Fun
T-Shirt Shell Competition
For our internal hackathon, we wanted to produce some shirts. We ran a competition to see who could produce a reverse shell invocation most worthy of inclusion on a shirt. Here are the submissions, which may be instructive or useful. But first; the winning t-shirt design goes to Vlad (-islav, baby don’t hurt me, don’t hurt me, no more):
Funny story; the printer left out the decimal points between the IP, so we had to use a permanent marker to put them back. Oh, also, many of these were originally taken from somewhere else then modified, we don’t claim the full idea as our own. Anyway, onto the shells!
CANSA Shavathon 2010
This past Thursday we received notice that Boogterman & Partners would be a host company for the CANSA Shavathon 2010 taking place on Friday, 05/03/2010. So when I send out an email to everyone at SensePost, little did I know at the time what a huge thing this would turn into. However I really shouldn’t be surprised as this is a typical show of how “We Roll”!
I was challenged (as the only girl in the office) to shave my head for CANSA. Well what can I say, the guys really wanted to see me do this because the enthusiasm was amazing! However more importantly we raised R3000.00 for this worthy cause and I was also able to donate my hair (as it met the length criteria) to make a wig and a R100 also goes to CANSA when they sell it. CANSA Shavathon’s goal was to raise R10 million and it would seem they have raised over R19 million so far which is brilliant! Showing how supportive South Africans are in general to this worthy cause which makes me proud to be South African!
Twitter killed the (infosec) Blogging Star ?
Like it, hate it or just plain struggling to understand it, Twitter has made a huge impact across a wide range of fields. We use it fairly heavily internally for simulated water-cooler chatter and quick link-exchange. (like any piece of sp-geek-over-engineering we also have a tweet-bot to convert tweets to emails, and convert blog notifications to tweets). It’s pretty clear though, that once we started tweeting internally, people started blogging less. There’s something liberating about saying “here’s a link”, as opposed to taking the time to formulate your thoughts into a full blown posting.
Spammers need love too..
-snip-
From: Haroon Meer <haroon@sensepost.com>
To: Marc Schneider <marcs@mplw.net>
Subject: Re: http://www.sensepost.com – Contact needed
Hi Dr Schneider.
* Marc Schneider [marcs@mplw.net] seemed to say:
>I am Dr. Marc Schneider and I work for Multilingual Search Engine
>Optimization Inc. in Washington DC ( Tel: 1 202-250-3645) – I would
>like to speak with the person in charge of your international
>clientele. Who is my contact? Who should I speak to??
>
>In fact, after visiting http://www.sensepost.com , I have noticed that your
>website
>cannot be found on foreign search engines (I tested it on Hispanic
>search engines, German search engines, Asian search engines, etc.) Our
>company is specialized in multilingual search engine promotions in 28
>languages . From the Japanese Google to the German Yahoo, from the AOL
>in Spanish to the MSN in Chinese, we can show you how to develop a
>true international online presence by promoting your website on
>foreign search engines.
About:SnowLeopard
Sure it only cost $29, but when you consider the number of people bowing down and thanking our Cupertino overlords you have to consider the following:
If the Emperor was given his new clothes today, #emperors_clothes would be trending on twitter (with ppl thanking the tailors for reduced closet space requirements)
/mh
Chris Eng 1 – 0 Verizon DBIR Cover
Chris Eng over [at the Veracode blog] documents how he approached, and decoded the info behind the [2009 Verizon Data Breach Investigations Report ]
Its an interesting read, and although in the end it turned out to be just a [Vigenère cipher] and fell to (effectively) a [known plaintext attack], its def. worth the few minutes it will take to read..
#include fakeNewsStory.h
what? on April 1st???? Never!
Hello World (With an LED)
Way back when i was a sysadmin, i recall reading a quote from one of the ATT greybeards who said something to the effect of “every competent sysadmin should be able to build his own network card”.
Of course most of us have spent tons of time ripping apart electronics and “watching what happens when you connect X and Y”, but unlike the electronic engineers with their oh-so-cool multi-meters ive never actually done any plc programming..
Only an idiot will install a beta os on his primary phone..
and i am that idiot…
Developers signed up with Apples Dev Program get to take iPhoneOS3.0 out for a spin, so that the app store can have ver3 apps when the new OS launches.. A quick download (as quick as it gets in South Africa), a prayer (or 10) during install:
and now i too have a phone that can handle cut n paste! (tho admittedly it feels surprisingly fiddly to me at this point).
Joe Grand (Kingpin) gets famouser!
This is probably really old news (to some), but was in the company of sattelite TV this weekend and saw that Joe Grand now has a TV Slot all of his own. “Prototype This” looks like it will be awesome..
I spent the rest of the day trying hard to catch the adverts at just the right time to get a pic of Joe, while excitedly saying “i cant believe joe is on TV” to deels to try to convince her that it was a better alternative than going out..