George Noseevich

Hey @h2hconference, on your CFP page you have 2 deadlines - Oct 1 for proposals and Oct 17 for slides. Does that mean that you expect both proposals and slides before you make the decision about acceptance? Or only those who've received an acceptance note need to submit slides?

Thing I learned today: Decrypting arbitrary TLS sessions on Windows (for code utilizing schannel): #11-what-is-schannel" target="_blank" rel="nofollow noopener">b.poc.fun/decrypting-sch… Great explanation, and very easy to use code, by @webpentest

@alterm4nn @alexx_mikh @annita_oreo @andrey_sitnik Понятно что почти всегда можно извернуться (обычно с потерей и в деньгах и во времени и в удобстве). Алсо, возвращаясь к исходной постановке вопроса - где ты щас валютный кэш найдешь?)

@alterm4nn @alexx_mikh @annita_oreo @andrey_sitnik Далеко не везде можно заплатить кешем есличо) Попробуй арендовать в европе машину за кеш, в большинстве мест это просто невозможно.

@SVSoldatov @rostov_prizrak Не трудитесь, знаю я такие "объяснения". Нацисты, кстати, уже пытались такое объяснять, только мир им в конце концов объяснил другое.

@webpentest @rostov_prizrak Не путайте эволюцию и деградацию. Критерий очень прост: все, что ведёт к исчезновению Человечества - деградация, а то что к преувеличению и процветанию - эволюция, принципы которой вошли в этику, мораль, заповеди. Надо объяснять, что мужеложство ведёт к исчезновению Человечества?

@SVSoldatov @rostov_prizrak "Сегодня ты играешь джаз, а завтра родину продашь". Ксенофобия гораздо ближе к насилию, чем нестандартные сексуальные предпочтения.

@rostov_prizrak Да, от мужеложства до насилия над детьми - один шаг

@Minions87705924 This might be because in win10 it is an experimental unsupported feature that you have to manually enable.

@webpentest Yes, you are right.  But I see  #tls-protocol-version-support" target="_blank" rel="nofollow noopener">docs.microsoft.com/en-us/windows/…  This link is shown in the win11 official support, so more confused

Some time ago I had a task where I needed to extract TLS session keys from win apps that use schannel (i.e. mstsc). Did some reversing and ended up creating a frida script that hooks key creation in lsass. Feedback welcome! b.poc.fun/sslkeylog-for-…

@Minions87705924 Hi! Win10 also supports TLS1.3 starting from 1909. See #transport-layer-security-tls" target="_blank" rel="nofollow noopener">docs.microsoft.com/en-us/windows/…. Not sure about server versions though.

@webpentest Hi, I read your article on "Decrypting Schannel TLS", I found that the part that wants to test Windows TLS1.3 can only be turned on on Windows 11 or Windows Server 2022?  Is that so?

@SVSoldatov "дальше - раскрутит" - если повезет =D По факту далеко не все и далеко не всегда "раскручивают". А еще можно специально шуметь не там, где реальная движуха, тогда пока будут "раскручивать" не с того конца, все уже закончится)

Нас пугают, что атакующему для взлома достаточно успеха однажды, а защитнику надо быть успешным всегда Но на практике по-другому: атакующему надо оставаться незаметным на всех этапах атаки, а защитнику достаточно его обнаружить однажды на любом этапе, а дальше - раскрутит!

@c3c Awesome work, considering there are no docs for AD Explorer snapshots!

Just published an AD Explorer snapshot ingestor for #BloodHound: github.com/c3c/ADExplorer…

@exploitph @_nwodtuhs I have to say, for the work I do most of the time, your research is more important. As definitely more fun to repro and study! That said, the lifespan of the bug will be limited for most orgs due to updates, and log4j vuln in internal nets is likely to stay literally forever.

@_nwodtuhs log4j vuln had to happen at the same time I released my research :'-(

sAMAccountName spoofing (CVE-2021-42278, CVE-2021-42287) be like #log4j

@a66ot @InfoSecDJ @Hacker0x01 @Bugcrowd I'm perfectly aware of that, but ppl from MC were like: google your name name => see the org name => nah fuck it we have a reason to not communicate and not lose face. So I understand their though process, but this doesn't make their decisions any less dumb

@webpentest @InfoSecDJ @Hacker0x01 @Bugcrowd 1. I act as an individual. 2. I don't work for sanctioned company. My contract is in even different country.

step 1. I Approached MasterCard using any possible channels to show them vulnerabilities in their tokenization services Step 2. MC had fixed these issues silently without informing me. Step 3. I decided to stretch myself and used @Bugcrowd to deliver my findings to MC

@a66ot @InfoSecDJ @Hacker0x01 @Bugcrowd Have any business with sanctioned ppl or orgs = suffer penalties and fines from govt, and also bad PR among potential clients. That is how sanctions are designed to work - 1% is legally prohibited from having business, other 99% just fear and don't want to bother.

@InfoSecDJ @Hacker0x01 @Bugcrowd Oh shit. Don't tell me that unicorns also don't exist 😂😂😂 But ok, practically, how the ban of bug submissions "due to sanctions" make any business more profitable?

Thanks @hackerdom, @HITBSecConf , @disruptad, @crowdfense, and all competitors for another great AD CTF!

@a66ot @stamparm Why choose one if you can do both and deprive sleep even further? =D

After a conversation with @stamparm about passion and CTF and what drives whom, not being the biggest fan of CTFs I found a lot of similarities and key differences with my own passion - security research:

@a66ot Sincerely though, how do people use an 0day in an engagement without disclosing? What will go in the report as an entry vector? Or are 'private pentesters' just another name for criminals? So many questions.

habr.com/ru/company/pt/… First comment made me think that using 0days amongst pentesters without disclosing them is not SO RARE.

Thanks to @hackerdom and all participating teams for #ructf! It has been fun, as always.

@editortargett Wtf, strange. Anyway, I've sent a message to your email

@webpentest That's bouncing. I'm on ed at thestack dot technology...

@webpentest Hi George. I'd like to talk to you about '22005. Possible to pop me a DM please?

@daunce_ Thanks)

@webpentest you’ve been busy. Nice work! vmware.com/security/advis…