linux – How can .bashrc be used to attack a system?

This is not an exploit, as there is no underlying vulnerability to exploit. This is more like malware, in the sense that it does something malicious on your system.

As you probably know, .bashrc and .bash_profile run after a user runs bash and successfully authenticates. It is not a vulnerability and it is very much by design and / or necessity, however you want to look at it.

On the surface, it seems to be a simple thing for an attacker to elevate his privileges. A file that performs anything as soon as the user performs a trivial task. In practice, however, this is more difficult. In order to modify the .bashrc or .bash_profile file, you need a way to modify arbitrary files with the permissions of the user you want to attack. It's already an incredibly solid position, and modifying these files probably won't put you in a better position. An analogy would be that if you hold a gun, a toothpick will not be a better weapon.

Consequently, an attacker wishes to further increase his privileges or to make his current access more coherent or more practical. This is something that changes .bashrc can help you. The example you have already done shows it very well. By collecting user credentials, accessing the machine could be easier (logging in directly via SSH rather than using, for example, a web shell or other exploit ) or it could allow the attacker to execute commands rather than writing files only.

Another attacker may want to do:

  • Modify system files to include malicious behavior (to keep access)
  • Gather administrative credentials to act as root (to increase privileges)
  • Launch other malware (to make operation more convenient more convenient)

How? 'Or' What exactly it's not rocket science. .bashrc performs whatever you put in it with the permission of the current user. You can use your imagination to find examples.

homebrew – On DnDBeyond, how do you create a shield that gives a ranged attack?

In dndBeyond, I'm basically trying to create a Captain America shield. If I make him hit a shield, I can't get him to give an optional ranged attack. I tried to add a modifier and I used the Ranged Weapon Attack - Bludgeoning modifier with a damage die roll and dex as the main statistic. When equipped with a character, the AC increases by 2 as it should for a shield, but no chance of seeing a ranged attack appear in the attack section of the actions of the character sheet. Can someone tell me how to get there? Should it be created as a weapon that gives a AC bonus for mimicking what the equipment of a shield does? It's a bit like a hack.
enter description of image here

dnd 5e – Can you use Primal Savagery as a freehand attack?

Primal Savagery reads

You channel primitive magic to sharpen your teeth or nails, ready to deliver a corrosive attack. Cast a melee spell attack against a creature within 5 feet of you

This attack is neither a main hand nor a freehand attack, but rather a melee attack, which does not even need to use your hands, but can use teeth to the place. It also can't be used with two-weapon combat as the two-weapon combat rules say

When you perform the Attack action and attack with a light melee weapon that you hold in one hand, you can use a bonus action to attack with another light melee weapon that you hold in the other hand.

So, overall, an attack made with Primal Savagery is simply a regular attack, and one that cannot be followed by a two-weapon combat attack with BA since it does not use a Light melee weapon nor even after an action attack

Are there any rules for a character's neutrality beyond the additional attack of dual use?

Is there an innate lightness to the Anima characters, or is it just something that applies to a specific situation? Here are all the applicable rules I could find in the matter:

Attacks with additional weapons
A character can try to add to his offense by brandishing a weapon
each hand. If he does, he can perform an additional attack
pay a penalty of –40 only for the second weapon. If the fighter is
Ambidextrous, the penalty for the second weapon is reduced to -10.
Anima – Beyond fantasy Pg.84

Ambidextrous
An ambidextrous person can use both hands
as well.
Effects: An ambidextrous character can play
maneuvers with one hand or the other. In combat, he suffers
only –10 for attacks with an additional weapon.
Anima – Beyond Fantasy Pg.15

The first rule states that the game only cares about a “ casualness '' & # 39; when used to make an additional attack without incurring the usual additional action penalty, but the second rule seems to imply that all characters have an innate neutrality (may need to be specified when character creation) that if they perform an action (action is synonymous with maneuver in the book) with their left hand, they would suffer this penalty.

The question was raised by the following situation:
A character has the ability to make several additional attacks using a ki technique and wishes to distribute these attacks between weapons between their two hands and end them with the additional weapon attack. The question is whether normal attacks made with their second weapon are all affected by this penalty, or just the last additional one.

The attack signature of RSA-CRT-faults lenstra

I was reading this (paper) https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf) 1 on the use of faults in the calculation of signatures with the optimized CRT version of RSA (see the end of the paragraph). If the filling is deterministic and there is a defect in one of the CRT p or q calculation mod, the attacker can recover a factor of n, which breaks RSA. A simple gcd can do the trick.
enter description of image here
There is a simple attenuation, when calculating the signature, it should always verify that it is valid. But in this same article, it is shown that many cryptographic libraries do not perform this integrity check (see Table 1). I was wondering if this is still the case and if it creates a real security risk? Where is it verifiable in openssl source code for example?

1 Weimer, F. (2015). Factoring of RSA keys with TLS Perfect Forward Secrecy.

dnd 5th – How does Captain Drow House's whip attack work?

In MToF p. 184, he states that one of the actions of the Drow House captains (in bold to emphasize):

Whip. Melee attack with a weapon: +8 to hit, reach 10 feet., One target. Hit: 6 (1d4 + 4) sharp damage. If the target is an ally, it has an advantage on attack rolls until the end of its next turn.

The ally is confusing. Why would hitting an ally give you an advantage? Why would you choose to strike an ally? How does this action work?

dnd 5e – Ramifications of the modification of the attack skill test

What changes when I substitute an attack instead of a capacity test? What mechanisms apply to one, but not to the other?

Example 1:

Class function that modifies the special push attack

Eldritch bash

You can use a bonus action to try to push a creature within 5 feet of you with your shield, which causes melee attack instead of strength (athletics) to check the strength of the melee. 39; opponent (athletics) or dexterity (acrobatics), not his AC.

Example 2:
Function / exploit of class which allows the picking with the fist rather than to check the dexterity (tools of the thieves).

Percussion hooking

As an action, you can perform a melee attack against the lock, treating the picking DC as an AC. On strike, the lock opens.

(example of wording subject to change)

dnd 3.5e – implementation of a ranged grapple attack for an artifact weapon

I have created a new artifact as part of a campaign that I am launching, with properties that seem to fit perfectly with the campaign, the story of the articles and our group in general. I expect our oversized brute with the dark spirit of a barbarian to claim ownership. Due to its power and size, it also often uses other forms of attack like grappling, so I added a double grappling ability from a distance to the artifact. However, I have a hard time assessing whether it would be fun or revolutionary. I would like the article to have such a capability, but I don't have enough knowledge and references to judge the best implementation of it (or alternatives). Please help.

Also, I'm having trouble figuring out what any informed merchant would be willing to pay if a player decided to sell it (if a merchant was ready to buy it).

Here is the artifact in question with the grapple attack in bold:

The sailor's lament

It is a huge, dark wooden mast torn from a ship drilled over half its length with a large number of huge, sharp teeth like what was to be a colossal nautical predator. The mast is tied with thick lengths of old ship rope which somehow stays wet all the time and it is also covered with barnacles and algae and burnt at the base. It is accompanied by a pungent smell of salty sea air and decaying old fish strong enough to ward off anyone with a sense of smell or decent personal hygiene. If it weren't already off-putting enough, her soft moans and occasional moans would surely be …
There is an inscription at the burnt base of the mast, it reads "Ravage".

History:

Around 1370, in the northern waters of the coast of the sword, a kraken wrapped its tentacles around the caravel "The Ravager" to bring it down into the depths. However, before he could properly grasp the ship, he struck a large iceberg and the kraken tentacles got caught in between. Gonchklas, the captain of the ship, knew they were sentenced but was not one to give up without fighting. He and his crew gathered their supplies of black powder and strategically transformed the ship into an oversized cluster bomb. When the kraken finally emerged from his head and descended on the ship to release his tentacles, Gonchklas ignited the black powder. In the explosion, the main mast of the ship was torn off and it tore the mouth of the kraken. The injured kraken retreated to the depths and left the shipwreck to haunt the seas.

Rumor has it that part of the Ravager's wreckage sometimes appears on land or at sea. Some say it is a tribute to the heroic captain and crew of The Ravager and that if there is one, it is to commemorate and honor their death. Others say it is the queen of the depths' plan to lure the land dwellers to its waters. Whatever the purpose of this wreck, as long as it is not reunited with The Ravager, the ship remains cursed to haunt the seas.

The Sailor’s Lament is a minor artifact and legendary wreck of the Ravager which, due to its nature, has yet to see many owners.

properties:

This large club of +2 inflicts 4d6 damage on any hit, which can be clubbed or slashed, and has a x3 multiplier on every critical hit. Due to its size, weight and shape, those who are at least two sizes smaller than the big club cannot use or lift it, and those who have lower strength to 15 can't use them either. but with penalties as if it were an improvised weapon. The large club has an improvement in the elementary power of water (large) (DMG2 p. 261).

The damage inflicted by the big club is the same as that from the bite of a kraken. If the owner knows that the big club is The Sailor & # 39; s Lament (not just a big club +2), it can be used to full effect: he earns a total improvement bonus of +4, works like a Bane weapon (magic beasts), and once a day, rapid action can be projected onto any hard surface with its base to ignite fiery flames around the wearer with an effect similar to that of a fire shield (as long as the wearer is not underwater).

While underwater, The Sailor & # 39; s Lament used to full effect also has aquatic enhancement, allows the use of the Jet (at twice the owner's full racing speed) and extraordinary abilities of an Ink Cloud of a kraken once a day, and once a day as a standard action The Sailor & # 39; s Lament can be used for two simultaneous tentacle attacks. These tentacle attacks can have the same or different targets, use the owner's full basic attack bonus, deal 2d8 damage plus the owner's force modifier on any hit, and have a range of 60 feet. The tentacles can also be used to launch a grapple, in which case they remain for the duration of the grapple. During a grapple, the extraordinary abilities of the Kraken Improved Grab and Constrict apply and the abilities Jet and Ink Cloud cannot be used.

The Sailor’s Lament is cursed and imposes a -4 penalty on the charisma of its owner. Its history and appearance may lead to additional changes in the situation at the discretion of the DM.

Strong evocation and transmutation, moderate conjuration and abjuration; CL 20th; Weight 80 lb

PS: any other feedback on the artifact and its capabilities would be equally appreciated.

Denial of Service – Should a DDOS attack on an application using CDN first bring down all of the CDN servers involved to affect the availability of the application?

Should such a DDOS attack completely remove all CDN servers serving the content of this application before completely altering the original server?

The CDN provider can decide that these attacks are too costly and have too much impact on other customers protected by the CDN to no longer serve your domain. In this case, your domain will not be directly destroyed by the attack crossing your system, but it will be inaccessible anyway.

Other than that, your application may have bugs that already allow few requests to cause a large load, such as numerous requests to the database or attacks of algorithmic complexity. In this case, only a few requests will be enough to cause a high load and make your server inaccessible. Although the WAF capabilities of a CDN can protect against some known attacks like this, they cannot protect against arbitrary bugs in the application.

[ Politics ] Open Question: So apparently an old man who has had a heart attack and an old man who has had brain surgery are more desired than a woman?

I guess something better than having a woman in the chair, right? Any man, regardless of age and poor health, is more desirable than a woman. If it is not a male privilege, I do not know what it is. No reason not to support Liz Warren. Shame on sexist voters.