Category: Uncategorized

I’ve told this story in person often enough, I might as well post a version of it up with actually accurate information.  I don’t really have a Linkdin at the moment.  So, I’m going to share it here in case anyone who might be wanting to hire me does some OSINT.  While I’m prouder of when I literally smelled a small problem before it became a BIG one, this one might impress a hiring agent more.

A few years back I received a call from one of my clients.  They told me something was wrong, and they wanted me to remote in and check it out.  I grilled them for more details, but they were suspiciously vague.  I remote in and it’s a big ransomware screen.  It had been there for a week before they called.

“We have ur files. huehuehue.  Gif monies”.  You know..

I think I sat there for about an hour just staring at the screen.  I may have almost teared up.  This law firm was borked.  A stupid fake FedEx invoice with a hidden .js extension was going to shut them down.

Eventually, I snapped out of it.  I had to at least try.  I’ve exterminated a lot of malware over the years.  None quite on this level of totality, but I was certainly the right tech for the job.

First off, I had to identify just what the hell I was dealing with, and I needed to see just how bad things were.  The Windows 7 boxes still ran, and Server 2012 was still chugging along.  The damage was limited to the documents.  I had briefly hoped that a security through obscurity situation would have shielded the special legal database.  Nope, it was assimilated along with every document.

Ok, so it’s bad.  However, the machines are running and doing what I want them to.  So I’ve got some control of the situation.  I grabbed some of the encrypted files and I figured out the exact type of ransomware though a web based solution.  It was encrypted with the Nemucod ransomware.  It also looked like it had some flaws within it at the time, and I might be able to decrypt it.

Before I go on,  I’d like to stress that BleepingComputer.com provided invaluable information during the incident.  They had the guides and software.  I do believe this saved a lot of time vs me learning how to decrypt it on my own.

Learn more about Nemucod and how to clean up after it:  HERE.   That link sure did help me.  I spun up a Windows 7 VM to grab the needed files to decrypt, and it all went smoothly.

The day was saved and all was well.  However, I wanted to make sure that this wouldn’t happen again.  That goofy malware was trying to get into the admin accounts and it racked up around 30k in login attempts.  Although, it kept using a default domain name and never actually tried to login into the real account.  It had more than enough time to brute force the login.  Luck was with the firm.

While I imagined they would not open any attachments in the future, I like to do a thorough job.  I setup their computers so all .js and .wst files would open in Notepad.  If you’d like to know how, I recommend checking this LINK out.  It worked out great, and I heard no complaints.

Thank you for reading.  Check out my REAL early posts to learn more of my background.

I had a total bender over the weekend watching Silicon Valley, and I’m a bit inspired.  The crack is finally on the correct course, and it should take care of itself for the next few days.  My clients are good for the most part, and I’m not in a gaming or video making mood.  After binge watching Silicon Valley, I want to get back into coding.  I can read, modify, and bugfix code.  However, I was not that great at writing code outside of an excel spreadsheet.

I’ve got a couple projects in mind.  I’m trying to think of how to translate some of my old excel programs into something that would work on an Android phone.  I’ll convert them, help myself with some new tools, and maybe make some side money.  I haven’t coded in years..  and I really only learned cobol.  I also have an idea involving DCS World.  I don’t want to say what I have in mind, but I find there is a lack of DCS World apps on the Google Play store.  I’d like to fix that.

On a side note, I finally got the site a SSL certificate.  At some point I’d like to add comments and such.  Not so much that I expect huge discussions over my writings here, it’s more I’d rather setup sites like this for others.. for money..  I better know how to keep the chat locked down from spam.

It’ll be a few weeks before I have anything to show from my coding.  As is tradition, I’ll be jumping into the deep end of the pool to panic myself into doing something harder then I should try.  😉

Silicon Valley rocks btw.  Highly recommend it.  I do wish I could stream season 1 of Mr Robot to my PC through my cable provider, but nope.  They only have season 2..  Anyway.

I leave you with a moment of zen

The crack marches onward.  I figured it would take some time to get it right, but it’s starting to go beyond what I anticipated.  I don’t think it’s a particularly complex password, but it’s long.  Since it hasn’t shown up in the password list attempts, I’m starting to believe I’m doing something wrong.  *sigh*  I’m very noobish when it comes to doing ones own cracking, and it shows..  I should probably grab one of the big password lists leaks out there, and make sure I’m actually doing this correctly to begin with.  Haha..  (shit). 8 days left on the current attempt.

On the gaming front.  DCS World has released the F-5e fighter.  I’m not really jazzed about it though.  I already have two other low end jet fighters with the F-86 and the Hawk.  I guess if I didn’t have the Hawk, I’d probably be more interested in the F-5.  It looks like a great aircraft, and it’s guns are quite deadly.  However, I’d rather fly the Mirage over the F-5 every time.  I’ve really been appreciating the updates RAZBAM has made to their Mirage 2000-C.  The constant updates since release have really caught my attention, and really made me feel much more confidant about supporting them.

I’ve been flying the Mirage a lot lately, and even scored my first Air to Air victory over another player while flying it.  He was in a Mig-21, and he came pretty close to killing me.  I lucked out when he fowled his engine and needed to restart it.  I did get some really cool footage from the fight, and I’ve been trying to edit it together.  It was going really well until DCS updated.  The update broke every DCS track file.  Eh..  At least none of the drives has crashed.  🙂  It’s coming along..

I eagerly await the new aircraft on the way.  The F-14 is still a must buy whenever it comes out.  Hopefully this year.  PLEASE!  The Viggen could be out any day or year from now.  Who knows?  The info on that is so positive yet scarce.

I’ve been sinking time into Naval Action (video soon…lol) and RimWorld.  Both very different and very good at their niche.  Sailing boats from 1750-1830s?, and a more graphical Dwarf Fortress on the other end.  I’d recommend both actually, and I’ll do so in later posts.  Probably about the same time I check this post for typos.  Haha!

Be excellent to each other folks.

I’ve been working on a neat project the last few weeks.  A friend of mine needed me to crack into a Windows install.  This is all authorized and legit.  I’d rather not get into the details of why though.  I’ll just say it’s legal as it is his computer now for reasons.

A few years back I got into crypto coin mining, and I assembled a fairly low end mining rig using some Nvidia 750TIs.  While the coin mining was pretty much a bust (I’ll save that story for another post), I did learn quite a bit about cyptology and such.  Crypto coin mining is pretty much a big encryption puzzle.  It was not difficult to re-task the miner into cracking passwords using a really nice program called hashcat.

I don’t have the time to write up the full report on what I’m learning, but it’s pretty fascinating stuff.  The numbers being used are so large it will boggle your mind.  I don’t even know the names of these large numbers!

So in the next few weeks, I’ll be assembling some facts about password complexity vs time to crack.  So far my setup hasn’t broken anything, I do hope the story will end with a successful crack for the original mission.

Huzzah!  I’ve finally gotten a video to 800 views!  My previous record was 734ish views, and that video was really old.  So, I was rather surprised that a rather dull, in my opinion, M2000-C landing video actually got 800 views!

I believe this has to do with the timing of the videos release.  I put it up almost immediately after the M2000-C was released.  I mean the video quality is pretty good in my opinion, but I did mess up the in cockpit sounds.  It’s so quiet it breaks the immersion in my opinion.

I just find it odd that it is currently my best video on YouTube, and I must laugh about it.  It isn’t really a tutorial, but I saw it getting hits from ‘landing tutorial’ searches.  I didn’t add the tutorial tag for it.  It just shows a good landing.  Although if you watch it to the end, you do see me screw up and almost taxi into the grass.  I made a mistake and left nose wheel steering activated.  It didn’t help that I did it while in external view so I hadn’t realized I was turning until it almost too late.

I’m a little more excited for the DCS World JTAC Bombing video.  It has only been up a month, and it is about to surpass 800 views itself.  I know for a fact part of this is because of the time stamps.  I had seen on a tutorial video that if someone clicks on one of the time stamps, it will count as another view.  So I did it partially to make it easier to find some action in an hour long video, and partially for the extra views I knew it would bring.  I’m really excited to see how many more views that one will get.

On a side note, I’d like to thank the nation of France.  You fine people are responsible for the majority of my views with the USA just a bit behind them.  I’m going to assume that is mostly due to the video showcasing a French jet, and I can totally get behind that.

I know I built this rig to make more videos, but there is only one thing I want to record at the moment.  That ‘thing’ is the SA-342 Gazelle helicopter from Polychop Simulations.  I’ve been following the development of this module from the start, and I’m a little amazed, in a good way, that it’s actually being released.

I remember from way back when the good sir at Polychop announced that he would be creating a free mod for DCS featuring the Gazelle.  I kind of thought it was a joke until he started to put up screenshots.  They were some good looking screenshots and I began to believe it would actually happen.  There have been plenty of teams who have come and gone away after announcing a new aircraft for DCS World.  Polychop was not one of these.  They did the opposite, and they actually incorporated while expanding the team.  (Hype Intensifies)

Now, I know it was supposed to be free.  However, I’m not bothered at all knowing I’ll have to pay for it.  I know that the development has taken years, and a lot of hard work went into coding the helicopter.  That hard work and dedication should be rewarded.  Although, I’d imagine that for everything to be proper in the business sense, they would need to license the aircraft.  I’d also imagine that licensing is not cheap.

So, I’ll be sure to get some new videos up as soon as I can get my hands on the Gazelle.

Be excellent to each other, and stay awesome.

Well, it didn’t take me long to begin fussing with the new hardware.  I’ve tested it out on a good deal of my game collection, and I’ve been loving the added performance.  It didn’t take me long to see how it handled recording, streaming, and transcoding.  It has exceeded every goal I was hoping to achieve.

It took under two minutes for it to render a 48 second 1080p @ 60FPS video.  I’m liking this ratio and I hope it keeps up when I’m finally able to squeeze more video quality out of Sony Movie Studio 13 Platinum (Steam sale buy).

I’ve tested out the new hardware in Open Broadcast Software, and I’m just in awe at how much better it can do video work.  I can now use OBS to record, have it look really good, and not kill my CPU power!  I’m pretty stoked about that, but I can finally live-stream DCS World and not have it look like garbage every time I move my head in freetrack.  Seriously, the pixelation that would happen just looked awful.  I hid most of those streams on Youtube.  Ah well, the latest DCS live-stream looked fantastic and ran just as well.  I could use a better mic for them, but that’s not an immediate concern.  I know it’s important, but it’s not going to happen for a bit.

Anyway, here is my first render on the new hardware.  The footage quality should be improving from here on.  The OBS recordings look a bit nicer in my opinion.

I finally put all the parts together for my new build.  It’s an i7 4790k with an AsRock motherboard.  The video and sound cards came along for the ride.  I’m waiting for the new NVIDIA cards before I upgrade my old 770, and I still like my SoundBlaster X-Fi Fatality.  It works great with my headset.  I’m sure on-board sound has improved immensely since the old IBM PC days.  However,  I’m old school.  I like my soundcards.

I did jump in head first into the world of the m.2 SSD drive.  I had no idea what these things were when I first saw it on my motherboard.  A close friend of mine asked about them, and I was pretty dismissive of the whole thing.  They were tiny, but I didn’t see any advantage over a SATA SSD.  The read speeds seems about the same.  I only saw them in the 500 MBps range.   My friend looked deeper into it and found an m.2 drive with a 2200MBps read speed.  Read speed has been a bottleneck for as long as I’ve gamed.  Cassette tape drive old school.  This could be a great thing.

I had to check this out for myself.  That kind of speed is amazing, and I’m loving it.  I’ve built a awful lot of PCs over the years, and I never was able to have something for myself that I considered to be the best.  For once I can say that my machine is a fucking beast now.

It loads faster then it takes my keyboard to power up so I’m having trouble getting into the BIOS.  Ha!  It’s amazing!

I finally bit the bullet and installed Windows 10 on one of my personal machines, and I’m not hating it.  I still haven’t figured out how to search for things as quickly as I could in 8.1, but I’m hesitant about using Cortana.  However,  A big thank you to the Microsoft Overlords for the entitlement licenses program.  I like fresh installs, and my Windows 10 install went absolutely flawlessly with the old 8.1 Key.

It’s kind weird how well it went down.  I figure it took me 3 hours from teardown to patching Windows 10 on the new hardware.  Hell, it assigned the drive letters to the old HDs exactly how I wanted it to go down.  I’ve never had a build go so well.

Benchmarks compared to the old i5 build?  Well I figured the m.2 was too radical of a change to the variables.  So outside of comparing the CPU usage, I have no hard numbers to give yet.  DCS World usage is down 50% and the game loads freakishly fast now.  It’s one of the few games I’ll make room for on the m.2 since it doesn’t have a lot of space.  Eh, I’m learning how to offload document, music, and movie data to other drives to keep the m.2 clear for now.  Although I can install a few more things on the SATA SSD now.  🙂

Now I need to see how much it improves transcoding times.  I justified an i7 for moving making, right?  I better put something out!  It is most certainly a good thing I’ve been practicing a lot in the DCS World Mirage 2000-C.   😉  DCS was the the first game I made sure I had working correctly.  HOTAS and FreeTrack (via FaceTrackNoIR) are working well, and I have a working mission with an AI JTAC so I can use GBU-12s to bullseye some T-90s.

As Clint Eastwood said in FireFox, “What a machine.”.  I highly recommend the Samsung m.2 Pro.