Aggregator

This post is part of a series about machine learning and artificial intelligence. Click on the blog tag “huskyai” to see related posts. Overview: How Husky AI was built, threat modeled and operationalized Attacks: Some of the attacks I want to investigate, learn about, and try out I wanted to explore the “Adversarial Robustness Toolbox” (ART) for a while to understand how it can be used to create adversarial examples for Husky AI.

Get Around the Cybersecurity Skills Gap by Nurturing Cyberdefenders Within Your Own Organization

本报告部分引自Week in OSINT栏目，每周推荐好玩实用的工具，站点，技巧，文章等，适用于任何领域的研究人员，分析测试人员。

Avoiding common problems when moving to the cloud.

For GrayHat 2020 I was asked to create a short intro video for my Red Team Village talk “Learning by doing: Building and breaking a machine learning system”. So I put my green screen to good use and recorded this short clip for Red Team Village. Here is the link to the clip on Twitter: Hope you like it. :) The talk will be October, 31st 2020. Schedule: http://redteamvillage.io/schedule

好朋友安全客2020年度第3季季刊发布，快来阅读

在使用脱壳机对Android App脱壳的时候，我们常常会得到有nop指令填充的函数的dex，nop是No Operation的缩写，意为无操作。

在刚刚结束的N1CTF中, 我出了一道很简短的域渗透题目, 其中第三关个人感觉比较有意思, 单独抽出来分享一下.

As the go-to enterprise distributed denial-of-service (DDoS) mitigation experts, our phones have been "ringing off the hook" since the release of the global extortion DDoS campaign sequel. This latest installment of the cybersecurity saga is bigger, badder, and features a broader cast of criminal characters than seen previously with last year's extortion-related activity.

There is a lot of discussion around terms such as red team, attack team, pentest, adversarial engineering or offensive security team and similar ones. I typically stay away from the (sometimes passionate) discussions that ensue whenever this topic comes up. Personally, I think a good strategy is to define programs and teams who operate in this space by what services the team (or teams) provide(s) to the organization. The business groups, blue team, developers, engineers, employees and clients are the customers.

If the title sounds like a trick question, it really depends on who you ask. Semantically, it seems clear that if you take the "edge" and combine it with "computing" you get edge computing. But if you have been reading headlines, you would be justified in having doubts that the answer is that simple.

K4YT3X https://k4yt3x.com/vmware-workstation-%E9%80%9A%E8%BF%87-dhcp-%E5%88%86%E9%85%8D%E9%9D%99%E6%80%81-ip/ -

当您在 VMware 中安装了多台虚拟机，虚拟机的 IP 地址配置将会成为一个问题：进入每台虚拟机手动配置地址将会过于繁琐，而 VMware 自带的 DHCP 服务器的行为又无法在 GUI 中控制。

很多人可能不知道其实 VMware 自带的 DHCP 服务器就是随处可见的 ISC DHCP 服务器（dhcpd）。每个 VMware 接口都有一份 dhcpd 配置，并且用户可以像配置普通 dhcpd 一样编写这些配置来自定义 dhcpd 的行为。在此篇教程中我将记述如何通过更改该 VMware 的 DHCP 配置文件来手动分配访客网卡的 IP 地址。

VMware DHCP 配置文件

VMware 的配置文件可在系统的以下位置找到：

• Linux: /etc/vmware/{接口名称}/dhcpd/dhcpd.conf
• Windows: C:\ProgramData\VMware\vmnetdhcp.conf

例如，在我的 Linux 系统上，NAT 接口（vmnet8) 的 DHCP 文件就在 /etc/vmware/vmnet8/dhcpd/dhcpd.conf。该文件出厂大致内容如下：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 # 略：一些注释 ###### VMNET DHCP Configuration. Start of "DO NOT MODIFY SECTION" ##### # 略：一些注释 # Written at: 10/17/2020 02:13:22 allow unknown-clients; default-lease-time 1800; # default is 30 minutes max-lease-time 7200; # default is 2 hours subnet 172.31.0.0 netmask 255.255.0.0 { range 172.31.128.0 172.31.255.254; option broadcast-address 172.31.255.255; option domain-name-servers 172.31.0.2; option domain-name localdomain; default-lease-time 1800; # default is 30 minutes max-lease-time 7200; # default is 2 hours option netbios-name-servers 172.31.0.2; option routers 172.31.0.2; } host vmnet8 { hardware ethernet 00:50:56:C0:00:08; fixed-address 172.31.0.1; option domain-name-servers 0.0.0.0; option domain-name ""; option routers 0.0.0.0; } ####### VMNET DHCP Configuration. End of "DO NOT MODIFY SECTION" #######

现在如果我们想将一台 CentOS MAC 地址为（00:0C:29:BA:D4:48）的网卡绑定到 IP 地址 172.31.1.3，则只需要在该配置文件最后一行备注以下添加以下内容即可：

1 2 3 4 5 6 ####### VMNET DHCP Configuration. End of "DO NOT MODIFY SECTION" ####### host centos { hardware ethernet 00:0C:29:BA:D4:48; fixed-address 172.31.1.3; }

重启 vmware 服务（e.g., systemctl restart vmware）或者重启宿主之后该配置便会生效。当我们再次启动 CentOS 并用 DHCP 获取地址，就会发现 IP 地址已经和 DHCP 配置里写入的地址一致了。

CentOS 中自动获取的 IP 地址已遵照新配置文件中的规则

请注意在升级 VMware Workstation 之前备份 dhcpd.conf 文件，VMware Workstation 升级时可能会删除旧的 dhcpd.conf。

参考资料

• https://docs.vmware.com/en/VMware-Workstation-Pro/15.0/com.vmware.ws.using.doc/GUID-04D783E1-3AB9-4D98-9891-2C58215905CC.html
• https://communities.vmware.com/message/1888335#1888335

- https://k4yt3x.com/vmware-workstation-%E9%80%9A%E8%BF%87-dhcp-%E5%88%86%E9%85%8D%E9%9D%99%E6%80%81-ip/ - 2019-2024 K4YT3X. All rights reserved.

Golang安全检查引擎Go语言近几年开始越来越流行，凭借其强大的性能和跨平台的优势，对web和后台开发都是

In terms of the Distributed Denial of Service (DDoS) landscape, 2020 was almost boring prior to the beginning of August. The excitement from the record peak Gbps and Mpps seen in early summer had worn off, and we weren't seeing...

Ransomware now includes data leakage, stealth, attack delay, anti-security, and ransomware as a service. CI Security’s John-Luke Peck shares his thoughts.

碎碎念不是重点，重点是：招人！招人！招人！

Edge computing is the next natural paradigm shift in IT, bringing a new wave of decentralization. Over the past decade, IT has embraced two seemingly juxtaposed trends: the consolidation of infrastructure and data in private, public, or hybrid clouds, and the growing distribution and diversity of devices that access them. How can these trends continue to coexist? The answer is at the edge.

该系列文章将通过逆向的方式分析Tesla远程api，并自己编写代码实现远程控制Tesla汽车。

0x00 简介

Tesla自身的app具备控车的一些功能，如解锁、温度控制、充电、行车轨迹、召唤功能等。那么可能有朋友要问了，分析app自己实现的意义是什么呢？为什么不用官方提供的app呢？而且Github也有大量开源项目。

最开始我也有同样的疑问，但是，当我去尝试了解后，发现分析api，自己可以拓展多种玩法：

1. 挖掘潜在的隐藏功能。在漏洞挖掘过程中，总会有一些未在界面显示，被开发者隐藏起来的一些功能。这些功能一旦被我们发现，对漏洞挖掘或者实现额外的功能都有帮助。

2. 实现批量控车功能。官方的APP同时只能控制一台汽车，无法控制多台。我们熟悉API后，我们则可以实现批量控制汽车，实现速度与激情中的控车场景，这想想都觉得很酷；

3. 熟悉Tesla业务流程，可以深入去挖掘漏洞；

4. 尽管目前网络上有很多Tesla的API代码或库，但是其他的车还没有。我们以Tesla为典型例子，可以将其思路和方法拓展到其他同类的汽车厂商中；

5. 个性化定制，通过API可以按照自己习惯定制流程，控制更加灵活。还可以拓展功能，如雨天自动关闭天窗，根据情况自动制热/冷却等。甚至可以做成一个商业产品；

6. 通过api调用，配合代理跳板实现隐藏自身，同时不会暴漏自己的imei、设备等，减少APP信息收集导致的隐私泄漏。

7. 记录下所有关于车的数据，进行数据分析。