Notices by kajer (kajer@infosec.exchange)

@elfin @Viss @ryanc @sycophantic

User-agent: *
Disallow: 42.zip
Disallow: *

@elfin @Viss @ryanc @sycophantic Shamelessly stolen from https://github.com/iamtraction/ZOD as I don't have time to do webadmin BS while also arguing that emails are excellent meeting replacements.

@elfin @Viss @ryanc @sycophantic

not malicious

you ignore robots.txt and get a zip bomb, that's on you.

@ryanc @sycophantic safe_file.exe.zip.pdf.mp3

@ryanc I read that too, thought it was funny.

seemed similar to Zoom doing return to office.

How do I tell the bots that my web server is not hosting wordpress?

Just replied to the meeting organizer that this meeting sounds like it's still in the email stages.

ew

vendor meeting tomorrow at 8am

THEY USE CHIME

@tk @doskel

The system, is down.

@kevie @beersofmastodon

It was a wonderful time! I'd go back in a heartbeat. The Tow driver got us in touch that night. Funny thing was, that exact rock was a known hazard that the tow driver has rescued plenty of people prior to my run-in. The tow driver was petitioning the council to remove it. That was 2015.

@kevie @beersofmastodon

I loved Stornoway when I was on the outer islands. Until i clipped a rock near the Isle of Harris gun club and had to be towed back to Stornoway, on a sunday with 2 flat tires.

Cheers to the owner of Stornoway Spares at 8 Bells Rd. for getting me fixed up on a Sunday evening so I could get back to Tarbert to make the morning ferry.

Also, I happened to be there the weekend they converted the airport to a drag strip. So much fun that night!

@ryanc 3des is where it's at

@ryanc it's forced read receipts

cool, cool, the ISP for the transmitter site gave us a /29 net block. But..... 3 of the addresses in "our" block are in use by other customers,.. Windows IIS default page... Sophos VPN portals...

seems like "our" /29 is not ours. FUN!!!

@ryanc @darfplatypus @cR0w @legacv

@darfplatypus @cR0w @legacv During the first few years of OpenCTF at Defcon ~16ish we ran an open http server on our network full of linux ISOs. Stuff like Ubuntu Live images, KALI, etc, including the matching .MD% and .SHA256 files

but these ISOs were all root kitted with open SSH servers and pre-populated root credentials. We ran a server that these ISO images did reverse SSH tunnels to, so we had root on nearly every other teams laptops because they all booted off the live ISO we had provided them.

no points for this, just a lot of full screen shock images.

Holy fucking shit Broadcom:

As no new order(s) for subscription licenses and support services has been executed between the parties, Support
Services are no longer available for the perpetual Software listed in the Order(s) and such Software licenses deployed
in your environment are running unsupported.
VMware, therefore, immediately demands that all use of Support Services associated with VMware Software, including
Maintenance Releases/Updates, Minor Releases, Major Releases/Upgrades extensions, enhancements, patches, bug
fixes or security patches (with the exception of zero-day security patches for vSphere 7.x and 8.x, CVSS score greater
than or equal to 9.0, so long as those are generally provided by VMware at no cost) be ceased.
The implementation of any of the aforementioned (excluding select zero-day patches as defined above) past the
Expiration Date must be immediately removed/deinstalled. Any such use of Support past the Expiration Date constitutes
a material breach of the Agreement with VMware and an infringement of VMware’s intellectual property rights,
potentially resulting in claims for enhanced damages and attorneys’ fees.
Additionally, Customer must comply with any post-expiration reporting requirements related to the Order(s) and
governing license agreement. Failure to comply with such requirements may result in a breach of the Agreement by
Customer and VMware may exercise its right to audit Customer as well as any other available contractual or legal
remedy.

@ryanc @Viss https://old.reddit.com/r/itrunsdoom/ is another place of weird doom ports.

I personally liked the Cisco CDP hack to then get a java applet running on a 8841 phone.

@ryanc I used a ATS02= command prior to connection, your hax wont work here!

ATH0