--- Log opened Tue Nov 14 00:00:46 2023 04:38 -!- opticron [~opticron@136.53.58.220] has quit [Server closed connection] 04:38 -!- opticron [~opticron@136.53.58.220] has joined #se2600 04:38 -!- mode/#se2600 [+o opticron] by ChanServ 06:05 <@Dolemite> mr0ning, be0tches and h0ez! 06:14 < Evilpig> https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/ 06:14 < PigBot> In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica (at arstechnica.com) https://tinyurl.com/yuqugow3 06:15 < Evilpig> y'all see this yesterday? 06:16 <@Dolemite> Yeah 06:48 * aestetix hugs Dolemite 07:54 <@Dagmar> Yeah. _Not_ amused. Having to read the whitepaper is pissing me off 08:42 -!- jb7od [~jb7od@mfphmusic.com] has quit [Server closed connection] 08:42 -!- jb7od [~jb7od@mfphmusic.com] has joined #se2600 08:43 -!- mode/#se2600 [+o jb7od] by ChanServ 09:31 -!- Mirage [~mirage@ra.thehippo.net] has quit [Server closed connection] 09:31 -!- Mirage [~mirage@ra.thehippo.net] has joined #se2600 09:31 -!- mode/#se2600 [+o Mirage] by ChanServ 10:16 -!- nihil- [~nil@142.171.116.71] has quit [Quit: No Ping reply in 180 seconds.] 10:17 -!- nihil [~nil@142.171.116.71] has joined #se2600 11:22 <@Dagmar> Okay. This is a little fucked up 11:22 <@Dagmar> Apparentlty the order you specify arguments to internal-sftp matters 11:23 <@Dagmar> This does not work: 11:23 <@Dagmar> ForceCommand internal-sftp -d /incoming -m 660 -u 007 -f AUTHPRIV -l INFO 11:23 <@Dagmar> This fucking does: 11:23 <@Dagmar> ForceCommand internal-sftp -f AUTHPRIV -l INFO -d /incoming -m 660 -u 007 11:23 <@Dagmar> Fuckin' bizarre 12:13 < Evilpig> http://www.thetvdb.com/?tab=series&id=419191 12:13 < PigBot> Exploding Kittens - TheTVDB.com (at www.thetvdb.com) https://tinyurl.com/ynnfpmun 12:13 < Evilpig> wtf 12:21 <@eryc> Dagmar: ChrootDirectory is more secure 12:30 <@Dagmar> eryc: Your point being? 12:31 <@eryc> the user isn't limited to that incoming dir if thats the goal 12:31 <@Dagmar> Yes, they fucking are. 12:31 <@Dagmar> This is a reminder that I am not some fucking casual 12:31 <@Dagmar> They're chrooted. 12:31 <@Dagmar> SELinux is enabled 12:31 <@Dagmar> They have zero rights to the directory they're being chrooted to, because that's a requirement of chrooting with sshd 12:32 <@eryc> so you are using ChrootDirectory? 12:32 <@Dagmar> The -d argument just changes the directory they're in after they connect, so they can immediately upload a file withoout me having to explain shit 12:32 <@Dagmar> They're chrooted. 12:33 <@eryc> carry on then 12:34 <@Dagmar> I literally just finished ensuring (and testing) that sshd can't authenticate anyone outside of a small subset of users, and most of those are restricted to a small number of places they can connect from 12:34 < Evilpig> lol my manager just said that my "professionalism" has been super 12:34 <@Dolemite> HOLD UP 12:34 <@Dagmar> ...and it's now logging using local1.info so I can keep the file transfers separate from the authentication messages 12:34 <@Dolemite> LEMME TALK TO CHAD 12:35 < Evilpig> unless you're going to tell him to give me more money, you shut your yap 12:35 <@Dolemite> You'll get your COLA at the end of January like the rest of us! 12:35 <@Dagmar> Evilpig: Well, unfortunately he's right 12:36 <@Dagmar> Keep in mind how many yahoos at Vanderbilt couldn't be bothered to aim for excellence on a bet 12:36 <@Dagmar> _That's_ the shit that passes for "professionalism" nowadays 12:36 < Evilpig> i'm getting a career path adjustment to adjust my salary or something 12:37 <@Dolemite> Did they hire you in at a TP II level? TP III is what you want to get to. Basically that's where they put high performing technical folks with no aspiration of management. 12:39 < Evilpig> I think that's what he mentioned 12:40 <@Dolemite> Yeah when I hired in as DC Manager that was a pseudo-management track and technically a Team Lead... but after dealing with supercomputing's BS for 8 years I told them I wanted nothing close to management 12:45 < Evilpig> lol 12:45 < Evilpig> he just told me he's glad that he didn't hold my friendship with you against me and he's grateful that he hired me this last year. 12:46 <@Dolemite> ROFL 12:54 -!- driz [~driz@linuxserver.io/driz] has quit [Server closed connection] 12:54 -!- driz [~driz@linuxserver.io/driz] has joined #se2600 13:01 < aestetix> Dolemite: do you usually work in windows or linux 13:01 < Evilpig> alright. I need some bash advice. 13:02 <@Dolemite> I use a Windows laptop but the majority of my work is in Linux VMs 13:02 <@Dolemite> Or through a web based UI 13:02 < Evilpig> I have a loop that reads three variables from ss output. the loop looks like this. 13:02 < Evilpig> while read -r "port" "process" "uid"; do 13:02 < aestetix> oh right a windows system so they can monitor you and make sure you don't look at porn 13:02 < Evilpig> done < <(ss -nlpe 2>/dev/null | grep -E LISTEN.+:[0-9]+.*users\:| sed -r 's/.*:([0-9]+)\s+.*"(.+)"(.*uid:([0-9]+))?.+/\1 \2 \4/' | sort -nu) 13:03 < Evilpig> normally. it gets a port number, a single word binary process name, and then optionally the uid that is running the process 13:03 < Evilpig> i've hit an edge case where the binary is showing up as multiple words 13:03 < Evilpig> 127.0.0.1:10023 0.0.0.0:* users:(("postgrey --pidf",pid=1110,fd=6)) ino:29711 sk:8d <-> 13:04 < Evilpig> specically postgrey --pidf 13:04 < Evilpig> so when this processes it treads pidf as the uid. how would you get around this? 13:04 <@Dagmar> Start by throwing a VOIP user out the window 13:04 < Evilpig> ignore that thing this si running postgrey because wtf 13:04 <@Dagmar> It might not help your immediate problem, but it needs doing just hte same 13:05 < Evilpig> I have a list of folks that i'd like to toss out a window right now 13:06 < Evilpig> Dolemite: what did you do to your boss to send her out on short term disability? I thought you were done with being management 13:06 < aestetix> Evilpig: he probably farted next to her desk 13:06 <@Dolemite> Evilpig: her mother is in the hospital 13:07 * Evilpig side eyes Dolemite 13:18 < Evilpig> I figured something out. I switched IFS=, then in my sed I swapped the spaces into commas 13:18 < Evilpig> I can't see there ever being a comma in this output and if there is, fuck it. I'll set that admin on fire 13:18 * Evilpig eyes dolemite again 13:19 <@Dolemite> It sure as hell isn't me :P 13:20 < Evilpig> you wouldn't rename a binary on purpose to include a comma if you knew it would blow up my email? 13:22 < aestetix> https://www.youtube.com/watch?v=4KkEoKfdVnM 13:22 < PigBot> I HAVE GAS..... Gas Station Simulator Episode 1 - YouTube (at www.youtube.com) https://tinyurl.com/ymbkne43 14:15 < Evilpig> it's bowling time. later folks 15:36 -!- _NSAKEY [~nsa@hashcat/team/-NSAKEY] has quit [Server closed connection] 15:36 -!- _NSAKEY [~nsa@hashcat/team/-NSAKEY] has joined #se2600 15:36 -!- mode/#se2600 [+o _NSAKEY] by ChanServ 18:57 -!- lastchild [~lastchild@user/lastchild] has quit [Remote host closed the connection] 19:00 -!- lastchild [~lastchild@user/lastchild] has joined #se2600 19:04 -!- PigBot [~PigBot@gateway.wilpig.com] has quit [Server closed connection] 19:04 -!- PigBot [~PigBot@gateway.wilpig.com] has joined #se2600 --- Log closed Wed Nov 15 00:00:48 2023