dunnot, to me it looks like they just wanted to have some max value of the datatype
Okay, thanks for that
MRT
klimi
yeah dunno, maybe ask someone who wrote it
Monem
Hi, I have two algorithms one takes 7.2 hours and an updated version takes 2.5 hours; how to calculate speed enhanced and how to present that in a formal way? Thanks
0xJosh
everything is in the document on how to securely use everything
just read it and you gonna be just fine
@X_Techno_Pro one last question....
What does libsodium use as a source of entropy for getting cryptographically secure random numbers?
Hussein
@X_Techno_Pro one last question....
What does libsodium use as a source of entropy for getting cryptographically secure random numbers?
on Unix based/like system it use /dev/urandom which uses keyboard timing and interupts timings
here is a link that explains exacptly how it is obtained
http://security. stackexchange .com/questions/71813/ddg#71814
0xJosh
0xJosh
And the link is not working, don't know why
Hussein
And the link is not working, don't know why
it uses RtlGenRandom()
and because windows is not open source I didn’t find something useful on the web
Mr
any IIT student here ?
Hussein
And the link is not working, don't know why
yeah remove the spaces within the link
I can’t send links here or I will get a warning
Hussein
And the link is not working, don't know why
http://security. stackexchange .com/questions/71813/ddg#71814
remove spaces from this ☝️
0xJosh
it uses RtlGenRandom()
and because windows is not open source I didn’t find something useful on the web
Since there's something for Unix system, do you think there's also going to be something for Windows system?
0xJosh
Hussein
Since there's something for Unix system, do you think there's also going to be something for Windows system?
yeah It shouldn’t something cryptographically weak since basically every other crypto library uses the same function to generate randoms
0xJosh
yeah It shouldn’t something cryptographically weak since basically every other crypto library uses the same function to generate randoms
Alright.
In you opinion what OS would be best for me to do this?
Hussein
Alright.
In you opinion what OS would be best for me to do this?
well for a server linux for sure which a unix-like os
it is going to be cheaper and faster than windows server
0xJosh
well for a server linux for sure which a unix-like os
it is going to be cheaper and faster than windows server
Okay.
Which one do you use btw
Hussein
Okay.
Which one do you use btw
debian linux on the cloud and even on my desktop it is smooth , really performant compared to windows and pretty low maintenance
0xJosh
debian linux on the cloud and even on my desktop it is smooth , really performant compared to windows and pretty low maintenance
Never heard of this before... Would check it out tho
0xJosh
Thanks for the info
Hussein
@Jellyfish_Josh
yeah ... t is considered as the most stable linux distribution (varient)
you can set auto-updates then expect it to be up for the next decade as long as your program doesn’t crash or you get DDoSed
Hussein
@Jellyfish_Josh
yeah ... t is considered as the most stable linux distribution (varient)
you can set auto-updates then expect it to be up for the next decade as long as your program doesn’t crash or you get DDoSed
or something crazy happens which probably going to be on the news
Hussein
or something crazy happens which probably going to be on the news
also you got gdb and valgrind available on linux so you don’t lose your sanity trying to find what is causing bugs in your C++ program
Gee
https://pastebin.com/bx1WHGJD
Any who can help me with this?
Alex
hi guys, if i am using the recvfrom function and i am also using an alarm, what is the correct statement?
while (recvfrom < 0)
{
if (errno != EINTR)
error
}
if (recvfrom < 0)
{
if (errno != EINTR)
error
}
Gee
What's wrong with it?
Some parts are not functional and I have indicated in the comments what needs to be done
Anonymous
#include <iostream>
using namespace std;
int main(int argc, const char * argv[])
{
int num_1; int num_2; int result; int number;
cout << "Choose a type of count:\n" << endl;
cout << "(1 = +) (2 = -) (3 = *) (4 = :) (5 = %) " << endl;
cin >> number;
if (number == 1)
{
cin.get();
cout << "Enter first number:" << endl;
cin >> num_1;
cin.get();
cout << "Enter second number:" << endl;
cin >> num_2;
cin.get();
result = num_1 + num_2;
cout << num_1 << "+" << num_2 << "=" << result << endl;
}
if (number == 2)
{
cin.get();
cout << "Enter first number:" << endl;
cin >> num_1;
cin.get();
cout << "Enter second number:" << endl;
cin >> num_2;
cin.get();
result = num_1 - num_2;
cout << num_1 << "-" << num_2 << "=" << result << endl;
}
if (number == 3)
{
cin.get();
cout << "Enter first number:" << endl;
cin >> num_1;
cin.get();
cout << "Enter second number:" << endl;
cin >> num_2;
cin.get();
result = num_1 * num_2;
cout << num_1 << "*" << num_2 << "=" << result << endl;
}
if (number == 4)
{
cin.get();
cout << "Enter first number:" << endl;
cin >> num_1;
cin.get();
cout << "Enter second number:" << endl;
cin >> num_2;
cin.get();
result = num_1 / num_2;
cout << num_1 << ":" << num_2 << "=" << result << endl;
}
if (number == 5)
{
cin.get();
cout << "Enter first number:" << endl;
cin >> num_1;
cin.get();
cout << "Enter second number:" << endl;
cin >> num_2;
cin.get();
result = num_1 % num_2;
cout << num_1 << "%" << num_2 << "=" << result << endl;
}
if (number < 1 || number > 5)
{
cout << "ERROR! Please write numbers from 1 to 5!\n" << endl;
}
return 0;
}
𝕷𝖔𝖗𝖊𝖓𝖟𝖔
Billy I suggest you use the tool they adviced in the rules to expose the code, otherwise you'll get warned.
By the way, I can't help, dunno C++
Anonymous
Ok sorry(
\Device\NUL
You should use else if tho
Anonymous
Hello
布丁
still a malware can do horrible stuffs once it is executed
yup but hardening makes a real, meaningful attack more difficult to perform successfully. That’s the point of hardening
布丁
Malware detection/prevention is another story
布丁
ASLR is used to generate random virtual addresses and to prevent some attacks that can exploit memory corruption to read other programs memory
and NX bit is way to separate executable code and data in memory to make it harder to load malware into flawed programs
and a stack canary is used to keep programs access the memory that they allocated
nothing can prevent a malware
also windows defender is a anti-virus which tries to detect known malware and there are tons of ways to bypass that
The Windows Defender one actually refers to the OS hardening options, not antivirus
Hussein
The Windows Defender one actually refers to the OS hardening options, not antivirus
let’s take look at legitimate program like a web browser it has to access your video memory to display content
it has to access your files (may modify, read or write to them) , listen to keystrokes then handle the event corresponds to it
locate your mouse pointer and access any other hardware devices that your computer has in addition to running few other external programs in some cases and executing shell commands
the only thing that windows defender can do is to check whether a program resemble a known malware that uses the same privileges given to regular program in addition to provide the option to take more extreme measures against any programs that are trying to do something programs are not allowed to do but other than that,
a malware that is written in a way that doesn’t resemble any known malware it can cause whatever it’s designed for
otherwise none of legitimate programs will ever work properly on windows
just think about how would you download a webpage if your browser could’t write to the disk to place and HTML file in your Downloads
布丁
let’s take look at legitimate program like a web browser it has to access your video memory to display content
it has to access your files (may modify, read or write to them) , listen to keystrokes then handle the event corresponds to it
locate your mouse pointer and access any other hardware devices that your computer has in addition to running few other external programs in some cases and executing shell commands
the only thing that windows defender can do is to check whether a program resemble a known malware that uses the same privileges given to regular program in addition to provide the option to take more extreme measures against any programs that are trying to do something programs are not allowed to do but other than that,
a malware that is written in a way that doesn’t resemble any known malware it can cause whatever it’s designed for
otherwise none of legitimate programs will ever work properly on windows
just think about how would you download a webpage if your browser could’t write to the disk to place and HTML file in your Downloads
haiya I'm referring to these settings... https://techcommunity.microsoft.com/t5/windows-security/turn-on-mandatory-aslr-in-windows-security/m-p/1186989
布丁
not the exact Defender for antivirus...my bad
布丁
with these hardening in action, for example ASLR, the hacker will need more effort in sniffing the memory addresses, sometimes even not feasible
布丁
but before that, there should be a vulnerability to begin with. that's not the hardenings could help
Hussein
yes that’s what I was trying to say
they may make binary exploitation harder but once they happen Wondows can’t do anything about it
Hussein
haiya I'm referring to these settings... https://techcommunity.microsoft.com/t5/windows-security/turn-on-mandatory-aslr-in-windows-security/m-p/1186989
also WTF!!!
why ASLR isn’t enabled BY DEFAULT on Windows ?!!!!
this became a standard for operating systems years ago
it has started with OpenBSD and Linux implemented that in 2001
Hussein
Mac OS support ASLR too
this is weird
\Device\NUL
also WTF!!!
why ASLR isn’t enabled BY DEFAULT on Windows ?!!!!
this became a standard for operating systems years ago
it has started with OpenBSD and Linux implemented that in 2001
I never heard about OS standarization beside POSIX
布丁
also WTF!!!
why ASLR isn’t enabled BY DEFAULT on Windows ?!!!!
this became a standard for operating systems years ago
it has started with OpenBSD and Linux implemented that in 2001
I believe the msvc linker option has this turned on by default, so the global setting here only affects legacy programs?
Hussein
I never heard about OS standarization beside POSIX
sorry it is not a standard rather something every major operating system supports to avoid return-back-to-libc attacks once a buffer overflow is exploited
Hussein
I believe the msvc linker option has this turned on by default, so the global setting here only affects legacy programs?
Yep I almost forgot that everything crazy in windows has to be related to legacy programs
布丁
lol
Hussein
Gosh!! last time I programmed on windows was years ago
Hussein
Also writing C code on windows is nightmare
Hussein
especially when debugging without gdb or valgrind😖
void
Also writing C code on windows is nightmare
at least has a better malloc implementation tan GNU (...) it sucks
Prince राजकुमार
Starting my html course
Abhimanyu72
ok, But i need some help on C/C++ can any one help
Abhimanyu72
yes but i don't remember
Abhimanyu72
it is a big gap of 30 years
\Device\NUL
Why you write like this ? It's hard to read
Abhimanyu72
because i don't remember whatever i have learned 30 years back
Abhimanyu72
I was a clipper programmer
Abhimanyu72
A := {{"11","22","33"},{"44","55","66"}
B := {{"aa","bb","cc"},{"dd","ee","ff"}
and then C:= {A,B}
This was possible in Clipper and I am trying same in c
\Device\NUL
Dude, that's already different language
Abhimanyu72
but .... I have reached to some extent
\Device\NUL
type inference isn't available in C
Abhimanyu72
why ? i got partial result with pointer 2 out of 3
\Device\NUL
Even your format specifier wrong, use %zu to print what sizeof() return
Abhimanyu72
I can not post image of out put
.
3 total Months
4 elements in each sub array of Month
Abhimanyu72
Even your format specifier wrong, use %zu to print what sizeof() return
can i send you image of code / code in Personal Message
Abhimanyu72
it is not to complicated some sizeof() or pointer matrix determination has gone wrong
Abhimanyu72
Even your format specifier wrong, use %zu to print what sizeof() return
I have sent you image of code can you pl. check it ?