• 8 Posts
  • 301 Comments
Joined 1 year ago
cake
Cake day: June 18th, 2023

help-circle
  • Mikina@programming.devtoProgramming@programming.devMaking malware
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    27 days ago

    I can’t recommend Maldev Academy enough. It has been an amazing resource, to get into malware development. Keep in mind, however, that malware development is pretty difficult topic. You will have to eventually use WinAPI and syscalls, so learning about that even outside of malware development will help you a lot.

    For example, try looking into how to execute a shellcode in memory - allocate memory as RWX, copy some data and then execute it. Try executing it in a different process, or in a different thread of another process. That’s the core of malware development you’ll probably eventually have to do anyway. Manually calling syscalls is also a skill that you’ll need, if you want to get into EDR avoidance.

    Also, look into IoCs and what kind of different stuff can be used to detect the malware. Syscall hooks, signatures, AMSI, and syslog are all things that are being watched and analyze to detect malware, and knowing what exactly is your program logging and where is one of the most important and difficult skills you can get.

    There probably are a lot resources for these two skills, and they are an important foundation for malware developemnt, so I’d suggest researching that. You’ll probably not get much from looking at other malware, because it tends to be really low-level, and obfuscated, exactly to avoid the IoCs I’ve mentioned above. Implementing the malware behavior after that is the easier part.

    Another good resource to look into are C2s and communication, for example Mythic C2 has some interresting stuff.

    And I really recommend joining the Bloodhound slack. Throughout my cybersecurity carreer as a Red Teamer, the community has helped me a lot and I’ve learned amazing stuff just by lurking.



  • It’s best to have a local copy of package repos with whitelisted libraries, or so I’ve heard. But containers are fine, too. Especially with VSCode .devcointainers, it’s super easy to setup and distribute with the repo, there’s really no reason not to do that.

    The biggest issue here that a lot people don’t realize is Bing AI, it’s insanely easy to poison it’s results, since it summarizes search results. It’s only a matter of time before someone convinces it to start using or adding a typosquatted/malicious library to answers to a common programming question, and it will be a fun times ahead.



  • I spent three days trying to get a RaycastCommand (Unity’s jobified raycasts) working to get multiple hits per raycast. Should have been easy, according to the docs:

    The result for a command at index N in the command buffer will be stored at index N * maxHits in the results buffer.

    If maxHits is larger than the actual number of results for the command the result buffer will contain some invalid results which did not hit anything. The first invalid result is identified by the collider being null

    maxHits The maximum number of Colliders the ray can hit

    Well, no. I was getting super weird results and couldn’t get it to work properly. First thing I checked was if I’m getting two+ hits for any of the raycasts, because you simply can’t trust Unity. And I was getting multi hits, but seemingly at random.

    The error? I was sorting the hits by distance using bubblesort, and made a simple error with index in it. Which resulted in me seemingly getting two hits per ray sometimes, but it was just a result for another ray moved there by faulty bubblesort. Because unity actually doesn’t support multiple hits per ray.

    I couldn’t find the original thread about the issue (which was two years old by the time I was dealing with it), which had an amazing reply from Unity:

    I have discussed it with an engineering team, and RaycastCommands don’t support multiple hits because it was difficult to implement. The documentation just doesn’t explains it really well

    The fuck doesn’t explain it very well??? It literally describes a parameter that sets max hits per ray and tells you how to get the multi hits from results…

    Fuck unity :D


  • Whi getting through college, I was always bummed that we have to learn a lot of stuff that seemed super irelevant to my future carreer, while also being annoying. Stuff like prolog, Phyro, Lisp, Assembly, or bunch of obscure math.

    It was only years later when I finally realized why it was important - the school wasn’t for teaching me to be the C#/Java programmer, but it taught me to be A programmer. I can pick up and start successfully writing anything I need, in any language, relatively quickly and without issues, nonmatter whether it’s functional, objective, or wharever style of language, because I’ve very probably already had to deal with, learn, understand and pass exams in language that is similar to it, since college made me learn a language from almost every style or flavor of languages there are.

    I was surprised when I first saw colleagues struggle with picking up languages other than the ones they work in, and that was when I finally realized why and how sneakily did the college make me a universal programmer without me noticing it. And that’s something that’s harder to get when self-taught, because you don’t get exams and it’s easier to miss the point and just skip courses on lisp, prolog or lambda calculus, because it seems irrelevant, but the different point of view and approach used when writing in those languahes is what will teach you the most.







  • 76% of all respondents are using or are planning to use AI tools in their development process this year, an increase from last year (70%). Many more developers are currently using AI tools this year, too (62% vs. 44%).

    What the fuck. That’s horrifying. I also though that every sensible workplace bans the use of AI.

    A friend was telling me about a discussion between CTO’s at a conference, where they were talking about whether it’s even worth it to hire junior developers anymore, since there’s a high risk of them just being “AI-raised”, without much (or any) experience of coding without AI. And, this survey result… I can see where they are coming from. The future of programming looks pretty bleak - our job will not be replaced. It will just get worse, with good developers being more of a rarity.

    And the amount of people who use vim or neovim as their IDE is surprisingly high. Is it skewed by sysadmins?


  • That’s a good question, and I never through about it like that. I think that the lack of documentation isn’t that much of a problem, rather that the code stands out in the project in that it is complex to understand and requires some more though, effort and imagination to grasp, since it’s generic with lot of interfaces and polymorphism.

    Now, that usually wouldn’t be much of an issue, however - the project is a game we’ve been actively working on in our spare time in a team of 2 programmers for the last 6 years, and we are all fed up with it and just want it to end. Most of the (pretty large by now) codebase is kind of simple - it’s a game code, after all, and since we started it when we were 20, there aren’t many overenginered ideas or systems, but everything is mostly written in the ugly, but simple and direct way, so if we had wanted to change something, we may have had to rewrite a part of it, but it never really needed much effort to understand what’s going on.

    But now I need to change this code, which is one of the only parts that requires some kind of imagination and actually sitting down and trying to understand it, and since my motivation about the project is so low, it’s a pretty large hurdle to cross. One that is also unnecessary, since most of the generalism isn’t needed and will never be used. But since the code is written in such extensible way, it’s hard to just hack up a simple and ugly solution somewhere into it and be done with it, without really figuring out what the hell is going on.

    A documentation wouldn’t help with that - it would still take the same amount of mental effort to be able to work with that code, which we generally lack in the project. I think that if I actually took the time to properly look through the code, figuring out what’s going on wouldn’t be too hard - the naming convention is pretty ok and it’s not that difficult, it just requires some mental effort.

    I’m not trying to make excuses, the code very probably has problems, I’m just trying to better sort my thoughts about why I have so much problems working on it. It probably has more to do with my motivation, rather than the code in itself, and the fact that the complexity here wasn’t required, and is now a needless hurdle that actually hinders progress. Not due to it’s quality, but do to unrelated motivation issues and us having to basically force ourselves to work on and finish the damn project.


  • There’s a piece of code in our hobby game project that I’ve written after attending classes in college about how to write clean and SOLID code. It’s the most overengineered piece of shit I’ve ever written. I’m not saying it’s the fault of the lectures, of course it’s on me being a little bit over zealous, but it does check all the boxes - It’s a simple “show selectable list of stuff”, follows MVC, it’s extensible without rewriting to adittional data-types and formats, extensible view that can show any part of data you need, generic, and in general it could be used anywhere we need, for any kind of data.

    There’s only one place where we need and use such list in our game.

    I needed to rewrite a part of it, since the UI changed drastically, to not need this kind of list, while also adding events into the process. I haven’t seen the code for almost 4 years, and it’s attrocious. Super hard to understand what’s going on, since it’s too generic, interfaces and classes all over the place, and while it probably would be possible to rewrite the views for the new features we need, it’s just so complex that I don’t have the mental capacity to again figure out how it was supposed to work and properly wire it up again.

    I’m not saying it’s fault of the classes, or SOLID. It’s entirely my fault, because the classes inspired and hyped me with ideas about what a clean code should look like, that I didn’t stop and think whether it’s really needed here, and went over-the-top and overengineered the solution. That’s what I’d say is the danger of such Clean Code books and classes - it’s easy to feel clever for making something that passes SOLID to the letter, but extensibility usually comes at a complexity, and it’s super important to stop and think - do I really need it?


  • One night when returning from a party at work, I’ve decided to stay a while longer in the tram to escort my co-workers to the tram central hub (which was like half an hour of tram ride), instead of getting out at my home, which was only 5 minutes from our workplace.

    When I got into the tram back home, there was an older guy with a carboard robot costume, who was talking to someone about his work in the theater. Because I find people like that interesting, I decided to move closer and sit next to them, so I can listen to their pretty interesting conversation. I’ve tripped and basically literally fell into their conversation, and the other guy left, so we started talking. It turned out he does a prop-guy on movies and for theater, and we hit it off pretty well. He also lived literally 3 minutes from my place, and we have decided to go have a few more beers at his home, which was basically a storage lot full of random stuff without much furniture - just random props, one bed, and a lot of beer.

    I’ve messaged my GF that I’ll be late, since I’m drinking with this pretty cool old guy, and send her a picture of the place. Her reponse was “Wait, isn’t that <name>?”. Turns out, he was a prop guy on a movie they were filming a lot of years ago at their old family house when she was young, and not only he was the most fun guy to be around there, always sneaking out to drink with them, but also briefly dated her (late) mother, so he’s basically her step-dad. Since he’s pretty old-school, no social networks, internet and barely a phone, we did exchange contacts and since then have seen him a few times, and it was always a treat, like getting us to the backstage of theater production. But the way we have met is so, so random and the odds of something like that happening are mind blowing. I usually don’t follow random people home, but here we have hit it off so well that we wanted to keep talking and it didn’t even felt weird.


  • This is the first time ive heard about microg. How is the app support with it? Can you run every app that needs play service? I have Google Sandbox installed only on a second Graphene profile, and use it for bare minimum of apps that dont work without it, Bolt app, mostly weird MFA for work or package tracking apps i use once per month, while disabling most of their permissions. Will microg improve my situation in this case to be worth switching over? Does it work without root?


  • I can’t decide whether this sentence is a joke or not. It has the same tone that triggers my PTSD from my CS degree classes and I also do recognize some of the terms, but it also sounds like it’s just throwing random science terms around as if you asked a LLM to talk about math.

    I love it.

    Also, it’s apparently also real and correct.



  • One thing I forgot to mention - last time I recommended cloudflared, I was told that the TOS for cloudflared forbid use for high-volume streaming of data, such as movie/audio streaming, or sharing of large files for download.

    I never had an issue with it, but I didn’t use it for streaming, only to share/download a small to medium sized file once per few weeks. I suppose that if you were to publicly post a link to a few Gb large file, and had hundreds of people download it through the cloudflared, they may take an issue with it. Maybe even if you were regurally watching streamed movies from your server through it. So just a heads up, make sure to check the ToS first.


  • I’m using GrapheneOS, and suprising amount of apps (including my bank app) works without Google Services. And if there’s something I need for work that doesn’t work without them, I have another profile with sandboxed Google play (which isn’t enabled on my main profile), and use the app there, where it’s separated from all of my data. No need to root my phone, and so far it worked great.

    As for sharing your Nextcloud stuff, what I did was for services that need to be public, I just got a cheap (like, few dollars per year) domain and use Cloudflare Tunnel (Cloudflared). It handles all port forwarding for you, and you don’t have to make anything public on your router - just install cloudflared on the server and have it forward the port you want to your domain. You can also set up geoblocking and ACL pretty easily, so it’s perfect for that.

    I’ve however recently moved to using ZeroTier, because it has a nice mobile VPN app, so I just run zerotier (it’s literally two commands to install and join a network) on my server, and if I need to access something there I just launch it on my phone and connect through ZeroTier. This, however, won’t help if you want to share stuff from your server with others, since they’d have to install a ZeroTier client and also join your network. For Jellyfin, Nextcloud and Sunshine, though, it’s amazing.

    And if that still feels like too much hassle for you, I’d recommend looking into Proton Drive. I’d consider that one of the best hassle-free alternatives to GDrive, which launched recently.