grugq

# Silk Road 2.0, What Could Possibly Go Wrong?

There are a number of risks with the reopened Silk Road. Rather than explore them
in depth, I'll look at some of the more serious security issues facing them.

[Ed: Since I began writing this in early December, at least some of what I
predicted has come to pass. Three of the moderators from the original Silk Road
have now been arrested.]

## Plenty of Possible Problems

grugq

mx
:%s/TGTIP/ACTUALTARGET/g
:%s/RHP/RHP/g
`x

-scan telnet TGTIP 

-ping -r TGTIP -t -p 4000

-tunnel

grugq

An IRA Reading List

Autobiographies

• Insider: Gerry Bradley's Life in the IRA, Gerry Bradley
• The Volunteer, Shane Paul O'Doherty
• Watching the Door, Kevin Myers
• MRF Shadow Troop, Simon Cursey
• Southside Provisional, Kieran Conway
• Fifty Dead Men Walking, Martin McGartland

grugq

#!/bin/bash
#
# 4633c8a2a16a8e0428d253baafb76bbc18f29562390c84d1c85ba98865531a2b

CRYPTER="base64 -b 78"
HEADER="----BEGIN PGP MESSAGE----"
FOOTER="-----END PGP MESSAGE-----"

do_encryption() {
	local plain="$1"

grugq

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

   Undercover communication

   It should be obvious by now, that the only way to communicate 
   stealthily and securely is to avoid raising suspicion to the 
   level at which the authorities might consider it worthwhile 
   to put you under active surveillance (e.g., park a van with 
   TEMPEST equipment by your apartment). 

grugq

from twisted.internet import reactor, defer, endpoints, task, stdio
from twisted.conch.client import default, options, direct
from twisted.conch.error import ConchError
from twisted.conch.ssh import session, forwarding, channel
from twisted.conch.ssh import connection, common
from twisted.python import log, usage
import signal
import tty
import struct
import fcntl

grugq

Give a man an 0day and he'll have access for a day, teach a man to phish and he'll have access for life.
https://twitter.com/thegrugq/status/563964286783877121
--

You can get 25% off a Mandiant incident response with the code: ITWASCHINA. 100% off if you just use that code as the report.
https://twitter.com/thegrugq/status/600345075562909696
--

Fear of 0day is like being terrified of ninjas instead of cardiovascular disease.
https://twitter.com/thegrugq/status/851001030019907588

grugq

#!/bin/bash
#
# simplistic program that creates passphrases using bash. the passphrases
# are a Number of '-' separated words, ea. of max Chars, with limited post
# processing (upper case, lower case, 1337.)
#
# (c) 2019, thaddeus t. grugq <the.grugq@gmail.com>
#

CRACKLIB=/usr/share/dict/cracklib-small

grugq

Keybase proof

I hereby claim:

• I am grugq on github.
• I am grugq (https://keybase.io/grugq) on keybase.
• I have a public key whose fingerprint is 6103 B780 CA99 5ABA BDC6 0C1A DB60 C7B9 BD53 1054

To claim this, I am signing this object:

grugq

# Dracula Theme for Consoles
# 
# Console colors are set by the `setvtrgb` command which takes as argument a
# file of exactly three lines of text. These lines are the 0..255 values for
#
# red: black,red,green,yellow,blue,magenta,cyan,white,bold_black,bold_red,bold_green,bold_yellow,bold_blue,bold_magenta,bold_cyan,bold_white
# grn: black,red,green,yellow,blue,magenta,cyan,white,bold_black,bold_red,bold_green,bold_yellow,bold_blue,bold_magenta,bold_cyan,bold_white
# blu: black,red,green,yellow,blue,magenta,cyan,white,bold_black,bold_red,bold_green,bold_yellow,bold_blue,bold_magenta,bold_cyan,bold_white
#
# Needless to say, this is a very annoying format. Here are the values for