Notices by kajer (kajer@infosec.exchange)

@ryanc Well, run it another 411 days to test for a suspected memory leak.

chop chop

Got a new one from XDR today

Rare Country Login - Impossible Traveler (SSO)

What happened?

1. User is out of country
2. User connects to Palo Alto Global Protect VPN
3. User, now on VPN, accesses Gitlab

That's it. User in $ext_country , now user is in US-Central, OMGWTFBBQ!!!!?!!?!

Tell me again how AI going for you Palo ALto?!

This stems from a colleague's complaint that XDR's wording for traveling users changes from day to day... 🤦

@nyanbinary That IOC description reminds me of this - https://www.youtube.com/watch?v=HkZNddd9Pxc

tl:dw;

Cannonball team driving so fast, when they stopped for fuel, the AMEX fraud algorithm flagged the transaction as no combination of time/flights+car/distance should have been impossible.

@Viss @cR0w @TomSellers @ryanc

https://ctftime.org/task/1216

@Viss @cR0w @TomSellers

$ROT13 + "=="

:trollface:

@ryanc

@Viss @cR0w @TomSellers @ryanc Why I @'d ryanc

we nerd sniped @ryanc hard one year when doing OpenCTF

@ryanc was NOT amused at the time.

@artemist @kaia

The 2.5 case is way oversized for what is actually in there. All 2.5" ssds i have taken apart to destroy have PCBs no larger than a CF card now.

@ryanc bank Holiday too, so ain't nobody gonna fix it today either

Push to prod Friday on a holiday weekend, nice.

Bank updated the ATM interface, touchscreen no longer works. Wonderful.

@Gargron I find wwith todays shitty player wrappers, trying to go back 5 seconds causes the entire video to start from scratch.

What happened to the 10 minutes I just watched? Gone.

@GossiTheDog

over9000 proxies, and you deploy a cpu based coin miner on the domain controller...

Can't say I'm surprised.

@Viss

@ryanc I already know the password.

@laund @ryanc I has the bare metal, and will happily take your money for a 1 core 500mhz cap with 72MB ram, with 35MB SSD.

@ryanc I am firmly in the 80GB of NPM for 'hello world's is doing it wrong camp.

Although, a VPS is still a bit overkill when having bare metal in a colo is an option. :)

@FritzAdalis @simple_sabotage

I don't get it, what is this about?

@ryanc @cR0w I know at least one of those challenges has hello.jpg as a dependency

@ryanc @cR0w

Lame, the OCTF zVOL is for the 2018 contest, not the 2014 contest... I mean, it makes sense since 2014 was largely infrastructure... 96 POTS lines wasn't going to spawn from a VM

@ryanc @cR0w 2flags1challenge

@ryanc @cR0w That sounds right... We wanted the 90's era gopher but running on FreeBSD 11