33 JST 
brett
Last night I made a fake nuclear reactor control system and put it on the Internet for hackers to find.
It's a script implementing the absolute minimum of the VNC protocol to very slowly send a screenshot of a SCADA interface.
I'm logging any keys they try to type and mouse movements they make, and the next stage of the project is to use that data to drive a display in my living room, that'll look like an electronic cloud chamber (using e-paper)
#projects #infosec #tarpit- Jeff "never puts away anything, especially oven mitts" Cliff, Bringer of Nightmares 🏴☠️🦝🐙 🇱🇧🧯 🇨🇦🐧 and feld like this.
-
Embed this notice
Ret (ret@furry.engineer)'s status on Thursday, 05-Dec-2024 05:55:27 JST 
Ret
@vxo @f4grx @brett “…turned a potential Chernobyl into a mere three mile island.”
-
Embed this notice
vxo (vxo@digipres.club)'s status on Thursday, 05-Dec-2024 05:55:28 JST 
vxo
@f4grx @brett
VENT RADIOACTIVE GAS? (Y/N) _VENTING GAS PREVENTS EXPLOSION!
-
Embed this notice
vxo (vxo@digipres.club)'s status on Thursday, 05-Dec-2024 05:55:30 JST
vxo
@brett hahahaha it needs to start flashing menacingly red if someone gets in there and turns off the coolant :D
-
Embed this notice
F4GRX Sébastien (f4grx@chaos.social)'s status on Thursday, 05-Dec-2024 05:55:30 JST 
F4GRX Sébastien
-
Embed this notice
Bruno Philipe (brunoph@breakpoint.cafe)'s status on Thursday, 05-Dec-2024 05:56:02 JST 
Bruno Philipe
@brett fantastic. you should add an easter-egg deep into the UI that references the "vent radioactive gas: yes/no; venting prevents explosion" scene from the Simpsons episode where homer works from home
-
Embed this notice
brett (brett@brettiverse.com)'s status on Thursday, 05-Dec-2024 05:56:06 JST
brett
@brunoph Excellent idea, thank you! -
Embed this notice
Elias Mårtenson (loke@functional.cafe)'s status on Thursday, 05-Dec-2024 05:56:07 JST 
Elias Mårtenson
@brunoph @brett amazing. It shouldn't be limited to an easter egg. It should be easy to trigger. What I would like to know is if an attacker, when pressing said button and getting a warning that a radiation leak is about to happen unless they press some specific button, would they press that button to try to save the situation?
-
Embed this notice
Florian 'floe' Echtler (floe@hci.social)'s status on Thursday, 05-Dec-2024 06:01:59 JST 
Florian 'floe' Echtler
@brett You, sir, deserve an award 👏
-
Embed this notice
Florian 'floe' Echtler (floe@hci.social)'s status on Thursday, 05-Dec-2024 06:02:01 JST
Florian 'floe' Echtler
@brett P.S. perhaps throw a Chernobyl reference in there for good measure, e.g. something like
POWER OUTAGE TEST IN PROGRESS
EMERGENCY CORE COOLING SYSTEM
TURBINE 3 SPINNING DOWNsomewhere in the corner 😈
-
Embed this notice
danimrich@mastodon.social's status on Thursday, 05-Dec-2024 06:02:06 JST 
danimrich
@brett Put a SCRAM button in there and see how often it gets clicked.
-
Embed this notice
Misuse Case (misusecase@twit.social)'s status on Thursday, 05-Dec-2024 06:02:13 JST 
Misuse Case
@brett Atomic honeypot!
-
Embed this notice
Ge0rG (ge0rg@chaos.social)'s status on Thursday, 05-Dec-2024 06:02:19 JST 
Ge0rG
@brett
This is excellent! I'd love to deploy it on some honeypot infrastructure, do you have plans to publish the source? -
Embed this notice
Jeff "never puts away anything, especially oven mitts" Cliff, Bringer of Nightmares 🏴☠️🦝🐙 🇱🇧🧯 🇨🇦🐧 (jeffcliff@shitposter.world)'s status on Thursday, 05-Dec-2024 06:02:26 JST 
Jeff "never puts away anything, especially oven mitts" Cliff, Bringer of Nightmares 🏴☠️🦝🐙 🇱🇧🧯 🇨🇦🐧
@brett @ge0rg code is always OK to release. -
Embed this notice
brett (brett@brettiverse.com)'s status on Thursday, 05-Dec-2024 06:02:27 JST
brett
@ge0rg I might do at some point in the future but I wouldn't hold your breath, most of my projects don't reach the point where the code is okay to release
All GNU social JP content and data are available under the