alex_02

alex_02 , 29 days ago

I have a freezer full of ice cream again.

alex_02 , 1 month ago

A bit late again, but I’ve been busy and dealing with life… I finally got my PinePhone up and running, mostly. I’m quite proud. I ended up going with Arch + Phosh image and not disappointed. Found a bunch of apps that work well on it as well. I’m definitely happy for once since it is basically usable now as a regular smartphone and as a mobile device for uh more nerdy things.

I am also debating which smartphone to buy to have as a backup phone, and there are three I looked at. All three have official Lineage OS support and one has Calyx OS support. I might end up buying 2 out of the 3.

Also been brainstorming and experimenting with a few ideas in labs and on my devices. Have a lot written down as a rough draft of what I want, and just need to go through my list to figure out what to prioritize to code and test in labs first. I am glad I wasted way too long figuring out this stuff because things are starting to turn out a lot better quality. I also have a nice list of hardware I want to buy… looking forward to being able to explore RF more and play with a lot of interesting hardware toys.

I have a lot of plans right now and just taking everything a bit each day.

Defiently still have way too much doubt in myself and questioning if this is really my thing, but life is confusing and sometimes sucks.

Also, here are a couple of pics of the pinephone:

https://infosec.pub/pictrs/image/c8f27e81-fd73-4dff-be69-611da857c200.jpeghttps://infosec.pub/pictrs/image/263af256-64f3-4def-b673-3e71ac98a05d.jpeg

alex_02 , 1 month ago

I just accept I’m an asshole, and I’m an emo furry.

alex_02 , 1 month ago

I’m late, but been wrestling with the PinePhone. I’ve ultimately decided on Mobian with Phosh + TLP + UFW and probably other stuff. I have decided to take a bit of a short break from most of my projects, but will probably be back to them in a week or so. Just exhausted right now, but something’s are starting to look up for once.

alex_02 , 1 month ago

Make it more usable without having to do too many mental backflips. I’m going to try to see if I could make a better DE with XFCE + Openbox + dmenu + the sxmo gesture daemon. Have a rough draft in my head.

alex_02 , 1 month ago

I was told there were furries on Fridays.

alex_02 , 1 month ago

Brainstorming ways to deal with the overheating on PinePhone and have a few ideas to try. Been coding a lot in various different languages that are mostly newer to get a feel for them to see if they’re interesting enough. At some point, I want to try to get into developing some stuff with the Pogo pins on the PinePhone. Need to get to emulating firmware on QEMU to start playing with IoT and whatnot…

I have a lot going on. xD

alex_02 , 1 month ago

Most Russians turn to crime because they need to survive. Your comment is ignorant and stupid.

alex_02 , 1 month ago

Most are not, and I have both friends and family from Russia. We will see more cyber crime from Russia as well because inflation is stupid high there right now and well… people don’t want to starve.

alex_02 , 1 month ago

You mean It’s a bad idea to put government secrets in the cloud of a large company whose only working department is their PR department?

https://infosec.pub/pictrs/image/28eccc50-a021-4ed6-bb38-77a4d9f7ff82.jpeg

alex_02 , 1 month ago

Are you a child or just dense?

alex_02 , 1 month ago

Idk what I read because it is so stupid.

alex_02 , 1 month ago

I cleaned up my room, which took a total of five hours. I’m proud of that one. I just need to vacuum and call it a day. Also been doing a lot of research and coding again. Hoping some of these interview line up so I can start making money to waste all on new hardware toys.

alex_02 , 1 month ago

Well, currently I’m open to anything, but I go back to school in the fall and should get workstudy so was thinking of checking the IT Helpdesk first at the school, but think I have enough personal experience that I could in theory do something like Junior Sysadmin or Junior Pentester. The main issue is that I live in a dead end state right now, and any job would have to be remote for the most part, which most companies won’t do. Another problem is that I don’t exactly have a great reputation because of assholes that I’ve had the displeasure of dealing with since I was a teenager. There is also the dumb case of my record with an online article that basically defames me and doxxes me. Also, a lot of misinfo. That article shows up when you google my name and also the stupid case, so idiots in HR get weird about it which ruined several job opportunities, and also I was harassed for months online which cost me my last job along with that dumb article… So think I’m going to just look for something outside the tech industry because so far the way I’ve been treated has been foul.

alex_02 , 1 month ago

I’m a huge fan of Golang, but I’ve started looking at writing in Java because a lot of APIs have Java SDK. Before, I have coded a lot more in C/C++. I also love shell scripting and have written a lot of scripts in bash and sh. I’m planning on coding more stuff in various different languages and for Windows I’ve started dabbling in C# because it is specifically built for Windows, so I tolerate it.

alex_02 , 1 month ago

I wanted to do red teaming when I was 18/19, but it is so niche that I don’t think I can get my foot in the door. I’m a hardware nerd and the past several months I have also started looking at overlooked protocols. I do plan on getting into more embedded and designing my own boards. Thing is, hardware is very overlooked which I feel like nobody is taking it serious enough. I still have an interest in the tech industry, but kind of just letting life do its thing and wherever I end up, I end up there.

alex_02 , 1 month ago

You mean taking hardware apart or reverse engineering the software/firmware? Been planning on getting into reverse engineering firmware, but I take hardware apart a lot to figure out how they work because most of the time I can build something better and cheaper.

alex_02 , 1 month ago

I have. I hate Rust. I think it is overhyped. I have heard good things about Zig, and it looks more promising. Crystal and Dart also look promising, but unfortunately the hype is fucking Rust, which I think is a garbage language.

alex_02 , 1 month ago

Yeah. Life keeps getting in the way, but I’ve been having plans to at least start emulating firmware with QEMU and poke around a bunch of publicly available firmware. The biggest problem I do see with the learning curve is the machine language, but I don’t see it being too much of trouble once I grasp the basics enough to get a better idea what is going on. Finally got around to getting qemu up and running, so will try to get started with firmware once I get other more important things taken care of first.

alex_02 , 1 month ago

The syntax reminds me of what python, javascript, c# would look like combined if they somehow mated and had a child in their threeway relationship. The community also has very stupid people that think it is great making everything twenty times harder because of some hypothetical insecurity introduced by the user or something dumb like that when Rust is supposed to be a memory safe language and the hand holding has allowed some very dumb but arrogant asshats get it to their head.

It just seems over all like a cobbled up, overhyped mess that is driven a lot by pseudo-intellects and ego. A lot of the articles I’ve read have the author throwing around a bunch of fancy words that don’t really make sense and just make them look dumb, also a lot of times it seems unneededsly complicated with how someone does x and explain it overcomplicated. This is especially with when I tried to look at the state of encryption and cryptography in rust. The issue is that crypto is easy to get wrong even by very, very smart people, so what I saw just from glancing and trying to figure out tf I’m looking at with the libraries and also the focus on more of “X is faster than other much better audited crypto library or whatever” and made me unable to trust the libraries to use in my programs since I did not want to introduce possibly vulnerabilities that could be catastrophic.

Also, ironically not long after idiots touted C/C++ being dead or something after the federal gov here decided to make the announcement of moving to memory safe languages, there was some silly cve that allowed rce via some weird batch script. I think it is just better for me to be cautious right now with the language since right now I’m very, very skeptical and from experience if I have doubts about something in tech, I’m probably right.

alex_02 , 2 months ago

OSINT and trying to take care of myself.

alex_02 , 2 months ago

I do this often. Not because I can’t do it myself or understand what I’m doing, but why would I write the exact same code when it has been done and pasted online a million times?

alex_02 , 2 months ago

As other have said, brother and canon are probably your best bet. Nothing fancy is really needed, but just print.

alex_02 , 2 months ago

Well, my Flipper Zero is finally getting delivered today (It got delayed twice). Been writing a bunch of scripts and programs to help me with my projects and research. Mostly just getting and handling data properly. Hoping to get back to writing and building what I enjoy more because it has been a bit boring and tedious.

alex_02 , 2 months ago

I do have a GitHub, but nothing impressive, me thinks. Also have a blog, but can’t be arsed to write on it often. Mostly been writing tools and scripts to help me with my osint which can get extremely tedious especially when gathering data. The flipper is definitely stupid useful, but I have yet to use it for more things. Already wrote a bunch of BadUSB scripts for it and working on figuring out how access controls work.

alex_02 , 3 months ago

A bit late (sorry, been busy and distracted), but my new toy came in, and it is all pimped out. Only thing missing is a type c to USB female OTG or whatever, so I can plug in an external Wi-Fi adapter. Been writing way too many scripts in Golang and python, so been losing my sanity, but hey shit works.

alex_02 , 3 months ago

Lockpicking. Scripting so I can automate a bunch of stuff. Not much. Been procrastinating and taking it easy lately.

alex_02 , 5 months ago

So basically, some data hoarder decided to collect data breaches and somehow that is a cause for alarm even though that is normal behavior by a lot of us who collect data like this since they become useful to us in our projects?

alex_02 , 5 months ago

Been debating about going back to school or not. It might be just easier to start trying to create a job for myself based on my work and experiences, but not sure. Both would take a lot of work, but based on what I do now, I’m not sure if I would be able to deal with the boredom of going through all the classes that might be too basic for me and I don’t test well so I don’t know if it would be worth pouring money into things that I might fail at because colleges, universities, etc. can’t give me the accommodations that I know I need.

alex_02 , 4 months ago

Applying for jobs that require a degree or stupid amount of experience and a case that is biting me in the ass even though I served my time with probation and would rather stupid people in middle management and hr would mind their own business instead of googling up my name and finding an article that is riddled with misinfo and other stuff that isn’t true which is already causing me problems. Been debating about suing for defamation of character on multiple “journalist” platforms on articles that really are defamation of character and also dox my info plus other shenanigans.

alex_02 , 4 months ago

Yeah. Pretty awful. Took a look at WGU and will definitely give it a try with some of its standalone courses before committing to a full degree program. Also looking at several other unis and colleges. Might be a good idea to go somewhere out of state, so I can get away from some of my stress.

alex_02 , 5 months ago

Been needing to take a step back from a project and focus on other things. Thinking while taking the break I’m going to focus on writing some scripts and take some old code and make it better. I wrote a bunch of tools for windows a while ago, but I think I can write them better now.

alex_02 , 5 months ago

For the elk stack you can replace Logstash and Filebeat with Fluentbit and feed it directly to Elastic Search than use Kibana. I’ve found Logstash to be the resource hog and Fluentbit just runs a lot better imo.

Some docs:

docs.fluentbit.io/manual/pipeline/inputs/syslog

docs.fluentbit.io/manual/…/elasticsearch

EDIT: All three of them can also be run in a docker or several depending on your needs and how you configure.

alex_02 , 6 months ago

Working on my research projects and figuring out my very ambitious data project which I think should be fine, but it is basically Christmas so taking it easy till probably next week.

alex_02 , 6 months ago

Well just got done with fixing a few annoyances in some of my github utils and added a few things. Overall been pretty busy… I think.

alex_02 , 7 months ago

So been working on several things, but I am hoping to soon share some of them with the documentation and hopefully start exploring other ideas I have.

Finally got around to setting up the labs on digital ocean and bought domains that I’ve been itching to get for a while. Been taking a look at different kind of boards and hardware devices to see if usable for what I want. I am tired, so I think I’m going to take a short break on my current things and focus on other projects I’ve been meaning to do.

I think it is good to rotate between projects, so things don’t become dull and tedious or whatever.

alex_02 , 7 months ago

For personal homelab, I keep it really simple, and I try to think realistically. Which means, using keys with ssh, setting up ufw and keep as little exposure for ports as possible, fail2ban, only really using user accounts with sudo instead of root, use containers and vms when I can to help keep things contained if I am working on something that might have links or files that are malicious, run something like a PiHole or AdGuard Home, etc.

I do plan on adding pfsense + security onion once I can get the proper hardware that has enough ram, but this is probably the only “overkill” I plan on running.

For stuff like VPS usually just UFW + SSH keys is mostly what I need, but add as I needed.

If I ever end up as a Linux Sysadmin, I would use a much more robust and proper setup for the company which means something like grsec, try to do something like setup a much better EDR/SIEM, rotate ssh keys if possible, etc.

alex_02 , 7 months ago

My Keychron came in so going to use it as my first modded mechanical keyboard.

alex_02 , 7 months ago

Been working on a generic rpi4 pentest device and it is slowly coming together. Think overtime Imma add other adapters and whatnot. Been debating about adding a screen once I get everything in a pelican case, but I don’t want to add yet another thing that can eat up the power bank and the whole idea is to run headless.

alex_02 , 8 months ago

Got my rpi4 bettercap wifi stuff done and been busy with work. Soon I’m going to try to go back to coding and hopefully my stuff I ordered gets here asap. Trying to get hardware upgraded.

alex_02 , 8 months ago

Been doing a mix of documenting code and notes in obsidian, been working on my hardware wifi tool thing (nearly done with the rpi4 one and hopefully can start on the rpi0w soon), coding whatnot, doing some tweaks to my homelab stuff with mostly getting ufw, hostnames setup properly, making sure everything is up to date, etc. Hopefully I can get more ram and add more servers to that. There is prolly more, but I’m tired from work.

I’ve been busy. (⁠๑⁠•⁠﹏⁠•⁠)

EDIT: I strongly suggest sitting down and documenting everything in several different medians and sites. It helps a lot when you need to do the same thing at some point and have the notes saved somewhere.

alex_02 , 8 months ago

I like Obsidian and before I just used notebooks. I just needed a good note software that could run on multiple platforms and I could sync across devices. I still use notebooks.

alex_02 , 8 months ago

My community college offers two certs. One for security and one for networking. Wondering if I should try to take the security one and see if I can pass the exam which would save me time or if I should sit through all the classes.

alex_02 , 8 months ago

I don’t want to sit through the class if I can pass the exam, but sitting through class might be helpful.

alex_02 , 8 months ago

Been busy with work, but been writing and drawing diagrams for various ideas I think of for hardware.

alex_02 , 8 months ago

If I have time before work, work on getting relaying done and working for something to handle multiple connections. I’ve decided to have the server just start a new process and bind to a random port then have the bash script that is executed via socat after connection do some checks before relaying or creating a new connection. I am using tmux for this. I got relaying to work and now I just need to have it check for established connections on a port. If not established, check if listening. A lot of exception handling right now, but it won’t be as complicated as I described it as.

I did it this way cuz the server was already threaded and after looking at threading/forking on new connection I realized since I need interactive and it would just be easier to do this at least imo.

alex_02 , 8 months ago

I want to eventually write some articles/papers on some of the stuff I’m working on, but my concern is people will drop whatever code I share into VT or something or they abuse it. Except if I share a PoC people would complain about it so Idk if I should just share PoCs or instead share theories and describe how it is done which I think would be better and how I figure out how to do most things.

alex_02 , 8 months ago

Yeah. I will take a look. Just been questioning a lot for a while now if I really belong since most of the time I just don’t think I do since my interests and my focus I feel like aren’t “traditional”. I’ve been coding a lot more thanks to some encouragement from people, but a lot of times I don’t think whatever I code is fancy or sexy enough since I keep everything simple. Been reading as much as I can articles of real world attacks and the tools/techniques use which has helped a lot to make me feel more adequate since a lot of times you don’t need all this fancy techniques and reading how attackers drop whole zip files of like notepad++ with the necessary dlls or whatever helps give a more realistic insight.

I think if I ever end up with my foot in the door and actually end up doing work, I might end up trying to teach and mentor people since nobody, especially girls, should have to put up with all the bs I had to.