Toots for freddy@security.plumbing account

Written by Frederik Braun � on 2025-01-19 at 11:05

Let's say I forgot my disk encryption key (linux, luks, cryptsetup) and have a vague idea with a couple of permutations.

What is the live system I should boot to go through the candidates?

Bonus points if it supports some sort of expression syntax such that it can build the permutations by itself.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-19 at 09:50

https://www.tagesspiegel.de/politik/studie-von-wirtschaftsforschern-plane-von-fdp-union-und-afd-entlasten-offenbar-vor-allem-hohere-einkommen-13042582.html

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-17 at 16:24

"This won’t opt you out of the announced price increase, but at least the invasive UI clutter and questionable results are disabled." 😭😭😭

From: @janl

https://narrativ.es/@janl/113844601507403292

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-15 at 09:33

I am on Linux (or macOS), so I can't easily make use of whatever OLE stuff is in the windows library, but I suppose I could get somewhere close with the python struct package.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-15 at 09:32

I see wide-strings (UTF-16?), then a couple of unknown words and then a lot of integers with just one byte set, confirming that this is likely a series of sensor values stored as int. Nice.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-15 at 09:31

Ah. Looks like I found this is directly serializing classes / types from the piece of software to disk. A bit hard to guess the struct from just the file, but not impossible.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-15 at 09:27

Forensic question as a windows-noob. I am trying to look into an OLE2 "Compound File Binary Format" file. It seems to contain multiple streams that I can enumerate with e.g., https://github.com/microsoft/compoundfilereader but the actual data are so-called "steams" containing raw hex bytes. What exactly is a stream? Doesn't look like a file? Are there deeper decodings I should pursue? Is there a list of known serializations for e.g., arrays? I think the database contains sensor data.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-13 at 08:22

This is your reminder that the HTML specification features the picture of a kitchen sink.

=> View attached media

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-10 at 08:17

Reminder to consider your research papers for the MADWeb workshop.

The submission deadline was extended until Tuesday January 14, 2025 Anywhere-on-earth (AOE) due to the clash with other submission deadlines.

We welcome full-papapers (10 pages) or work-in-progress (6p) on web security research, novel mechanisms, secure app development and more. See https://madweb.work/ for more.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-03 at 07:45

To all Hacker Spaces in Berlin. I have a decommissioned server to give away. So far, I have been unable to find a beneficiary.

• Who wants this server?*

HP ProLiant DL360 Gen9 - 2 CPU E5-2697 v3 @ 2.60GHz, 128 GB DDR4, 2x 900GB SAS.

Pick-up in Berlin Kreuzberg.

(Edit: please stop boosting :))

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-01 at 16:05

https://www.youtube.com/watch?v=sU9dNl1u7xM

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2025-01-01 at 10:10

Happy new year to you all :)

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-30 at 10:24

Ah. Wie ich sehe ist heute Koffer-Congress #38c3

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-27 at 21:42

Oh, I should mention I am at #38C3 👋

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-23 at 16:21

Where online do I find Meshtastic enthusiasts in Berlin? (Boosts welcome)

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-21 at 08:28

I think the kids woke up and are "secretly" playing computer games.

"Secretly" as in "pew pew pew, pling pling doing doing doing bang pew pew pew diddelydiddely pew pew bang"

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-20 at 10:25

What makes the web magic... (from https://htmhell.dev/adventcalendar/2024/20/ 😁 Thank you @vale and @matuzo!)

=> View attached media

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-20 at 08:15

I have discount codes for annuals plans of Mozilla VPN, Firefox Relay Premium Email Masking and Monitor Plus (US only).

Message me in private. Happy to hook you up, if we know each other :)

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-18 at 08:16

Does "not fucking up parsing by actually reading and understanding the underlying language" already count as #langsec work? Asking for a friend.

=> More informations about this toot | View the thread

Written by Frederik Braun � on 2024-12-18 at 08:03

Hey y'all,

the https://madweb.work/ Program Committee was just announced (featuring yours truly).

Please remember to submit your papers about web security by January 9th 2025. We are interested in research at the junction of web & browser security. More on the website :)

=> More informations about this toot | View the thread

=> This profile with reblog | Go to freddy@security.plumbing account