HackerTrans
TopNewTrendsCommentsPastAskShowJobs

netsec_burn

no profile record

Submissions

Break Me If You Can – Attacks Against 3DES/AES NFC Technologies

eprint.iacr.org
2 points·by netsec_burn·6 miesięcy temu·0 comments

Breakmeifyoucan: Exploiting PKO and Relay Attacks in 3DES/AES NFC Technologies

breakmeifyoucan.com
11 points·by netsec_burn·6 miesięcy temu·0 comments

comments

netsec_burn
·2 miesiące temu·discuss
Speaking from experience, the LLM agents adapt fairly well to these contexts too. It's not at all FUD, you're at a significant disadvantage if you don't compete with AI now. I went to a CTF recently against teams I have won against every year, and within 10 minutes of the event starting they had solved every challenge. They have an agent loop and it solves everything immediately, so they won. Anyone attempting to solve the challenges on their own has no chance, even if you think "maybe this is too out of the box for LLMs". Furthermore, the DEFCON CTF you're referring to has quals, and if you don't qualify you don't get those challenges in the finals. Quals has mainly binary exploitation challenges which Opus (and others) solve as long as you hold the gas pedal down on your API bill. I don't believe it's hyperbole to say CTF is dead, as a competitor.
netsec_burn
·3 miesiące temu·discuss
I can't even sign up for Max (last tried yesterday), their credit card processor has issues.
netsec_burn
·4 miesiące temu·discuss
Another trope: longer README.md's than anyone would make, or want.
netsec_burn
·4 miesiące temu·discuss
I prefer the Dell Rugged line or Thinkpads, since a single water droplet on the keyboard is enough to kill this laptop.
netsec_burn
·w zeszłym roku·discuss
Also the Kiisu which is 1:1 with capabilities, plus a few more.
netsec_burn
·w zeszłym roku·discuss
https://archive.is/u6UQU
netsec_burn
·2 lata temu·discuss
The allowed types are a bit misleading. Any binary is accepted, any architecture. You can upload shared objects, ELF executables, PE binaries, etc.

I like to give it bomb executables (reverse engineering challenges) to test it.
netsec_burn
·2 lata temu·discuss
I made a site to use LLMs to help me with reverse engineering. The output is surprisingly readable, even with C++ classes. Let me know any feedback you might have: https://decompiler.zeroday.engineering/
netsec_burn
·2 lata temu·discuss
I can answer the writing to /proc one. It is sometimes useful to hotpatch running programs with /proc/pid/mem.
netsec_burn
·2 lata temu·discuss
Or the LilyGO T-Embed CC1101.
netsec_burn
·2 lata temu·discuss
https://archive.is/M81lw
netsec_burn
·2 lata temu·discuss
I recently learned this too, just a few months ago. Ended up making a frontend so I could do it automatically: https://decompiler.zeroday.engineering/
netsec_burn
·2 lata temu·discuss
I've used wormhole once to move a 70 GB file. Couldn't possibly do that before. And yes, I know I used the bandwidth of the relay server, I donated to Debian immediately afterwards (they run the relay for the version in the apt package).
netsec_burn
·2 lata temu·discuss
Not yet, I'm writing it. Will be available by the end of the month, feel free to follow the PR: https://github.com/flipperdevices/flipperzero-firmware/pull/...
netsec_burn
·6 lat temu·discuss
Ubuntu 20.04 LTS with an RTX 2070 Super GPU.
netsec_burn
·6 lat temu·discuss
SwissVPN. Without going into detail, I'm aware how they respond to all kinds of information requests due to my previous type of work. That earned my business.
netsec_burn
·6 lat temu·discuss
He's been brainwashed. Everyone knows the United States government doesn't exist. /s