yeap steam is the best example of a service i’d very happily pay - I’ve paid LOTS to them and just last month, I downloaded “have a nice death” for yuzu, played 30", loved it and insta bought it on steam. It was 25 euros but having my saves forever and being able to single click install & play is something that I value more.
you don’t get to get my money AND fuck me, pick one (netflix, youtube, etc.)
I’m in my 20’s and I consider myself a complete ignorant, in the sense that whenever I make a decision I always think “What would the future me do if I had more experience/knowledge?”...
that being good at your job doesn’t define you. it’s not a “trait”, it’s not a label. sometimes you’re good, sometimes you’re bad and sometimes you just are.
it’s just a job after all and a job should never be more than that: just a job
huh, you’re right! I’m trained on a different kind of code. In C# in particular, which I use mostly to do sneaky stuff (patch/inject runtime code to, um, “fix” it) and when I see a project that it’s too clean it smells
I also see python code (I code regular stuff in it) that could be written much more cleanly using monkey-patching
I’ll put my vote to Deep Rock Galactic for online. It’s a game (that you MUST check out) with one of the most wholesome communities ever. Most people are super nice in the chat and I’ve made a friend or two (for me that’s a lot - I’m extremely picky cause I feel very nice with the amount of friends I have already)
ok so let’s start with the exploits. Exploit is a bug (problem) in a piece of software that when… umm… “abused” (well the word is just exploited) it allows you to do stuff that you shouldn’t. An exploit could be live from your browser to the program you use to zip files. The top 2 reasons to use an exploit is to either get initial foothold on a machine (e.g. an exploit in a browser that would allow an attacker to execute arbitrary code when you visit their page or an exploit in winrar that when you open a zip file executes code)
From the attackers perspective, you got in, nice. Mind you you got in through means that have nothing to do with windows (and that’s true most times, especially on desktops). but now? what?
You hacked into the machine for a reason! You might wanna grab the browser cookies (giving you direct access to the accounts that the victim is logged into), grab some files, screenshots, passwords
That’s where the AV kicks in. After the initial exploit the malware behaves like a normal program. But not completely. Assuming that the AV hasn’t seen the same exact malware before (which would an insta kick ban) it’s going to see a random process accessing files in chrome’s directory. HUH. ISNT THAT SOMETHING. quarantined.
Wanna start listening to each and every keystroke? quarantined
Meanwhile the way that the exe ended up in your system was not through an installer, you don’t provide an uninstaller and it was downloaded from www.xXxveryNicEsiteyou.got. HUUUUUUUH
the whole process is a bit simplified of course, but it captures the general idea
So why does linux not have an AV? FUCK IF I KNOW! It would be very, VERY useful. Writing malware that bypasses AV is an art of its own. Can be done for sure, but it’s an extra step and it’s not fun
background: used to get paid to do shit like that (legally, pentest) and it’s a fun hobby (writing code around it, not hacking people)
I’ve never even considered ClamAV. I have the idea that it’s just a malware signature DB (changing the signature of a binary is almost as simple as recompiling it with a bit different variables)
Am I incorrect? does it have heruistics/active scanning?
I never got where the misconception of “*nix doesn’t have malware” came from. Maybe from the 2k era where “malware” was anything that was slowing down your PC (I also don’t get why a malware would slow down your PC, unless it’s a ransomware)?
I remember the c99.php shell from way back which is an amazing example of cross-platform (PHP can run anywhere) “virus” and it was considered a golden standard (2010 era?)
I disagree. Malware is quite difficult to develop and MUCH more difficult to maintain because of AVs and getting around defender ain’t a joke. It can be done but it’s neither trivial nor fun.
what kind of privilege separation? you’re talking about containers/namespaces?
cause as it is linux desktop has 1 unprivileged user and that’s it. from an attackers perspective privilege escalation is irrelevant - you have access to the screen, keyboard, browser, files. there really is nothing left to gain from gaining root
and if you have any reason to gain root, it’s super easy by just replacing sudo with an alias in .bashrc you’ve got the user’s password
We REALLY need sandboxing and soon, that’s why I want to give fedora silverblue a try but my hopes are quite low
btw windows is in a bit of a better place and M1 mac is in much better place
I’ve not looked into fire jail in depth but I’ve read lots and lots of bad takes on it
What we need is docker with a better graphics integration, in terms of both ease of use and security. maybe wayland can help in that (cause with X you just forward the whole management socket and that’s it, anyone can draw anything)
There’s a chance that snap has done it right (I know that everyone hates it but there’s a CHNACE that they got it right in terms of security and ease of use)
flatpak “is not enough” since the controls it gives you are not enough. first you need flatseal to disable stuff per application and the defaults aren’t good enough and steam for example REQUIRES access to the whole home folder which defeats the whole purpose
my whole experience with matrix is deeply disappointing. devices getting out of sync, not being able to decrypt messages, missing notifications and that fucking mark as read not working are daily problems
dig deeper and you’ll find the causes of the problems, which are disturbing. e.g. a json string is hashed (however 2 equal json objects can be the same while their strings are very different)
the only reason I still use it is a room I want to be part of
Not to start a war, but I think the place here is better for free discussion of games piracy. the lemmy community they site on their subreddit is literally dead, has just one or two posts. It would have been good if a rival community to r/piratedgames appears here on dbzer0 too, I mean r/piracy is still there, but this place is...
there really is no way to know if you’ve got a virus. it doesn’t take a lot of time to develop a malware that is undetectable, especially if you target something very specific and make it be patient about it. e.g. wait a month, snatch all the browser cookies and send them to a server hosted on azure.
or every so often snatch the clipboard
there are a lot of ways to be very silent
I highly suggest you don’t use the pc you run the pirated games on for anything critical
background: I crack stuff as a hobby (never published anything), used to be a security engineer, programmer by hobby
Contrary to popular similar stories I had the feeling that I was in my 20-25s for “I was there for a long time” and I was eager for the next decades (with a small break for depression but I got through) Now I’m 28 and it kinda feels it speeds up but I don’t complain (but I do complain about everything else, A LOT)
yea makes sense given that at your 30s-40s it’s very likely that you’ve end up at your “career path” and after 1-2 years working on the same thing (otherwise you’d be full of stress) it becomes very mundane
EDIT: The only reason why I still had it at this point was because I could use it with other apps. However, now that my Spotify Subscription is cancelled, it doesn’t work with anything. It’s mildly infuriating because today, I can’t still use it with other apps like I was able to yesterday....
I have the hobby of cracking stuff like that (but mainly windows apps to tell you the truth) and there are many-ish people out there with the same hobby. search around a bit and google stuff like “Spotify Car Thing github” or “Spotify Thing bypass” or jailbreak. Heavily rely on github and russian forums. Also random small blogs
If you’re so determined though and nobody else has done it and you’re fine not using it for 3+ months, there’s a very slim chance that I could find the time to bypass it
We are in the era that other than games, the companies have not yet caught up with anti-cracking techniques. I crack shit as a hobby and everything is fun and challenging until you start to mess with games. It’s insanely difficult, a CONSTANT cat n mouse run and sooooo damn time consuming
unfortunately I’ve not released any crack and the reason behind it is that I develop them in a way that you can read what they do (which function they hook, what do they expect and more) using frida.re so the crack ends being a javascript file that is run through a power shell script. so no “copy this dll” or “disable your antivirus” - super clean and you can always see what the crack does. my base is ALWAYS that you download and install the app from the manufacturer
due to that though I “can’t” release the scripts to the public as:
I’ll go to jail
the companies will start to implement anti-cracking measures as I give them exactly the way I crack their app on a silver platter
ok so first of all you need to know programming. nothing crazy but you should definitely know what a “function” “loop” or “variable” is and some basic HTTP knowledge (what is an HTTP reuest, what’s a header, etc.).
now, your target is to bypass the license check. there are many ways to go about that:
the web way: intercept the traffic between the app and the server. maybe the app tells the server “am i licensed” and the server responds “no” and if you just change that you’re golden. to intercept traffic the golden standard is “burp proxy”
the exported function way: I’m sure that you’ve seen that all the apps that you install come with various dlls. these are “libraries” which means that they’re a bunch of functions in a package. most times they also include the name of their functions and more often than not you’ll find a “is_user_licensed” that returns a 0 or a 1. hooking that to return 1 will hand you a win
the exe exported function way: same as the above but the function lives inside the exe. BTW exes are exactly the same as a DLL (and you can actually execute a dll or import functions from an exe!)
you can find any function that gets called and has a name (the names are called “symbols”) using frida-trace
afterwards you can write a frida script (javascript) that either replaces the entire function or append/prepend code to it. most times you want to append code that just returns a value as to not mess with the programs internals
if you have a .net app though the whole process is WAY easier as you can read all the code of the app using a decompiler - dnspyex is the gold standard
of course not all apps are that easy to crack. it’s more of a time/mind game and less of a skill one. sure, you get much more efficient and the solutions start to “smell”, but trying to crack an app that has stripped symbols (no function names) and everything is statically compiled (all the dlls are shoved into the exe to make it harder for us) can make your life much more difficult
since this is a “starter guide” i’m gonna leave anti-reverse, anti-debug and obfuscation completely out of the discussion. unless you get a moderately good grasp what the above terms mean, don’t bother
I also didn’t talk about actual reversing with a debugger/decompiler/disassembler as I think that it’s better to find out about them as-you-go. don’t start from that. it’s intimidating
Don’t get intimidated. You’ve got it. Remember that it’s not about skill (ok don’t go cracking IDA Pro or denuvo), it’s about patience and methodology As the hacker say: Try harder and happy hacking 🙂
NOTE0: ALWAYS ask chatGPT stuff. if it refuses to answer put the question in the context of “malware research” NOTE1: I think that someone somewhere may have told me that a very popular app owned by dickheads used in the 3d printing community is a very good starting point 😀 NOTE2: You’re more than welcome to ask anything - PMs or otherwise
EDIT: I forgot to mention reversing divas: since this is such a niche thing to do and you spend your life away from grass, some people involved are in the mindset of “this is not for everyone, you’re stupid and you can’t do it, etc”. Fuckem
just a side note for everyone out there that uses bitwarden: you can reset your password with just your email. that means the admin can see your passwords. The only 3 upstream password managers that don’t have that “feature” are 1Password, lastpass and keypass (not counting gpg-based script in bash n friends). Lastpass is obviously a mediocre solution (too many breaches), keypass isn’t for everyone (UX). 1Password is a very solid solution and it has public security audits
I’ve got nothing with agilebits/1Password - i just use it after spending days researching (also I’m a former IT security engineer)
Other than your carrier give it for free or cheap, I don’t really see the reason why should you buy new phone. I’ve been using Redmi Note 9 for past 3 years and recently got my had on Poco F5. I don’t see the point of my ‘upgrade’. I sold it and come back to my Note 9. Gaming? Most of them are p2w or microtransaction...
that “security update” quickly gets irrelevant as the exploits for lineage (or any non-standard rom) sells for pennies compared to a stock exploit. also no one’s paying security researchers to assess lineage - also it would be completely impossible with the amount of updates and devices they release
remember that (unfortunately) security is all about money
hmmm depends on the phone and what you mean difficult. If you’ve managed to format a computer you’ll be fine. If you’re having trouble downloading chrome or office, maybe think about it again - I’m not saying you shouldn’t try or learn (everybody can learn), Im just saying that it will require an amount of time that I imagine would be uncomfortable to a user that don’t wanna bother downloading a program.
as more people use a software it’s not easier to find exploits but much more profitable - and you see that propagate, as in:
More people start to use a software
Inevitably it gets hacked - by a kid most probably
The company starts panicking due to bad press
They start fixing the security bugs
(some years pass)
Now its quite difficult to find exploit as many security bugs have been fixed
Exploit prices skyrocket since it would affect many users and it’s difficult to develop
Bug bounty skyrockets since the exploits are so pricey
Now the last 2 steps tend to cycle since the security of the product fluctuates
Now the above have nothing to do with “residual” products - such as custom roms. And actually, you have so many deeply specialized people around the main product that finding a bug and developing an exploit on the residual is just a matter of “who the fuck cares”.
So you’re basing your security of your phone on “care”, also known as security through obscurity (some times at least).
Another example of “who cares” security is libreoffice. When I started as a security engineer the veteran (and boss) referred to it as training material to find security bugs. I found some, but who cares? Ain’t nobody gonna pay for them as “nobody” uses the software (keep in mind that we’re referring to millions of daily users rather than thousands per month)
Sorry for sheet! ❤️ Be safe and use a password manager
Just no (lemmy.ml)
What lesson that you didn't see when you were younger and now can see, you would teach to your younger self?
I’m in my 20’s and I consider myself a complete ignorant, in the sense that whenever I make a decision I always think “What would the future me do if I had more experience/knowledge?”...
With PieMixin (lemmy.world)
What communities, online or offline, have made you feel most like you've entered/found a parallel dimension in a positive way?
Excluding, say, here or the fediverse more broadly....
would you write web app with this? (lemmy.world)
The most secure OS named windows (lemmy.ml)
Edit: typo
Google now (lemmy.zip)
Hmm
why aren't r/piratedgames here? I thought they migrated to lemmy too
Not to start a war, but I think the place here is better for free discussion of games piracy. the lemmy community they site on their subreddit is literally dead, has just one or two posts. It would have been good if a rival community to r/piratedgames appears here on dbzer0 too, I mean r/piracy is still there, but this place is...
Society (lemmy.world)
UNPACKED - team of UNPACKERS who love to share releases unpacked. Join us! (zerobytes.monster)
Just letting you know of new site we are building....
C Compilers be like (lemmy.ml)
Used all of these three. I don’t want to even look at MS Visual C/C++ ecosystem.
Accurate. (lemmy.ml)
How it feels like (iusearchlinux.fyi)
The Spotify Car Thing cost $100, but I can't use it anymore. (lemmy.ml)
EDIT: The only reason why I still had it at this point was because I could use it with other apps. However, now that my Spotify Subscription is cancelled, it doesn’t work with anything. It’s mildly infuriating because today, I can’t still use it with other apps like I was able to yesterday....
incredible (lemmy.world)
Today we learnt... (feddit.de)
My holy trinity of trust (lemmy.ml)
The inner circle so to speak
pirating for parents that lack technical literacy?
Hello everynyan,...
For the last time, a memmy screenshot is not a meme (i.imgur.com)
What's the point of buying new phones every years?
Other than your carrier give it for free or cheap, I don’t really see the reason why should you buy new phone. I’ve been using Redmi Note 9 for past 3 years and recently got my had on Poco F5. I don’t see the point of my ‘upgrade’. I sold it and come back to my Note 9. Gaming? Most of them are p2w or microtransaction...
New template maybe? (lemmy.world)
Please use this template I made. It will give me great joy. Or don’t. Your call.