--- Log opened Thu Nov 03 00:00:52 2016
00:14 < _NSAKEY> RangerZ: Just go to the hotel tomorrow afternoon.
00:14 < _NSAKEY> Ben and I moved all the stuff that matters that was left in Elonka's garage.
00:14 < _NSAKEY> Ben has some of it staged in his garage and will bring that tomorrow.
00:27 <@RangerZ> okay
00:28 <@RangerZ> school schedule pretty much eliminated students from coming, next week is tests in most classes
00:39 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:3459:ece7:f8bc:a607] has quit []
02:44 < aestetix> And the cubs won the world series.
02:44 < aestetix> So literally everything is on fire now.
03:15 < aestetix> hi RangerZ
03:27 -!- sync350 [~sync350@c-73-237-89-90.hsd1.ga.comcast.net] has quit [Ping timeout: 245 seconds]
05:34 -!- xray [~xray@boppity.cc.gatech.edu] has joined #se2600
05:55 < aestetix> https://www.youtube.com/watch?v=UMbQYafZpaM
05:55 < PigBot> Title: Hillary Clinton Should Be Very Worried - YouTube (at www.youtube.com) http://tinyurl.com/z8dpkrc
05:55 < aestetix> this is bad
06:16 < _NSAKEY> aestetix: Without even watching that, anything involving her or Trump is automatically bad.
06:22 < aestetix> there really is no good news right now
06:29 < _NSAKEY> I think at this point, a mass extinction event would qualify as good news by comparison.
06:31 < aestetix> well tbqh
06:31 < aestetix> every time the world has gotten this tense in the past, there has been a world war
06:31 < aestetix> or some major war
07:09 < aestetix> https://www.youtube.com/watch?v=GEEgplXwNWk
07:09 < PigBot> Title: Jon Stewart - Twitter War with Donald Trump - YouTube (at www.youtube.com) http://tinyurl.com/z5qwxax
07:17 < xray> On a lighter note: http://www.blackhillsinfosec.com/?p=5396
07:17 < xray> Bypassing Two-Factor Authentication on OWA & Office365 Portals
07:19 < xray> _NSAKEY: have you seen this? https://pentesterlab.com/exercises/from_sqli_to_shell/meetup
07:19 < xray> Meetup pack for "From SQL Injection to Shell"
07:19 < xray> I just found it this morning. I have added in to my list of CTF stuff to check out.
07:19 < PigBot> Title: [PentesterLab] (at pentesterlab.com) http://tinyurl.com/z5hluze
07:19 < aestetix> you know
07:19 <@brimstone> that's what i used last phreaknic
07:19 <@brimstone> there's a buuunch of those xray
07:19 <@brimstone> all pretty darn good
07:19 < aestetix> I'm tired of all these CTFs that don't release their images
07:20 < aestetix> it makes me wonder if they just use the same images over and over again
07:20 <@brimstone> xray: you know about vulnhub, right?
07:20 < _NSAKEY> aestetix: Then you're going to be tired of mine, because I hand-rolled a lot and don't feel like publishing gigs upon gigs of images.
07:20 < _NSAKEY> And yes, I plan to re-use mine from year to year if possible.
07:20 < aestetix> _NSAKEY: but then how do you handle writeups?
07:21 < aestetix> oh nice there are some new images on vulnhub
07:21 < _NSAKEY> aestetix: I would be shocked if someone did a write-up about this year's NetKotH.
07:22 < _NSAKEY> There's also the fact that part of my images are VirtualBox VMs (Acceptable) and KVM-based images (Which sites like VulnHub just don't seem to do).
07:25 < aestetix> well it's just
07:25 < aestetix> it seems like there is a CTF every weekend
07:25 < aestetix> but I have no time for that shit on the weekend
07:25 < aestetix> I want to just download one and play with it when I have time
07:25 < aestetix> but they never post the images
07:26 < _NSAKEY> I did, however, give OVAs of all my VirtualBox work to Jesse and NotLarry in case I get hit by a bus or something.
07:29 <@brimstone> _NSAKEY: you caught up with Jesse before tonight?
07:29 <@brimstone> nice
07:35 < _NSAKEY> brimstone: The answer to that is a resounding "lol, no."
07:36 < _NSAKEY> He just materialized Thursday night last year. He didn't even provide a means of contact.
07:36 < _NSAKEY> If he's coming again this year, I expect him to materialize again.
07:36 < _NSAKEY> I've chalked that up as just being the nature of that particular beast.
07:41 <@brimstone> heh, ok
07:43 -!- Dolemite [~scott@96-38-108-153.dhcp.jcsn.tn.charter.com] has joined #se2600
07:43 -!- mode/#se2600 [+o Dolemite] by ChanServ
07:43  * aestetix hugs Dolemite 
07:43 <@Dolemite> mr0ning, be0tches and h0ez!
07:43 <@Dolemite> back off, buster.  No hugs before greetings.
07:43 < aestetix> sorry I was excited and you are a slowpoke
07:44 <@Dolemite> I had to go let the vampires pull blood out of me for my physical this morning
07:44 <@Dolemite> And nothing to eat or drink since last night
07:44 < aestetix> getting an STD test?
07:44 <@Dolemite> If only there were a Chick-Fil-A on site...
07:45 <@Dolemite> aestetix: Yep, working on a new record!
07:54 < xray> sorry I was AKF. I have a link to vulnhub but I haven't explored it yet. I should be getting back into CTF design in the next month.
07:54 < xray> I have been down due to illness for over half of this year.
07:55 < xray> I know there are ways to do vm image conversions.
07:56 <@Dolemite> From what format to what format?
07:56 <@Dolemite> I've done vmdk to qemu recently and it was fairly trivial
07:58 < xray> Most of the CTFs are jeopardy style and require a lot of engineering and in some cases use licensed operating systems and software. Typically this kind of CTF is for experienced pentesters or CTF teams who do writeups so the challenges are only good for a single use.
07:59 < xray> So they don't publish ISO's
08:00 < xray> NetKotH is an entry level training CTF with just enough competition to to up the excitement level.
08:01 < xray> NetKotH will never rival a CTF like DEFCON.
08:02 < xray> The other advantage of NetKotH is that it is simple enough for a high school computer class to setup on old hardware.
08:03 < xray> Converting a virtual machine from VirtualBox to KVM
08:03 < xray> http://cheznick.net/main/content/converting-a-virtual-machine-from-virtualbox-to-kvm
08:03 < PigBot> Title: Converting a virtual machine from VirtualBox to KVM | Chez Nick (at cheznick.net) http://tinyurl.com/c3nomzr
08:03 < _NSAKEY> xray: Where I had trouble in converting virtualbox to KVM was with the XML files.
08:04 < _NSAKEY> I ended up building templates of the OSes by hand in KVM, then just modding copies of the XML files after converting VirtualBox disks.
08:05 < xray> I haven't done a conversion in some time. I can see if I can come up with a process (may need to write a tool). It would be useful if NetKotH could use images of any type.
08:05 < _NSAKEY> Jesse was going to convert the OVAs I gave him to qcow2. Of course, I won't know the progress of that until tonight at the absolute earliest.
08:06 < xray> Here is a process written in April of this year.
08:06 < xray> https://utappia.org/2016/04/20/how-to-migrate-virtual-box-machines-to-the-kvm-virtmanager/
08:06 < PigBot> Title: How to migrate your Virtual Box machines to the KVM-VirtManager (Part 2) | Utappia (at utappia.org) http://tinyurl.com/hzflmxx
08:06 < _NSAKEY> I'm going to bookmark that and tackle it some time after the con.
08:07 < _NSAKEY> Hmmm.
08:07 < _NSAKEY> Yeah, that's how I convert the images.
08:07 < xray> He is using a two step process
08:07 < _NSAKEY> The problem is still with the XML files.
08:07 < _NSAKEY> Doing the disk image conversion is easymode.
08:08 < xray> Aren't the XML files the state information for the snapshots?
08:08 < _NSAKEY> The disk image is just the disk. The XML file specifies how many cores, how much RAM, etc.
08:08 < xray> I'll have to do some experiments.
08:08 < _NSAKEY> That's why I rolled templates and made backup XML files.
08:09 < _NSAKEY> Then I could just edit a copy of the relevant XML file, then do "virsh define lol.xml"
08:09 <@Dolemite> Yeah, the easiest thing is to create a VM with the same properties in your target and then just convert the disk image over
08:09 < xray> My list of NetKotH research is starting to get big.
08:09 < _NSAKEY> Another thing to remember is to rm the uuid XML tag from any VM templates you have. That gets auto-generated upon import, and having matching UUIDs for disks will make virsh cry.
08:23 < aestetix> well that was interesting
08:23 < aestetix> just had lunch with a bunch of colleagues who grew up in the DDR
08:24 < aestetix> at one point they asked if I am religious, because they were all raised with the religion of communism
08:24 < aestetix> Berlin is a very very strange city
08:25 < _NSAKEY> This made me laugh an unreasonable amount. https://whispersystems.org/blog/giphy-experiment/
08:25 < PigBot> Title: Open Whisper Systems >> Blog >> Signal and GIPHY (at whispersystems.org) http://tinyurl.com/j9gddmv
08:25 < aestetix> _NSAKEY: yeah that makes me really wonder who the target market of Signal is
08:26 < _NSAKEY> I love how they treat the transmission of traffic between their servers with giphy with the utmost seriousness.
08:26 < aestetix> _NSAKEY: have you seen The Lives of Others?
08:26 < _NSAKEY> No.
08:27 < aestetix> I'm just wondering how people whose lives depend on secret communication for whatever reasons.... feel that the highest priority is the ability to send stupid animated gifs from giphy to each other
08:30 < _NSAKEY> aestetix: It's clearly a ploy to drive adoption by normal people.
08:31 < _NSAKEY> People who actively give a shit about secure comms won't give a shit about giphy integration.
08:32 < xray> memes can be worth a thousand words. My OPSEC is bigger than theirs http://giphy.com/gifs/12CRfYSyul9S5G
08:32 < xray> That too.
08:32 < xray> OPSEC is all about being functional. Work it must, look it may.
08:32 < xray> I agree that it probably has to do with marketing.
08:33 <@rattle> OPSEC is 95% not being lazy.
08:34 < aestetix> but yeah, having a German look at you and ask rather bruskly "Sind Sie Katholikishe?" in an almost Nazi like voice....
08:34 < aestetix> I know they are no longer Nazis, but it is hard to remove the effects of propaganda
08:34 < aestetix> you know what we need
08:34 < aestetix> the Donald Trump guide to opsec
08:34 <@rattle> Bigly.
08:35 <@rattle> The giphy thing is actually sort of funny.  The threat intel community loves gifs.
08:35 <@rattle> And I bet multiple opsec failures have involved gifs.
08:35 < aestetix> Maybe it could be used for TCP/giphy tunneling
08:39 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:d549:625e:62e5:83c2] has joined #se2600
08:45 < aestetix> I'm still confused how someone who claims to be a free market capitalist hates NAFTA
08:46 < aestetix> I hate NAFTA, but I'm a more nuanced capitalist :)
08:46 < aestetix> Since I'm also rather pro nation-state and against globalization
08:46 < _NSAKEY> aestetix: Your problem is expecting logic in the election cycle. You need to correct this ASAP.
08:48 < aestetix> well I heard a theory that NAFTA was actually a Reagan idea that Clinton was forced to sign
08:48 < aestetix> which kind of made sense, until I went and watched videos of a debate between Al Gore and Ross Perot
08:48 < aestetix> where Gore was very very pro NAFTA
08:55 < _NSAKEY> Hey, can I ask those of you with Twitter accounts to report this guy for spam?
08:55 < _NSAKEY> https://twitter.com/iTravisPastrana/status/794176160221511680
08:55 < PigBot> Title: Johnny Knoxville on Twitter: "@x_SimplyNoellee --> TONIGHT AFTER THE TALENT SHOW! PHREAKNIC! APES TAKING OVER! MAIN EVENT! 1719 S IRBY STREET https://t.co/DbShrWgvba" (at twitter.com) http://tinyurl.com/zjg7o7x
08:55 < _NSAKEY> He's currently flooding people with that same tweet..
08:56 < aestetix> you should ask him what it was like bungee jumping in the porter potty
08:57 < _NSAKEY> He's clearly too much of a dipshit to understand that reference.
08:58 <@Evilpig> _NSAKEY: you have to get used to those seeing as how atlanta has Freaknic and a few of them think they are being clever spelling it phreaknic
08:59 < _NSAKEY> Evilpig: I already bullied an event in NYC into fucking off from using #phreaknic. They started using #phreaknicnyc after I decided that we were taking that particular hashtag back.
09:00 < _NSAKEY> Still, I would like to see this guy get silenced on Twitter. Sure, I could mute him, but getting him banhammered for spam (Which he's actually doing) would be funnier.
09:01 < aestetix> you should ask him if you'll see him at the next donald trump rally
09:05 < _NSAKEY> aestetix: Consider it done.
09:07 < _NSAKEY> Given that twitter is a haven of SJW scum, I half-expect to lose my account by the weekend.
09:12 < aestetix> then you can bring your case to their trust and safety council
09:13 < _NSAKEY> I think it's a moot point now. He blocked, and at least 4 people have reported him for spam that I know of.
10:51 < xray> Actually it's Freaknik https://en.wikipedia.org/wiki/Freaknik and it hasn't been hosted in Atlanta since about 1996 and since 2010 it is no Freaknik related events are allowed inside the city limits.
10:51 < xray> s/it is//
10:51 < PigBot> Title: Freaknik - Wikipedia (at en.wikipedia.org) http://tinyurl.com/z72qlo9
10:51 < xray> PigBot is a bit slow today
10:53 < _NSAKEY> It's a bot made of pigs. I wouldn't expect speed from such a thing.
10:55 < aestetix> I guess the fetish scene in atlanta died?
10:55 <@Dolemite> Probably long before the demolition of Masquerade
10:55 < xray> You mean gridlock with drunken naked people.
11:19 <@Evilpig> ruby and nginx are the work of the devil
11:40 -!- benthemeek [~Thunderbi@zixgateway02.nhccare.com] has quit [Remote host closed the connection]
11:40 -!- benthemeek [~Thunderbi@zixgateway02.nhccare.com] has joined #se2600
11:40 -!- mode/#se2600 [+o benthemeek] by ChanServ
11:47 < aestetix> Evilpig: you mean nginx and passenger
11:47 <@Evilpig> I mean whatever the fuck this garbage is, sucks
11:47 < aestetix> well, nginx, passenger, rails, and then ruby
11:47 <@Evilpig> chef is involved too
11:48 <@Evilpig> we're working on getting a gitlab instance up and running.
11:48 <@Evilpig> I've been fighting with the ldap auth all morning
11:49 < aestetix> so one downside of learning german
11:49 < aestetix> Rammstein is suddenly no longer anywhere near as dark
11:49 <@Evilpig> they're still bad asses that used to set themselves on fire on stage
11:50 < aestetix> as badass as gg allin?
12:16 <@rattle> GG is sort of a sad story.  I'm friends with a few of the Murder Junkies.
12:17 <@rattle> When it comes to crazy performances, based on stories I've heard, Butthole Surfers deserve the prize.
12:22 <@Dolemite> moreso than Jim Rose Circus?
12:35 < aestetix> how is GG a sad story?
12:35 < aestetix> I only know of the fucked up stories
13:28 <@rattle> It's a long and hard to explain tale.  GG was a fucked up guy.
15:27 -!- Dolemite [~scott@96-38-108-153.dhcp.jcsn.tn.charter.com] has quit [Quit: leaving]
15:54 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:d549:625e:62e5:83c2] has quit []
17:43 < aestetix> oh boy
17:43 < aestetix> _NSAKEY: are you the one that mentioned the Lolita Express?
17:43 < aestetix> http://truepundit.com/breaking-bombshell-nypd-blows-whistle-on-new-hillary-emails-money-laundering-sex-crimes-with-children-child-exploitation-pay-to-play-perjury/
17:43 < PigBot> Title: BREAKING BOMBSHELL: NYPD Blows Whistle on New Hillary Emails: Money Laundering, Sex Crimes with Children, Child Exploitation, Pay to Play, Perjury | True Pundit (at truepundit.com) http://tinyurl.com/jfsuvgg
17:45 < aestetix> I'm guessing 99% of that article is bullshit
17:45 < aestetix> but it's worth pointing out that until the FBI releases the emails, more articles like that will come out
18:49 <@Dagmar> It would be super-duper if even some of that panned out tho
19:39 <@RangerZ> that article is complete BS, the original source is cited as "a source familiar with the investigation" not "an FBI agent"
19:40 <@RangerZ> clintons haven't done anything illegal, they always skirt the line of legality, but stay on the legal side
19:40 <@RangerZ> but everyone in power does that
19:40 <@RangerZ> and the only thing he's ever been caught on has been on lying about having sex
19:40 <@RangerZ> err...bj
19:40 <@RangerZ> but w/e
19:42 <@RangerZ> I still hope that she gets elected... but only because I expect her election to stop ANYTHING from happening... and honestly that is better than what the fuck the GOP has shown they want to do
19:42 <@RangerZ> nothing vs backwards
19:46 <@RangerZ> and on lighter note: https://twitter.com/yuris/status/794223356019023872
19:46 < PigBot> Title: Yuri Sagalov on Twitter: "The first half of my MacBook Pro has arrived https://t.co/KSVesOMGg2" (at twitter.com) http://tinyurl.com/zsk4aet
19:47 <@RangerZ> glad to see he had to buy... what... 5 dongles... to make his new laptop useful
20:49 -!- pirateklixa [uid861@gateway/web/irccloud.com/x-ujpygraxeappwsgl] has joined #se2600
20:49 -!- mode/#se2600 [+o pirateklixa] by ChanServ
20:57 <@Dagmar> AS needs a "push this to both my damn devices" option
20:57 <@Dagmar> FINALLY making forward progress again
20:58 <@Dagmar> RangerZ: The sheer number of log statements I put in earlier to figure out WTF was causing a double-trigger... you'd think my logcat was inhabited by an unmedicated schizophrenic
21:05 <@RangerZ> then you should switch to logback and slf4j
21:06 <@RangerZ> allows you to put log statements in everywhere
21:06 <@RangerZ> and then configure them via xml file for production
21:07 <@Dagmar> Fucking dialogfragments
21:08 <@Dagmar> FUUUUUUUU-UUUUU-
21:37 <@Dagmar> MOTHER FUCKING FINALLY
21:54 <@Dagmar> RangerZ: zxing docs kind of leave out that if you don't do a super.onActivityResult() (their example _doesn't_) it will burn you later when you try to use fragments for anything
22:04 < strages> how's everyone doing this Phreaknic eve
23:17 <@RangerZ> slept through the 'in'
23:17 <@RangerZ> laid down for 'power nap' at 1pm, woke up at ~6pm
23:18 <@RangerZ> okay... apparently staying up to finish writing these damn assignments has cut into my sleep 'a bit'
23:18 <@RangerZ> lol
23:52 -!- fie [root@societyglitch.com] has quit [Remote host closed the connection]
--- Log closed Fri Nov 04 00:00:54 2016