--- Log opened Wed May 10 00:00:33 2017
05:41 -!- dfused [~dfused@vpn3.dfused.org] has joined #se2600
06:41 <@Dolemite> mr0ning, be0tches and h0ez!
06:42 < dfused> yar
06:54  * aestetix hugs Dolemite 
07:03 < aestetix> so
07:04 < aestetix> The new season of House of Cards has a hell of an act to follow here
07:04 < xray> greetings aestetix
07:04 < aestetix> I mean Trump was too absurd for South Park to parody
07:04 < xray> LoL
07:04 < aestetix> How is Kevin Spacey going to pull crazier shit than Trump has been?
07:05 < aestetix> Seriously. We're all gonna tune in, and he'll do some crazy shit, and we'll be like "yeah but if he did this and this it might be as crazy as Trump"
07:43 < aestetix> so in another channel
07:43 < aestetix> there was a guy who for weeks was bragging about all the chicks he was banging
07:43 < aestetix> and he just got diagnosed with chlamydia
07:44 < aestetix> let's just say he's not hearing the end of it from us anytime soon :p
07:44 < xray> so does this channel actually talk about hacking?
07:45 < aestetix> that reminds me
07:45 < dfused> occasionally dagmar rants about some idiot's android programmign methods.... does that count?
07:45 < aestetix> isn't there a hearing on russian hacking today?
07:45 < xray> yes
07:46 < xray> the yes was regarding dagmars posts
07:59 < xray> looking for NetKotH challenge VMs
07:59 < xray> Windows VMs are usually not a good idea as they consume too much memory.
08:00 < dfused> yeah....and trying to run a win2016 server on a host with only 16g is tough...  i allocated 4g and it struggles quite a bit
08:00 < xray> Metasploitable 3 is Winows 2008 RC2 based so it needs 4GB of memory minimum to build (or it takes several eternities) and 2GB to run
08:00 < xray> exactly
08:01 < xray> I can run most Linux VMs in 512MB and at worst 1GB
08:01 < aestetix> what is metasploitable?
08:01 < dfused> one day I'll be rich and can afford better servers
08:01 < xray> If I get my new servers I'll have 200GB of memory so it will make it easier but the portable version is an 8GB laptop
08:02 < aestetix> god that's insane
08:02 < xray> they are retiring VM servers
08:02 < aestetix> then again I guess memory is getting cheaper
08:02 < xray> It all depends what price I can get them for.
08:03 < xray> actually memory prices have been going up so it is getting expensive to increase the ram in older systems
08:03 < xray> I haven't been able to find a source for used laptops for really cheap or free.
08:03 < aestetix> going up by a noticeable amount?
08:04 < xray> preferably 64bit machines
08:04 < dfused> def
08:04 < xray> in some cases double the costs
08:04 < xray> especially for older (5 years or greater) memory
08:04 < aestetix> That doesn't bode well for software that is written to use lots of memory
08:05 < xray> the sweet spot is one generation old
08:05 < xray> newer or older than that the costs start to creep up
08:05 < xray> I'm building this out my own pocket so I try to keep the costs as close to free as possible
08:06 < xray> I have enough networking equipment (100Mb/s)
08:06 < xray> gig would be nice but not necessary
08:06 < dfused> i want to buy a newer switch though... this one is too old to install newer ios =(
08:06 < xray> all older cisco
08:06 < xray> that is a problem
08:07 < xray> at some point you can't get patches any more and the switch is only usable as a space heater/door stop
08:07 < xray> pains me to throw out perfectly functional hardware.
08:08 < xray> I would love some open hardware based switch technology that uses commodity hardware
08:08 < xray> it's getting closer but not quite there yet
08:08 < dfused> yeah... It works fine for a backend switch in home network, but I'd rather replce with one that could at least load ios 15
08:09 < xray> have you seen this https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
08:09 < PigBot> Title: Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution VulnerabilityCisco Security - CiscoTest Application (at tools.cisco.com) http://tinyurl.com/knosa6x
08:09 < xray> cisco released the patches for the CIA hack
08:09 < dfused> oh yeah just saw that a bit ago today on twitter
08:09 < xray> I have to go through all my hardware and see what is vulnerable and what has patches for it
08:10 < xray> I suppose I could add a vulnerable switch to NetKotH as one of the challenges
08:10 < xray> I think I would have to modify the scoring engine to make that work though
08:10 < dfused> hehe..perhaps, but wouldnt that have the potential to block ppl from even getting to hosts
08:11 < aestetix> wow
08:11 < xray> It would just be a switch on the network with no contestants directly connected.
08:11 < aestetix> https://twitter.com/realDonaldTrump/status/862290442129461249
08:11 < PigBot> Title: Donald J. Trump on Twitter: "The Roger Stone report on @CNN is false - Fake News. Have not spoken to Roger in a long time - had nothing to do with my decision." (at twitter.com) http://tinyurl.com/kdec4ze
08:11 < xray> well that was nice while it lasted
08:12 < xray> back to hacking . later
08:13 < dfused> rgr
08:58 < _NSAKEY> aestetix: RAM prices are a little... Funny right now. Two things are pushing DDR3 prices up.
08:58 < _NSAKEY> 1. DDR4 is out now, and DDR3 production is winding down.
08:59 < _NSAKEY> 2. Toshiba had the whole Westinghouse disaster a few months back. Since it's bad enough to mean that Toshiba might not be viable going forward, and they're one of the makers of RAM chips, that's combining with the basic supply/demand of DDR3 production halting to send prices up.
08:59 < _NSAKEY> A stick that cost me $16 new now costs $24.
09:00 < _NSAKEY> In a more extreme example, RAM that goes in the Dell R210 II series has doubled. It would have cost $200 to max one of those out at the beginning of the year. Now it costs $400.
09:00 < _NSAKEY> That's for 4 8GB sticks, which are some weird variant that didn't see much production. Thus, they're expensive.
09:02 < dfused> supply v demand + speculation = pain in the ass
09:04 <@Corydon76> As KEY mentioned, the issue isn't so much speculation but the after effects of the failure of tangential business units
09:05 < _NSAKEY> http://money.cnn.com/2017/04/11/investing/toshiba-earnings-delisting-westinghouse-crisis/
09:05 < PigBot> Title: Toshiba warns it may not survive its financial crisis - Apr. 11, 2017 (at money.cnn.com) http://tinyurl.com/n59ksl5
09:05 <@Corydon76> In other words, sourcing material from huge multinationals only works when the huge multinational doesn't fuck up.
09:05 < _NSAKEY> Basically, as soon as Westinghouse went "Welp, we're filing for bankruptcy" RAM prices started going up. That's happening all across the board.
09:06 < _NSAKEY> Back around Jan or Feb, I bought 48GB of RAM for my main lab box for $75, and split the RAM that had previously been in it across two other boxes.
09:06 < _NSAKEY> That was a deal at the time. Now, it's such a good deal that only the dollar amount keeps it from being felony theft.
09:07 < _NSAKEY> The sticks that go into R210 IIs were too rich for my blood back then, and now they're over the top.
09:11 < _NSAKEY> Instead, I'll just put drives in them and use them for packet sniffing and maybe IDS duty at PhreakNIC. They don't need a ton of RAM for that.
09:34 < aestetix> btw
09:34 < aestetix> https://www.hackthebox.gr/en
09:34 < PigBot> Title: HackTheBox.gr :: Can you hack this box? (at www.hackthebox.gr) http://tinyurl.com/kspbu94
09:34 < aestetix> did any of you make an account?
10:05 -!- strages [uid11297@gateway/web/irccloud.com/x-bbezofokjwoucaru] has joined #se2600
10:33 <@Dagmar> Considering that most of the sites I've seen doing that are ludicrous?  No.
10:36 < aestetix> I thought the signup process was cute
10:50 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:39f8:d560:cd2c:8f72] has quit []
12:09 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:2177:1aa7:43ed:a620] has joined #se2600
12:10 <@Mirage> "Skype for Business" is such a steaming pile of crap.
12:10 <@dasunt> So what's the cheapest you can register a .com domain for nowadays?
12:13 <@dasunt> Just curious, because a spammer is likely to lose one of their phishing domains because he (a) wasted my time and (b) reused an identity to attempt to rephish the same waters.
12:14 < xray> $0.99
12:14  * dasunt shrugs.
12:14 <@dasunt> Still good enough.
12:15 <@dasunt> Damn, $1 is cheap though.
12:15 < xray> That's a special.
12:15 <@Corydon76> Mirage: Skype is a steaming pile of crap, ever since MS rewrote the servers
12:15 < xray> Use Discord or mumble
12:15 < xray> both free
12:16 < xray> well sort of. You will have to host your own mumble server
12:16 <@dasunt> xray: He may have gotten that for the price, since he had to create a new domain since April.
12:16 < xray> not hard. I have one running on a Raspberry Pi
12:16 <@Corydon76> I haven't heard of a competing decentralized chat server since, though
12:16 <@dasunt> April was when his old phishing domain got slapped down hard.
12:17 <@dasunt> Hmmm, my scammer's identity is that of a U of Wisc sophomore womens track and fielder.
12:17 <@Corydon76> For decentralized?
12:18 < xray> the current going price for .com without a promotional discount is about $9.99 to $11.99
12:18 < _NSAKEY> dasunt: Please tell me you're going to ruin this kid.
12:18 < xray> https://www.domcomp.com/
12:18 < PigBot> Title: Domain Name Price and Availability (at www.domcomp.com) http://tinyurl.com/lfd9roz
12:18 <@dasunt> _NSAKEY: I think the identify is stolen.
12:19 < _NSAKEY> Oh, well that's no good.
12:19 < xray> bet price is $0.85
12:19 <@dasunt> Or I'm dealing with a scammer that does beautiful phishing campaigns and is dumb enough to use their real name and address when registering domains.
12:19 < _NSAKEY> Yeah, because nobody ever lied on whois.
12:20 <@dasunt> Maybe they are that dumb.  But I think this scammer's name is unlikely to be Tahlia.
12:21 < xray> Sounds like an OSINT challenge.
12:22 < xray> Is there a prize for getting a web cam picture from their own laptop?
12:22 < xray> On second thought that would be illegal, so never mind.
12:24 <@dasunt> Now I'm wondering:  Do they even try to investigate/recover money in 419 scams anymore?  Or could a college sophmore actually use her real name and start scamming people with little risk of being caught?
12:47 < K`Tetch> afaik, yes, they try
13:04 -!- ^020d [~^020d@c-73-7-0-87.hsd1.ga.comcast.net] has joined #se2600
13:57 <@Corydon76> If the perpetrator is within legal reach, yes, they go after them.  However, they're frequently operating outside of legal bounds.
13:58 <@Corydon76> OTOH, if they're operating outside of legal bounds, there's no reason someone in State couldn't enlist some black ops to reduce future losses.
13:59 <@Corydon76> Dead Romanians cheat people less than live ones
14:13 < dfused> godfuckingdammit why does simple shit have to be made so complicated.   just trying to add a fucking user to have permission to a s3 folder
14:27 <@Corydon76> Once you get the hang of the permissions, it's actually nicer, because you've got more control with ACLs
14:30 < dfused> that I have to write "code" to assign permissions to a folder is .... just excessive.
14:30 < dfused> how the hell do we think we can make ppl be secure and adapt technologies et al if we make it necessary to take a damn class to do simple tasks
14:33 <@Corydon76> On the plus side, it means that everybody gets the appropriate training, instead of just getting information piecemeal
14:34 <@Corydon76> How many less exploits would we have, if people were taught in school defensive programming, instead of learning those techniques later on, after the product is compromised
14:34 < dfused> bah... it just means that ppl will either do away with it. ppl are lazy, they arent likely to be lured into edu just cause its the right thing to do or because some company makes it necessary to use their tech
14:34 < dfused> then again.... in fairness....S3 isnt really intended for the normal computer users
14:35 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:2177:1aa7:43ed:a620] has quit []
14:35 < K`Tetch> yeah, its for the very abnormal
14:35 < dfused> i just wanted to use it for offsite backup =\   cause its cheap if you dont have a shit ton of data dn dont access it but every 30 days
14:35 <@Corydon76> Not many people really need a CDN
14:35 < dfused> *sigh*
14:36 < dfused> time for a smoke break... ready to punch puppies at the moment.
14:44 <@Corydon76> I hate people who schedule meetings with Standard time zones, when we're on Daylight Savings Time.
14:44 < dfused> if only we'd do away with DST
14:44 <@Corydon76> If the meeting is at 11MST, does that mean you expect me to be there at 12CDT or 1CDT?
14:45 <@Corydon76> dfused: I could deal with that fine.
14:46 <@Corydon76> I'm hoping the guy means 11MDT, because trying to ensure the whole team is available is an annoying exercise, ESPECIALLY since it's around lunchtime
14:47 <@opticron> lunch time here is really stretched, lasts from 11AM to 2:30PM at least
14:47 <@opticron> any meetings planned during that period will have SOMEONE bitching
14:48 <@Corydon76> It's even more fun when at the last minute, your boss, who is the only other person who is supposed to be on the call, and who you expected to lead your side, to say, at the last minute, "Oh, my mistake, I double booked.  You're leading this call now."
14:49 <@Corydon76> Great, now the vendor thinks I'm a disorganized git.
14:49 < dfused> lol thats happned to me on so many occasions
14:49 < dfused> and usually without any prep on what thehell is to be going on
14:50 <@Corydon76> I usually count on my boss to fill time, while I take in the previous responses and try to think through the implications and come up with clarifying questions.
14:51 <@Corydon76> Ah, or the highly technical document that you put together on a file format, which gets "edited for clarity" and ends up being wrong, which you don't have time to correct before the call.
14:52 <@Corydon76> Me, bitter?
14:52 < dfused> naw..... stupid ppl are so taxing on teh mind
15:08 -!- LastChild [~RasPi@c-98-193-192-163.hsd1.tn.comcast.net] has quit [Remote host closed the connection]
15:41 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:91d8:10ea:8743:1065] has joined #se2600
16:03 <@dasunt> Minutes from discovering that Word has kinda sorta regexp for searching to being disappointed:  Less than 10.
16:11 <@Corydon76> Apparently, they didn't learn from PHP's foray into "just to be different" regexp.
16:12 <@dasunt> Imagine trying to develop a regex engine while barely remembering it from Freshmen year of college.  Then imagine getting bored a few hours in and deciding it was good enough.
16:12 <@dasunt> That's Word's.
16:14 <@Corydon76> ereg_replace was finally removed in PHP 7.
16:14 <@Corydon76> "Oh, wait, maybe Perl had a good reason for doing it in that particular way."
17:17  * dasunt falls asleep at work.
18:05 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:91d8:10ea:8743:1065] has quit []
18:34 -!- strages [uid11297@gateway/web/irccloud.com/x-bbezofokjwoucaru] has quit [Quit: Connection closed for inactivity]
19:06 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:2177:1aa7:43ed:a620] has joined #se2600
19:06 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:2177:1aa7:43ed:a620] has quit [Client Quit]
19:50 -!- LastChild [~RasPi@c-98-193-192-163.hsd1.tn.comcast.net] has joined #se2600
19:50 -!- mode/#se2600 [+o LastChild] by ChanServ
22:01 -!- LastChild [~RasPi@c-98-193-192-163.hsd1.tn.comcast.net] has quit [Remote host closed the connection]
--- Log closed Wed May 10 23:15:29 2017
--- Log opened Wed May 10 23:15:46 2017
23:15 -!- Evilpig [~wilpig@wilpig.org] has joined #se2600
23:15 -!- Irssi: #se2600: Total of 34 nicks [15 ops, 0 halfops, 0 voices, 19 normal]
23:15 -!- mode/#se2600 [+o Evilpig] by ChanServ
23:15 -!- Irssi: Join to #se2600 was synced in 13 secs
--- Log closed Wed May 10 23:36:57 2017
--- Log opened Wed May 10 23:37:11 2017
23:37 -!- Evilpig [~wilpig@wilpig.org] has joined #se2600
23:37 -!- Irssi: #se2600: Total of 34 nicks [15 ops, 0 halfops, 0 voices, 19 normal]
23:37 -!- mode/#se2600 [+o Evilpig] by ChanServ
23:37 -!- Irssi: Join to #se2600 was synced in 13 secs
--- Log closed Wed May 10 23:48:18 2017
--- Log opened Wed May 10 23:48:47 2017
23:48 -!- Evilpig [~wilpig@wilpig.org] has joined #se2600
23:48 -!- Irssi: #se2600: Total of 32 nicks [15 ops, 0 halfops, 0 voices, 17 normal]
23:48 -!- mode/#se2600 [+o Evilpig] by ChanServ
23:48 -!- Irssi: Join to #se2600 was synced in 13 secs
23:49 -!- PigBot [~pigbot@96.80.184.101] has joined #se2600
23:53 -!- Shadow404 [~shadow404@wilpig.org] has joined #se2600
--- Log closed Thu May 11 00:00:35 2017