Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/kajer/statuses/114553782883455351">kajer (kajer@infosec.exchange)'s status on Friday, 23-May-2025 09:14:03 JST</a><a href="https://infosec.exchange/@kajer" title="kajer@infosec.exchange"><img src="https://gnusocial.jp/avatar/137497-48-20240126000457.webp" width="48" height="48" alt="kajer" style="position: absolute; left: 0; top: 0;">kajer</a><div><a href="https://infosec.exchange/@darfplatypus/114553739709775251" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/299943" title="darfplatypus@infosec.exchange">darf 😈</a></li><li><a href="https://gnusocial.jp/user/321886" title="legacv@infosec.exchange">legacv6</a></li></ul></div></section><article><p><a href="https://infosec.exchange/@darfplatypus">@darfplatypus</a> <a href="https://infosec.exchange/@cR0w">@cR0w</a> <a href="https://infosec.exchange/@legacv">@legacv</a> During the first few years of OpenCTF at Defcon ~16ish we ran an open http server on our network full of linux ISOs.  Stuff like Ubuntu Live images, KALI, etc, including the matching .MD% and .SHA256 files</p><p>but these ISOs were all root kitted with open SSH servers and pre-populated root credentials.  We ran a server that these ISO images did reverse SSH tunnels to, so we had root on nearly every other teams laptops because they all booted off the live ISO we had provided them.</p><p>no points for this, just a lot of full screen shock images.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5093086#notice-9986794">In conversation</a><time datetime="2025-05-23T09:14:03+09:00" title="Friday, 23-May-2025 09:14:03 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@kajer/114553782883455351" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@kajer/114553782883455351">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="http://www.them.no/">Them/Tem nedre – – nær 4000 år med historie</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
kajer (kajer@infosec.exchange)'s status on Friday, 23-May-2025 09:14:03 JSTkajer
in reply to
@darfplatypus @cR0w @legacv During the first few years of OpenCTF at Defcon ~16ish we ran an open http server on our network full of linux ISOs. Stuff like Ubuntu Live images, KALI, etc, including the matching .MD% and .SHA256 files
but these ISOs were all root kitted with open SSH servers and pre-populated root credentials. We ran a server that these ISO images did reverse SSH tunnels to, so we had root on nearly every other teams laptops because they all booted off the live ISO we had provided them.
no points for this, just a lot of full screen shock images.
In conversationabout 2 months ago from infosec.exchangepermalink
Attachments
1. No result found on File_thumbnail lookup.
  Them/Tem nedre – – nær 4000 år med historie

Public

Embed Notice

HTML Code

Corresponding Notice