Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)BE
betterdeadthanreddit @lemmy.world
Posts 11
Comments 1.5K
Sacramento high school biology final includes racist questions, targets students
  • This guy needs a better outlet for his frustrations. I don't doubt that teaching high schoolers is a special form of torture (having been a high schooler once upon a time) but test questions are not the place to vent.

    I want to believe that these were questions he wrote out in a drunken stupor one night and then printed off the wrong file though doubling down on it with the projector kinda kills that idea. Dude maybe shouldn't have been a teacher but it took him about a decade too long to figure it out.

  • A watched pot never boils

    I was in the middle of something in another room and it occurred to me that this familiar expression could be adapted for ADHD: A watched pot never catches fire. Good reminder to exercise a little extra caution in the everyday tasks that get boring but are still dangerous if you get complacent. Driving, cooking, poking around in a running computer with screwdriver even though you know you should shut it off, that sort of thing.

    Now if you'll excuse me, I should get back to cooking breakfast before the "food is done" alarms start going off throughout the building.

    7
    Articles which seem to promote a western narrative @lemmy.world betterdeadthanreddit @lemmy.world

    Speed of Light from Direct Frequency and Wavelength Measurements of the Methane-Stabilized Laser

    1972 paper measuring speed of light.

    0

    New salvage operation underway

    cross-posted from: https://lemmy.world/post/3494377

    > Took a while to get here, any ideas for what to do with it?

    [Edit: Image broke so I've hosted it elsewhere.]

    0

    New salvage operation underway

    Took a while to get here, any ideas for what to do with it?

    [Edit: Image broke so I've hosted it elsewhere.]

    1

    [Resolved] Spam user/communities: @soraya, !free, !woman

    User @[email protected] (Soraya Pepe) is advertising a forum service as well as a booking site where you can order donuts* that they'll deliver to your hotel room. They are using bit.ly links to obscure links to their forum topics in community sidebars as well. These communities are [email protected] and [email protected].

    Donuts*

    Probably not donuts.

    2

    User flooding instance with (mostly) empty communities

    @[email protected] has created 80+ communities here, most of which are empty save for a "Looking for moderators" post. Some have 0-3 posts which are nearly all from the creator and a couple have some regular user activity.

    I recognize that this may not be against the rules as long as it's not simply for the purpose of squatting on a name but is worth observing for future developments. It does not appear that this user intends to actively moderate since they're looking to hand those communities off as soon as they're created.

    11

    [Resolved] Advertiser account/community

    https://lemmy.world/u/HeGetsUs_ad / https://lemmy.world/c/hegetsus

    "He Gets Us" advertising campaign setting up on this instance.

    Edit: And it's gone. Thanks!

    0

    What's this guy's deal again?

    The image was in one of my old document folders alongside some saved image macros and things. Think he was called Candleman, Candlejack, Candlestick, something like that. I just don't remem-

    2
    Pentesting @lemmy.world betterdeadthanreddit @lemmy.world

    [Copied post] Responder and NTLMRelayx

    [Note: The content of this post has been copied from /r/Pentesting in case users wish to continue the discussion during the reddit API price gouging blackout]

    Original

    Responder and NTLMRelayx

    >/u/ j_relic > >I’m practicing pentesting using Responder. I’ve watched a few videos on YouTube, but I’m having issues. My setup: Windows Server 2019 VM, Windows 10 VM, and the latest Kali. I used a video to create the vulnerable Active Directory Environment (YouTube, the Cyber Mentor). Responder version 3.1.3.0. > >I’ve been unable to capture hashes using LLMNR poisoning. Responder doesn’t send the LLMNR poisoned answer. In fact, the only answer it sends is MDNS. > >I’ve also been unable to capture hashes using SMB Relay Attacks (with Responder and ntlmrelayx). According to the video I used, I ran nmap to determine the smb version I have for Windows Server 2019. I have smb3 (3.1.1), and “message signing enabled but not required.” > >I made sure to modify any configurations within the Responder.conf file (according to the videos) as needed. Am I having these issues because SMB is version 3, and not 2 like in the videos? The videos are a few years old. > >Any help is appreciated. Thanks. I would like to exploit these types of issues within my homelab setup. > >>/u/Danti1988 >> >>In your training environment, you don’t mention how you are generating traffic for responder to respond to. Set a scheduled task to map a network share that has an incorrect host name, dns will fail and fall back to netbios / llmnr and you will get a hash. >> >>>/u/ j_relic >>> >>>Hi sorry about that—according to the video, I tried entering an incorrect share. For example, I typed //kl as the share and hit enter. Unfortunately, I didn’t get the same results as the video. In the video, the hashes are captured immediately. But for me, nothing. Instead, Edge opens up on the VM in an attempt to open the page as a web address that ultimately fails. >>> >>>>/u/Danti1988 >>>> >>>>Open run or file explorer and type //kl/blah. Also make sure responder is listening on the correct interface and both nics are on the same interface for the vms >>>> >>>>>/u/ j_relic >>>>> >>>>>Unfortunately, same problem. The LLMNR poison isn’t sent, only MDNS. Responder sees the attempt, but nothing else further. I’ve verified that the interface is correct, and the VMs are on the same interface (for their respective nics). All poisoners are set to “On.” >>>>> >>>>>>/u/kaltec >>>>>> >>>>>>Is the vm network adapter set to bridged mode? Kinda sounds like it might be in NAT >>>>>> >>>>>>/u/Danti1988 >>>>>> >>>>>>If you type in //kaliIP/ are you seeing the hash? If not, it’s definitely a problem with your set up.

    0
    Pentesting @lemmy.world betterdeadthanreddit @lemmy.world

    [Copied post] Pentesting project viability?

    [Note: The content of this post has been copied from /r/Pentesting in case users wish to continue the discussion during the reddit API price gouging blackout]

    Original

    Pentesting project viability?

    >/u/ExcidionKahuna > >TL;DR: Aspiring pentester/python noob looking for recommendations to optimize recon script written in python to populate an Obsidian vault, link findings efficiently with markdown/obsidian plugins, and wondering if this is would even be useful. > >Hey all, > >I'm not sure if this would be viable to the community in general, but was wanting some input. > >This has been kind of a dream project of mine. I'm no developer, and aspire to be a pentester once my contract with my current job ends. > >This is a project in python that will perform all my basic enumeration and execute additional commands and populating an Obsidian vault with the data. It starts with a ping/pingsweep and create a directory for each target. Cue nmap full port scan and create a .MD file for each port. Additional script and service scans on discovered ports, and the output for each port saved to each port file. Follow additional commands to run based on services discovered and saved to their own files. Each command will be piped to a bash script I wrote that will timestamp command output and screenshot it to be rendered in each file. > >I know that golang and other languages would be faster for this, but this is a project I am using to learn Python and optimize/automate my notes. I guess this could be simplified as using autorecon and making an Obsidian vault, and doctoring it up with markdown and Obsidian features. > >For Obsidian users, do you have any recommendations for markdown syntax I can use to better organize, link or make this project useful? Or any other optimizations you could recommend via python? And is this something anyone would actually like to see or even care about? > >>/u/frenchfry_wildcat >> >>This is absolutely possible and essentially how the “automated pentest” platforms work (such as Penterra)

    0