Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Replying to @hennovanarkel
Wow, OK, make that four valid solutions!
1
6
Replying to @crash0ver1d3
The third solution is in the thread
1
Replying to @jgasmussen
Yep yep
Replying to @carloslacasa
Interestingly, that was the last of the three solutions that I saw.
Move one rod to make this a true mathematical equation. I know of three valid answers.
13
2
1
18
Replying to @GossiTheDog @jimshew
However the initial connection with -N and port forwarding does log your source IP server side. The sudo command is logged. It’s not like you’re invisible. And if you were planning on deleting the logs anyway, then you are just wasting time (and are vulnerable to remote logging).
Hal Pomeranz retweeted
James Forshaw @tiraniddo
21 Oct 2021
"Can you still relay authentication in a Windows domain if NTLM is disabled?", I asked myself. "Perhaps I should research that" I said. Here's a blog post about what I found out. googleprojectzero.blogspot.c…
12
431
21
950
Hal Pomeranz retweeted
Command Line Magic @climagic
20 Oct 2021
I like to put sine waves in my log files because that's how I roll. 😎 awk -v cols=$(tput cols) '{c=int(sin(NR/10)*(cols/6)+(cols/6))+1;print(substr($0,1,c-1) "\x1b[41m" substr($0,c,1) "\x1b[0m" substr($0,c+1,length($0)-c+2))}' access_log | less -SR
25
258
29
1,378
Can someone explain why you'd vote against: * Automatic voter registration * making Election Day a public holiday * 15+ days of early voting for federal elections
9
4
2
49
Hal Pomeranz retweeted
doctor acula @Beardynoise
19 Oct 2021
Mistakes were made
308
18,961
536
94,131
0
Hal Pomeranz retweeted
Aleph Research @alephsecurity
20 Oct 2021
As per the Linux embargo policy, a potential LPE Linux kernel vulnerability @Gr33nh4t discovered was made public today, 14 days after disclosure. Here are the details. alephsecurity.com/2021/10/20…

SuDump: Exploiting suid binaries through the kernel

SuDump: Exploiting suid binaries through the kernel

alephsecurity.com
5
108
3
183
Replying to @hacks4pancakes
“It’s not having what you want. It’s wanting what you have.”
5
Hal Pomeranz retweeted
Andrew Case @attrc
15 Oct 2021
We are often asked how @volatility plugins get developed & what the R&D steps looks like. In our new blog post, we thoroughly document this process against a potent malware technique - the Skeleton Key attack of Mimikatz - and develop a brand new @volatility 3 plugin to detect it
volatility @volatility
15 Oct 2021
In the latest @volatility blog post, Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack, we walk through the #memoryforensics R&D process and develop a new #Volatility3 plugin to automatically analyze for abuse. volatility-labs.blogspot.com… #dfir 1/2
40
2
100
A good number!!!! Can you help us get to 11,337? ilfmain.funraise.org/fundrai…
4
6
Replying to @MalwareJake
Touché
Replying to @MalwareJake
Not sure, but I’m thinking about getting the base64 alphabet tattooed upside-down on my belly for the street cred
3
1
1
20
Replying to @daveshackleford
My first PC had 64K of RAM. You’ve come a long way, baby!
1
7
I’ll be showing up around 0630 US Eastern Time to see who’s awake and maybe discuss InfoSec Consulting from my perspective as a “lone eagle” type consultant.
Black Hills Information Security
 @BHinfoSecurity
13 Oct 2021
Official link for the BHIS 24-Hour PreShowBanterCon-A-Thon 2021! event -- youtube.com/w_BxFoNKkqU Starts: Friday, Oct 15th at 11am ET Ends: Saturday, Oct 16th at 11am ET Nonstop banter, nonstop special guests!
5
9
Hal Pomeranz retweeted
Hexordia @hexordia
12 Oct 2021
Hexordia is looking for #DFIR examiners with a TS/SCI Clearance. If you are an experienced examiner with 8 years+ experience (or an advanced degree and a little less experience) with a digital forensics certificate, please DM as we would love to talk with you! #DFIRJobs
2
9
1
23
Load more