hdm

@hdm@infosec.exchange

Security researcher working on #infosec, #security, #networking, #discovery, #osint, #postgresql, #aws, #engineering, #opensource, #devops, and #startup stuff. For fun I write #golang, build #IoT projects, and #run in circles.

I am the CEO and co-founder of runZero (https://infosec.exchange/@runZeroInc - https://runzero.com), the first step in security risk management and the best way for organizations to understand their exposure through comprehensive asset inventory.

Previously I was the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams.

Pronouns are He/Him

Discovery tags: #fedi22

This profile is from a federated server and may be incomplete. Browse more on the original instance.

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

I deleted my toot about Broadcom abandoning VMware ESXi last month as I got fed up of reply guys explaining to me it couldn’t possibly happen.. but anyway, it has happened. https://kb.vmware.com/s/article/2107518?lang=en_US

hdm,

@hanscees @GossiTheDog I can recommend Proxmox if you are looking for something turn-key (but KVM and various wrappers, including the new VirtualBox-KVM are all great too).

mh8h, to random

Shower thought: can runZero’s discovery detect a Thinkst canary correctly? 🤓

What do you think? @riskybusiness @metlstorm

hdm,

@metlstorm @mh8h @riskybusiness @haroonmeer runZero doesn’t flag honeypots, but you can identify them if you squint at the data a little. That said, we are also a happy Thinkst customer. The team is working on some adjacent research that should be live in a month or so.

hdm, to DEFCON

A couple of ancient photos from my first

hdm,

@b_cavello I can't remember the hotel name, but it was definitely less than $50/night.

jerry, to random

I have had several people that received the ban hammer recently grousing about how it goes against my air of “kindness” and the quote I have in my profile. I firmly believe in the importance of being kind to other people. But there are limits.

Do not confuse kindness with weakness, please.

hdm,

@jerry these actions are certainly kind to everyone else on the server, ban early, ban often (the old #metasploit IRC channel motto due to it being a troll magnet)

pancakescon, to infosec

Remember, you have about ONE WEEK LEFT to submit your AWESOME 1/2 #infosec 1/2 hobby talk to our fully virtual and free conference! Get those cool ideas in!

hdm,

@pancakescon would programming count as a hobby? (if it's additive/separate from the security aspect of the talk)

lcamtuf, to random

deleted_by_author

    •
    hdm,

    @lcamtuf very unfulfilled!

    pitrh, to random
    @pitrh@mastodon.social avatar

    PROTIP: If you run a "cloud mapping experiment", make sure the contact address you give is deliverable -

    2a05:d01c:b43:8a10:36c:5dc5:25e5:de22 - - [07/Feb/2024:18:06:02 +0100] "\x16\x03\x01\x00\xB1\x01\x00\x00\xAD\x03\x03\x9C\xB9\x0F\x1FW`\xF4\xAE\x01\xC5\xAC\x12\xDF9\xC2\xA0\x16\x9B\xBCl\xDE\xFFj4e>Z\x11\x17~g#\x00\x00P\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 150 "-" "-"
    2a05:d01c:b43:8a10:36c:5dc5:25e5:de22 - -
    1/2

    hdm,

    @pitrh that one in particular is TLS being negotiated on a plain-text HTTP port

    hdm,

    @pitrh some scanning tools try to negotiate TLS even on already identified plain-HTTP ports, but could definitely be a redirect bug too!

    GossiTheDog, to random
    @GossiTheDog@cyberplace.social avatar

    deleted_by_author

    •
    hdm,

    @haakon @GossiTheDog @jpm Howdy! runZero fingerprints ASAs, but doesn't report the firmware version in most cases. The method used by the NSE stopped working about 6 years ago after an update and alternatives are less granular (web assets).

    hdm, to random

    Is the "light of the compelling consumer proposition" going to shine brightly in 2024? https://torrentfreak.com/netflix-piracy-is-difficult-to-compete-against-and-growing-rapidly-240204/

    hdm,

    the search hit rate on that phrase is something else; hard to tell who is plagiarizing it (and the irony is perfect)

    sdw, to random
    @sdw@mastodon.social avatar

    There’s subtle little-but-big paradigm shifts in the user interface for Vision Pro that make me pause and smile.

    Take password entry. The password never turns into ••• dots — you can see every letter or number of a passcode you enter, because… only you can see it.

    hdm,

    @sdw couldn't someone watch your fingers dancing in the air like a magician and snag your password that way?

    hdm,

    @nblr @sdw hey, it works for numerical locks: https://www.gokeyless.com/product/schlage-seriiiw-scramble-keypad/

    hdm, to security

    The FOSDEM 2024 talks are 🔥: https://fosdem.org/2024/schedule/rooms/

    Some favorites so far:

    #fosdem #go #networking #security

    foone, to random
    @foone@digipres.club avatar

    GOD DAMN YOU EXPORT ADMINISTRATION REGULATIONS!

    hdm,

    @foone A throwback! Bypassing the Geo IP check on the NT4 SP download page (by passing ?ip=x.x.x.x, where x.x.x.x was a CN IP at the time) was my first bug report to Microsoft and landed me a free MSDN subscription for a few years (physical CDs and all). Data mining these CDs is what drove my pre-Framework Metasploit shellcode efforts.

    nobletrout, to scifi

    My friend's #scifi #book is free on kindle right now, you should read it.

    maybe @scalzi will give it a boost?

    https://www.amazon.com/dp/B0C79W78RJ

    hdm,

    @nobletrout @scalzi purchased, thanks!

    joshbressers, to random

    Allowing '..' (dot dot) in a path was a mistake and removing it would solve more security problems than using memory safe languages

    Now that I have your attention

    In security we keep hearing about memory safety and how we just need to stop using C and how it fill fix a lot of problems

    This is true, but next time read about getting rid of C, I want you to think about removing .. from being supported. It's an easier problem to wrap our heads around, possibly more useful, and probably easier to do

    I'll explain why below
    1/6

    hdm,

    @joshbressers surprisingly most path traversal bugs I’ve run into recently are in the SDKs and not the OS functions (Go AWS SDK for S3 resolves .. even though S3 doesn’t, etc)

    campuscodi, to random
    @campuscodi@mastodon.social avatar

    There's so much porn in Twitter replies that you can easily stop paying for OnlyFans and not miss a beat!

    hdm,

    @campuscodi 🥁

    hdm, to random

    The world got weird. Help Systems acquired many security vendors, then spun them out as Fortra, including Cobalt Strike, Core Impact, and this week's flavor of exploitable file transfer software: GoAnywhere MFT (CVE-2024-0204)!

    Surely these all belong together.

    Looking for exposed GoAnywhere systems? Look for HTML bodies containing: "GoAnywhere Web Client". @runZeroInc search query at: https://www.runzero.com/blog/finding-fortra-goanywhere-mft/

    #forta #CVE_2024_0204

    ahoog42, to random

    Do folks here use services like Calendly? I've 100% resisted using them in the past but managing schedules is so time consuming. Would love to hear if/how folks manage this. Perhaps there's a trustable privacy trusting service? Or folks self host? Or maybe just have to keep managing the hard way!? :-D

    hdm,

    @ahoog42 two alternatives are Google Calendar (it now offers direct scheduling/booking) and the Zoom Scheduler (if you already use Zoom).

    dangoodin, to random

    This 2006 post from Daring Fireball, using hair-splitting and innuendo to excoriate an article I wrote on the growing hack threats facing Macs, hasn't aged well.

    https://daringfireball.net/2006/05/good_journalism

    hdm,

    @dangoodin Even ancient stories can still cause harm; this post by Robert McMillan nearly got me fired, was never corrected, and still pops up in search queries on my background: https://www.macworld.com/article/191732/dnsattack.html

    It is absolutely incorrect, McMillian refused to fix it, and I haven't spoken with him since.

    hdm,

    @dangoodin If anyone stumbles over this thread, the real story was that I noticed an ATT DNS server returning poisoned results when debugging a test VM, it didn't affect our company systems, and the "I got owned" quote was entirely manufactured. Having a "friendly" journalist pervert the facts of a story that I volunteered, misquote me, and freak out our customers and management team was a defining moment. This stuff matters.

    hdm,

    @jsmall @dangoodin Yikes! I still don't understand how they got away with non-retraction. Normally "market-moving" news that can't be substantiated is fraud and investigated as such.

    spacerog, to random
    @spacerog@mastodon.social avatar

    Is there an APC UPS jailbreak community? Can someone point me in their direction? Looking for replacement firmware for my Back-UPS Pro 1000s.

    hdm,

    @spacerog wow, that is comprehensive!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •