The guy that programed temple os was bat shit crazy, not a good role model, you can believe in whatever religion you want but I'm good without a bible thumping system developed by someone with schizophrenia. I run Arch BTW.
man, if only malware was as cool & good looking as corona-chan. then i wouldn't have to worry about getting anything malicious whet downloading my retro game ISOs & game cracks.
Hey dude I'm a fan of your videos :) Your reverse shell explaination is worded slightly wrong. A reverse shell does spawn a shell on the compromised computer. In Linux the process is along the lines of: 1) Create socket on victim comp via socket syscall 2) Connect back to attackers computer which is listening for a connection via connect syscall 3) Make STDIN, STDOUT, STDERR for process on victim computers go to socket created in step 1 via dup2 syscall 4) Spawn a shell on victim computer via execve syscall. STDIN, STDOUT, STDERR for the spawned shell on victim computer will now go through the socket and appear on the listening client on the attackers computer. Input to the listening client will be sent back to the shell on the victim computer. A bind shell is slightly different in that the victim computer does not connect back to attacker computer. Instead it opens up a listening port on the victim computer.... The attacker then connects to the listening port on the victim computer. In both cases however, the shell is running on the victims computer. One of advantages of a reverse shell over s bind shell is it's easier to get past a firewall by connecting out to a commonly allowed outbound port, e.g port 80 or 443.
I was typing in my onedrive on microsoft word today and my entire computer froze up once I started writing fiction about imaginary mind control weapons. I couldn't type a single letter after that for at least 5 mins. The only thing that happened was the screen would go to a word that said "VISION" and block everything else out. Then I checked my computer memory and I magically regained like 27 gb of unaccounted for memory.
Password managers are stupid, just make text file(s) with your passwords in them, change them a bit, maybe apply some basic encryption like Playfair, add extra letters, etc. Encrypt the text file with gpg or smth, and then put them on an encrypted USB flash drive.
@@ContraIsBased They track your activity mostly. Have you ever seen the "Be the first one of your friends to like this page" on alot of websites? They actually report back to Facebook that you've visited that page (yep, every single page with that embed this), and they can tailor ads suited to what you just visited. For example, maybe you just visited a blog about parenting your new-born baby or something, then you might suddenly see ads for baby products. Google does about the same, but in a different way. Almost every site has Google ads, and they also get to know what sites you visit. This might not seem like a big deal, but you probably visit hundreds or even thousands of webpages everyday. With all those data, these companies can build a shockingly accurate and scary profile of you. God forbid you have logged into a Google account in your browser, they can track literally every single website you visit regardless of the presence of any ads or trackers.
Can't get malware on my old PC that keeps crashing, One time I actually got ransomware but It crashed before it could encrypt my files. And as I said, It was my OLD PC
Do you need to execute/open a malware file for it to run? Can you get malware from *only* having the file in your hard drive? Can you get malware from visiting a website and not downloading or running any files?
Yes you can get malware from just visiting a website. Infact it can even be able to get credit card info. Look up drive by downloading and ip logging links. Anyone can get your ip just by you clicking on a link. your ip is connected to many things such as your house address, email, and other stuff. when you visit a website in the traffic will be your ip address. ip addresses are basically just your computer's signature.
@@wyattlynch1614 having someone's ip is pretty useless. Drive by downloads are real though but you didn't answer if they can run without you executing them.
Has someone been a victim of ransomware on a Unix-like system? Info I found said WannaCry needed WINE, something probably not on most servers? Outside of intentionally setting up a guest virtual machine to run WannaCry on a customly-setup environment for that purpose.
WannaCry only works on wine if you have a drive pointing to your home directory. If you don't have any wine drive pointing to your home directory there's nothing to worry about.
Ransomware doesn't necessarily need to be compiled. If you want to target unix systems your best bet is to use some wide used scripting language with only preinstalled modules by most unix systems, and even use gpg on host target if you can't encrypt using your script...
My man .. what portion of this channel's audience of crypto-neckbeards running obscure linux distributions do you reckon has "nudes of the end-user that are saved to their desktop"?
unplugging your computer when ransomware pops up may not be a good idea. The GUI window isn't spawned until the application requests a window object from the API. There is nothing stopping a ransomware from encrypting all of your files and then spawning the GUI window to tell you your files are encrypted. Why would it play its hand early? You might think that you should unplug your computer just in case the designer of the ransomware was dumb and played their hand early, but what if doing so bricks your PC? You don't know that it _doesn't_ encrypt your OS files. If the ransomware uses a rootkit, there is absolutely nothing to stop it from bypassing the locks Windows places on "in use" files and just encrypting your boot sector and kernel. That would take, what, 5 seconds? If you shut off your computer in that case, your computer's gone. Plus, once your hard drive is infected, where are you gonna plug it in to recover your files? Are you sure that's a good idea considering the malware is _on_ that hard drive? That's what I would do if I designed a ransomware: infect the hard drive, infect the MBR, make the autorun infect any computer the hard drive is plugged into (the whole reason it's considered dangerous to plug in a rogue thumbdrive), use a rootkit, run all the encryption, encrypt the kernel, encrypt the MBR, then throw up the window saying the files are already encrypted and that shutting down will brick your computer, but also write another dialogue box for the rootkit to run if they shut down the computer and start it back up with a bricked Windows. Shutting down and restarting takes you back to the malware screen. Plugging the hard drive into another computer will most likely infect it etc etc. My point is I would cover every scenario I could think of. So real malware would probably be much worse.
My only experience with ransomware was once, using Windows 7, I disabled the antivirus thinking it was a false positive alert, I was quite wrong. Several programs were installed, and I managed to activate the antivirus and turn off the internet, which seems to have stopped the ransomware, soon after I discovered that some files had been encrypted, nothing very important, but I found a printscreen of my desktop, and a complete dump of all the information that was in Google Chrome. I removed the virus but the system was no longer the same, Chrome always insisted as "managed by your organization", so I formatted the hd.
