Author Topic: Exploits And Mitigation  (Read 31503 times)

0 Members and 1 Guest are viewing this topic.

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
MicroSLOTH Once Again Fucks Over Its Userbase.
« Reply #45 on: July 22, 2019, 06:51:23 PM »
Once again, M$ fucks over its user base. Win 7 is getting close to EOL, so they decided to slip in a backdoor disguised as a security update (for the 2nd time in as many years.)
They pulled the same shit with XP, pushing updates that hobbled the OS and made it run horribly slow - in order to force users to update.
Please understand this backdoor is stealing your usage habits and that that information is being sold to the highest bidder. Don't believe the WinBLOWS BullSHIT line that they want to better understand their customers in order to make a better product. This is outright theft and invasion of privacy - plain and simple.

https://www.computerworld.com/article/3408496/new-windows-7-security-only-update-installs-telemetrysnooping-uh-feature.html

Since this is the Exploits and Mitigation thread, you may want to check out the following.
WARNING ! ! !    I Have NOT Vetted The Software Mentioned.
Please use due dilligence.

https://www.getblackbird.net/

The documentation in the above link goes into detail abot what the .exe does. If I was still running a Doze box, I'd probably be using this software instead of trying to manually disable it myself, then again...  .
One more thing, the author is of the same bent that I am - LOL.    "Fuck Google"   Heh, heh, heh.   :D
It may be that your sole purpose in life, is to serve as a warning to others.   :o

KSM

  • Runneth Over
  • Ellevated
  • *********
  • Posts: 13179
  • I-I-I-I-I-I-I-I-I-I-I-I-I-I-I-I-I
    • Real Bad Radio
Re: Exploits And Mitigation
« Reply #46 on: July 23, 2019, 04:01:35 PM »
I just love you.

I still have an in the box desktop computer with XP Home or XP Pro, not sure. Think it's from 04 or 05. I can't imagine starting it up and plugging it in to the shitty new world.


Also, are you a kickboxer and a chess player?

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #47 on: July 26, 2019, 02:13:48 PM »
I just love you.

I still have an in the box desktop computer with XP Home or XP Pro, not sure. Think it's from 04 or 05. I can't imagine starting it up and plugging it in to the shitty new world.


Also, are you a kickboxer and a chess player?
LOL - Yes.   ;)
It may be that your sole purpose in life, is to serve as a warning to others.   :o

KSM

  • Runneth Over
  • Ellevated
  • *********
  • Posts: 13179
  • I-I-I-I-I-I-I-I-I-I-I-I-I-I-I-I-I
    • Real Bad Radio
Re: Exploits And Mitigation
« Reply #48 on: July 26, 2019, 07:15:17 PM »
Yes.

@Whistler

That is soooo HOT! (Roy Orbison sound from song - pretty Woman) -> Eerrrggggghhhh  mercyaaahhh


I'm a real hunk ;D

Join us again, for the Young.. & The Restless..

JayGab

  • KNYE
  • ****
  • Posts: 290
Re: Exploits And Mitigation
« Reply #49 on: July 26, 2019, 11:32:11 PM »
Actual N-Word
Not A Paid Actor

JUAN

  • Ellevated
  • ******
  • Posts: 8468
Re: Exploits And Mitigation
« Reply #50 on: August 05, 2019, 03:12:22 PM »
Dammit @Whistler I installed blackbird and it fucked up my computer seeing the network drive. I tried the fix from blackbird but it didn’t work. Then I had blackbird go back and reset everything to default and the computer still won’t open the drive. Windows troubleshooter can’t find the problem. A laptop that I did not install blackbird on still sees the drive, so the problem is with the changed computer. I should have known better.

If you’re thinking about installing this software, be careful.
Merry Christmas

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #51 on: August 28, 2019, 06:42:57 AM »
Dammit @Whistler I installed blackbird and it fucked up my computer seeing the network drive. I tried the fix from blackbird but it didn’t work. Then I had blackbird go back and reset everything to default and the computer still won’t open the drive. Windows troubleshooter can’t find the problem. A laptop that I did not install blackbird on still sees the drive, so the problem is with the changed computer. I should have known better.

If you’re thinking about installing this software, be careful.
@ juan, you goof-ball    ;)
You didn't RTFM, did you ?     :o

I hope you're not just fucking with me, with this post.

 
Quote
LAN / VPN / misc. network issues:
Blackbird disables 2 services, SSDP Discovery & UPnP Device Host, which are required to run Network Discovery on your PC

Read Me
Betcha didn't make a Bkp before messing w/ the system either ?   :(

If you don't understand what certain terms mean, please do look them up and what they entail instead of just going ahead with the proceedure and hoping everything will be okay.
It plainly states that network discovery will be disabled, using the industry standard  (different) terminology for network sharing.


Alright, let's get into S.O.P (Standard Operating Proceedure.)
These are things I take for granted becuase I assume (there's that word again  -  ASSUME: makes an ASS out of U and ME  ;)  ) that most people follow precautions when messing with their system. I have a tendency to forget that not everyone has my training, technical ability, (or paranoia, for that matter.)  ;)
I'm used to dealing w/ other SE's, programmers, and business personnel.

So here it is; anytime you decide to mess w/ your system, or use a software that does so, a backup of your important files should be made. This doesn't neccisarily mean the entire system - just the files that have changed since the last Bkp.
(I know it's obvious, but, save the backup off of the disk (external to the one) you will be working on.)
For instance; save off anything you have downloaded or saved to the system you are going to be working on. Ex: My Documents, My Videos, etc... plus any folders you have created for storage since the last time you did a Bkp - including the Desktop.

Here's the other thing, when installing a new Operating System, and getting everything tweaked the way you like it, and registered (WinDoze and other proprietary OSes,) do a complete Bkp so you have a pristine, reloadable / reinstallable OS if things really go South and fixing it is beyond your technical abilities, or just plain impossible.

If you're at a loss of what Bkp solution to use, there are 3 that I've used in the past that work well w/ Doze. Each has a particular strength depending upon your situation, but it is best to pick just one and get used to using it. That way you are familiar with its' capabilities and limitations.

Before backing up, it is always best to defragment w/ windows built-in defragging option, or a 3rd party app - BE CAREFULL WITH 3rd PARTY APPS.
I've always had good luck with UltraDefrag, but I haven't used any Defragmenting programs since Win 7. CAVEAT EMPTOR !

  Tips:
        1. NEVER, under any circumstances, interrupt a defrag operation - even if there is a
           pause button. Allot enough time to let it complete. (defragging will take hours
           if you haven't done it in a while; or ever.)
        2. Don't ever run on batteries while defragging - plug that bitch in.
        3. If it's your first time defragging, depending on the size of the drive,
           expect a minimum of hours, or days with a very large drive.
        4. Defrag as often as you want with an HDD, SSDs should be defragmented when the ssd
           is noticably lagging. Every write to an SSD decreases its life and the defrag
           operation rearranges the entire drive.

These are all freeware backup solutions, which are just fine for home users and small businesses.
I've used all of these at one time or another.
Listed in no particular order -

ReDo Backup:
Review

Easeus ToDo Backup
Allows for differential backups

Drive Image XML
Review
Allows you to browse the files on a stored backup, and also to hot Bkp (while the system is running.)


Here's another thing; if you have a fairly recent backup, you can give the bird to any ransomware that comes your way as long as you don't constantly leave your backup drive plugged into your running system. (Everyone should have a dedicated drive for backups that only gets plugged in when they are doing a Bkp and Are Offline !   ;)

You may also want to check out the Ultimate Boot CD.
This is a system utility disk.
Be Careful though. The programs on that disk are extremely powerful.
(That means you can really hose your system if you use them improperly, or in ignorance.)


I hope you can recover / fix your system.   :)


Now, I have a kernel to compile.
I'll catch you guys later.    ;)
It may be that your sole purpose in life, is to serve as a warning to others.   :o

JUAN

  • Ellevated
  • ******
  • Posts: 8468
Re: Exploits And Mitigation
« Reply #52 on: August 28, 2019, 11:09:15 AM »
@Whistler
Of course I made a full backup.
The software claims there is a fix to the network problem. It doesn't work.
At least this incident made me get off my ass and set up my otherwise unused Mac Mini as a proper server.
Merry Christmas

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #53 on: August 28, 2019, 11:14:22 AM »
@Whistler
Of course I made a full backup.
The software claims there is a fix to the network problem. It doesn't work.
At least this incident made me get off my ass and set up my otherwise unused Mac Mini as a proper server.
;)

visitors can't see pics , please register or login
It may be that your sole purpose in life, is to serve as a warning to others.   :o

Exile

  • Official EllGab Thought Leader and towel snapper
  • Ellevated
  • ******
  • Posts: 6282
  • Have a day!
Re: Exploits And Mitigation
« Reply #54 on: November 09, 2019, 05:02:12 PM »
Hi Whistler,

This is my situation. This laptop is a Lenovo B570. It's over 7 years old. The Lenovo website states it's not win10 compatible yet win10 has forced it's way onto this machine and at least in my opinion was the cause of a hard drive failure.

I purchased a new hd and reinstalled win7. So is ms going to try to force win 10 on it again and if so, what can I do to stop it. I'm nowhere savvy as you so if it's not a simple solution, it wont work for me.

This machine is only a net surfer. I dont use it for anything else.

How do I defend it against win10 intrusions?
Ask me about the legendary desert Bigfoot. A.K.A the Sandsquatch and his more elusive cousin, the Albino White Sands Dunefoot.

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #55 on: November 11, 2019, 12:06:18 AM »
Hi Whistler,

This is my situation. This laptop is a Lenovo B570. It's over 7 years old. The Lenovo website states it's not win10 compatible yet win10 has forced it's way onto this machine and at least in my opinion was the cause of a hard drive failure.

I purchased a new hd and reinstalled win7. So is ms going to try to force win 10 on it again and if so, what can I do to stop it. I'm nowhere savvy as you so if it's not a simple solution, it wont work for me.

This machine is only a net surfer. I dont use it for anything else.

How do I defend it against win10 intrusions?
Hello @Exile  :)
Yeah, if you didn't have at least 8 GB of free space on your drive, then I can say with high confidence, that Doze hosed it for you.  >:(
visitors can't see pics , please register or login
 
And...
  visitors can't see pics , please register or login

...even worse !

So, let's get rid of the Bullshit, shall we ?    ;)

There are a few different ways to go about this.
You can use Group Policy Objects, or Hack the Registry, to keep M$ from forcing their crapware on you.
You could totally turn off updates. (Not Recommended)
You could set your internet connection to ' Metered ' .  (This will keep 8GB of crap from downloading onto your system, but won't get rid of the nag.)
You could make Doze notify you of updates. (But then you have to research every one to see if it's the upgrade, and then make sure not to install it.)
Or, you could download and install some 3rd party software to do it for you (like GWX Control Panel  -  Not recommended,) that then resides on your system, doing gawd knows what.

Hand editing the registry is not a good idea if you've never done it before, and are not capable of extracting yourself from a mess, if you mistakenly delete, or mess up the key pair value.

Okay, so what does that leave us ?
Take a look at the following two links.
The 1st is link to a PE (Portable Executable) that integrity checks, and then changes 2 registry entries that will stop the M$ B$.
The second link goes into detail, in case you want to hack the Registry yourself. Plus it gives more info on the PE.
It's from a trusted company (important,) and the Reg Hax are reversible. (Lot's of details.)

https://www.grc.com/never10.htm    (Includes DL link.)

https://www.grc.com/never10/details.htm (What it does & why).

 I hope this helps.     ;)
It may be that your sole purpose in life, is to serve as a warning to others.   :o

StarrMountain

  • Hall Of Famer
  • Ellevated
  • ******
  • Posts: 5433
Re: Exploits And Mitigation
« Reply #56 on: November 11, 2019, 01:13:17 AM »
Whistler! ;D

I have 2 Window 7 Laptops.  One is working and one isn't.  Should I consider letting Windows install 10, or should I consider Linux?  Or do you have a better suggestion?

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #57 on: November 11, 2019, 03:27:49 AM »
Whistler! ;D

I have 2 Window 7 Laptops.  One is working and one isn't.  Should I consider letting Windows install 10, or should I consider Linux?  Or do you have a better suggestion?
You know how I despise Doze.  ;)   ;D
An ubiased answer  is: It depends on what you need to do with it, and how good your technical skills are..
If you use Skype, there is really no direct replacement in Linux, although you can try to run it in an emulator.
I'd say, stiay w/ 7 for as long as you can. (Turn off the update nag described in my previous post.)
BUT, test drive some Linux distros before Win 7 support runs out.
Also understand that Doze 10 is a data collection and privacy invasion platform of unprecedented proportion that is looking to switch to a yearly subscription paradigm. 
Personally, I said FUCK M$, years ago.    ;)

Now, Linux - if you want to try it - has many distros that come as a live version. This means you can burn them to disk (or a flash drive,) and boot from them, without changing anything on your existing setup.  :)
Live disks can also be used to boot a Doze system if the Doze bootloader gets hosed.
In fact, when I used to use Doze, I removed the loader so the only way to boot the system was with a live Linux disk  -  lol.
(I was around a lot of pranksters @ the time. (fellow programmers.)) heh, heh, heh.

Everyone recommends the major flavors of *nix for someone moving from Doze, but I never see Knoppix mentioned in those recommendations.
Knoppix has got to be the most user friendly *nix out there.  I'm not partial to the KDE desktop, but it's probably the easiest to use for new *nix users.
The hardware detection in Knoppix is second to none (always has been), and they were actually the first distro to create a live disk.   :)
A note about live disks: if running from a cd or dvd, they will always be slower than a flash drive, or an installed system.

The newest knoppix, is version 8.6.  The dvd is huge @ 4.5 GB,   + they ditched systemd  -  WOOT, WOOT !
The latest cd is from 2013, version 7.2 @ 717 MB.
Personally, I like version 5.1.
Oh, it also comes with excellent assistive software on the  ADRIANE version. The computer talks to you.    ;D
The DE in the filename from the download site deginates the iso is localized to the German language (where it was developed, and the EN is the English version.
The download mirrors make you jump through a bunch of hoops to get to the actual discs, so I'll direct link them  for anyone interested.
The    .iso   file is what you want (for whatever versiion you select.

The newer versions can be found here: ftp://mirrors.sonic.net/knoppix/

The older versions were a real bitch to find. Spoogle is definitely censoring the search results for some reason, and the censoring has been happening for a few years now. (I know why they do this, and just know, its not for your best interest.)
But, I know how to find things.  ;)        ;D   
http://mirror.cs.utah.edu/pub/knoppix/

                                                     Suck It, Google !
                                                                                      visitors can't see pics , please register or login


And here's the complete mirrors list.  http://knopper.net/knoppix-mirrors/index-en.html

For a write-up, explanation, and install instructions (with bug bypasses,) take a look here:  https://www.knopper.net/knoppix/knoppix860-en.html

If you're not technically inclined, but have a CD / DVD drive, DL a copy and burn it to disc, as that's the easiest way to use it. Just set your bios boot order for CD drive before hard disk, if it's not already set this way.    ;)
Then boot from the live disk you just burnt.

Note:  The   .md5, and   .asc     files are for verifying the integrity of your DLed  .iso file.
            if you use the DownThemAll addin for FireFox - it has the ability to verify MD5, SHA1, SHA256, etc, hashes, right in the
            downloader.        :)

If you do decide to take Knoppix for a spin, as with any *nix distro, don't forget to turn on your firewall before going online - it's in the main menu.  :)
(Live discs make distro-hopping fun and allow you to test drive a distro before installing it)
It may be that your sole purpose in life, is to serve as a warning to others.   :o

StarrMountain

  • Hall Of Famer
  • Ellevated
  • ******
  • Posts: 5433
Re: Exploits And Mitigation
« Reply #58 on: November 11, 2019, 03:47:26 AM »
You know how I despise Doze.  ;)   ;D
An ubiased answer  is: It depends on what you need to do with it, and how good your technical skills are..
If you use Skype, there is really no direct replacement in Linux, although you can try to run it in an emulator.
I'd say, stiay w/ 7 for as long as you can. (Turn off the update nag described in my previous post.)
BUT, test drive some Linux distros before Win 7 support runs out.
Also understand that Doze 10 is a data collection and privacy invasion platform of unprecedented proportion that is looking to switch to a yearly subscription paradigm. 
Personally, I said FUCK M$, years ago.    ;)

Now, Linux - if you want to try it - has many distros that come as a live version. This means you can burn them to disk (or a flash drive,) and boot from them, without changing anything on your existing setup.  :)
Live disks can also be used to boot a Doze system if the Doze bootloader gets hosed.
In fact, when I used to use Doze, I removed the loader so the only way to boot the system was with a live Linux disk  -  lol.
(I was around a lot of pranksters @ the time. (fellow programmers.)) heh, heh, heh.

Everyone recommends the major flavors of *nix for someone moving from Doze, but I never see Knoppix mentioned in those recommendations.
Knoppix has got to be the most user friendly *nix out there.  I'm not partial to the KDE desktop, but it's probably the easiest to use for new *nix users.
The hardware detection in Knoppix is second to none (always has been), and they were actually the first distro to create a live disk.   :)
A note about live disks: if running from a cd or dvd, they will always be slower than a flash drive, or an installed system.

The newest knoppix, is version 8.6.  The dvd is huge @ 4.5 GB,   + they ditched systemd  -  WOOT, WOOT !
The latest cd is from 2013, version 7.2 @ 717 MB.
Personally, I like version 5.1.
Oh, it also comes with excellent assistive software on the  ADRIANE version. The computer talks to you.    ;D
The DE in the filename from the download site deginates the iso is localized to the German language (where it was developed, and the EN is the English version.
The download mirrors make you jump through a bunch of hoops to get to the actual discs, so I'll direct link them  for anyone interested.
The    .iso   file is what you want (for whatever versiion you select.

The newer versions can be found here: ftp://mirrors.sonic.net/knoppix/

The older versions were a real bitch to find. Spoogle is definitely censoring the search results for some reason, and the censoring has been happening for a few years now. (I know why they do this, and just know, its not for your best interest.)
But, I know how to find things.  ;)        ;D   
http://mirror.cs.utah.edu/pub/knoppix/

                                                     Suck It, Google !
                                                                                      visitors can't see pics , please register or login


And here's the complete mirrors list.  http://knopper.net/knoppix-mirrors/index-en.html

For a write-up, explanation, and install instructions (with bug bypasses,) take a look here:  https://www.knopper.net/knoppix/knoppix860-en.html

If you're not technically inclined, but have a CD / DVD drive, DL a copy and burn it to disc, as that's the easiest way to use it. Just set your bios boot order for CD drive before hard disk, if it's not already set this way.    ;)
Then boot from the live disk you just burnt.

Note:  The   .md5, and   .asc     files are for verifying the integrity of your DLed  .iso file.
            if you use the DownThemAll addin for FireFox - it has the ability to verify MD5, SHA1, SHA256, etc, hashes, right in the
            downloader.        :)

If you do decide to take Knoppix for a spin, as with any *nix distro, don't forget to turn on your firewall before going online - it's in the main menu.  :)
(Live discs make distro-hopping fun and allow you to test drive a distro before installing it)

Thank you kindly, Whistler.  I'll certainly take that into consideration. ;) :-*

Whistler

  • Drone Pilot
  • *****
  • Posts: 593
  • We call ourselves the Nightstalkers...
Re: Exploits And Mitigation
« Reply #59 on: November 11, 2019, 04:39:55 AM »
Why does the text parser on this site always delete my closing parens ?  :P
It may be that your sole purpose in life, is to serve as a warning to others.   :o