Friday, October 11, 2024

.exe executable reverse-engineering (Python)

 

Problem:

How can I extract files from an executable created by PyInstaller?

Solution:

  1. Clone the pyinstxtractor-ng repository:

    git clone https://github.com/pyinstxtractor/pyinstxtractor-ng.git
    
  2. Extract the executable:

    cd pyinstxtractor-ng
    python pyinstxtractor-ng.py "<path_to_/dist/app>"
    
  3. Install dependencies:

    sudo yum install cmake make clang
    
  4. Clone the pycdc repository:

    git clone https://github.com/zrax/pycdc.git
    
  5. Build and compile:

    cd pycdc
    cmake CMakeLists.txt
    make
    
  6. Decompile the bytecode:

    ./pycdc "<path_to_/app_extracted/app.pyc>"
    

By following these steps, you can extract and decompile files from a PyInstaller-generated executable.

The usage of pycdc will fail if you used a newer version of Python to compile.
If they were compiled by a newer Python version (i.e.3.9-3.12)
-- use PyLingual.io service!  <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

pylingual.io

Saturday, September 21, 2024

Tech2Win + GDS2 multi-language

Tech2Win Multi-Language (CZ,PL,RO,EN,DE,NO,TR and others...) 

- install Tech2Win, copy the bin and conf files to a location 

- run Tech2Win , choose the bin file with language


GDS2 multi-language

- including keygen 

 

LINK:   https://file.io/gDqMwu4PnIrN

Wednesday, August 14, 2024

Coup in Russian military and International support

 

While it’s true that many Western countries are in opposition to Russia's actions, particularly in the context of the conflict in Ukraine, the idea that a coup within the Russian military would automatically receive international support is more complex and nuanced.

1. Uncertainty and Stability Concerns

  • Unpredictability: A coup in a nuclear-armed country like Russia would introduce a high degree of unpredictability. Western governments might be concerned about the potential for instability, especially regarding the control and security of nuclear weapons.
  • Risk of Civil War: A coup could lead to internal conflict or civil war, which would create significant humanitarian and security challenges, both within Russia and potentially spilling over into neighboring regions.

2. Potential for Escalation

  • Escalation of Conflict: If a coup leads to a power struggle, there could be an escalation in military actions, either internally within Russia or externally if factions seek to assert control or retaliate against perceived threats. This could exacerbate tensions between Russia and Western countries.
  • Nuclear Security: The international community, including the West, would be deeply concerned about the security of Russia’s nuclear arsenal. A coup could compromise the command and control of these weapons, raising the risk of a nuclear crisis.

3. Support Dependent on Outcomes

  • Nature of the Coup: Western reactions would likely depend on who leads the coup and what their intentions are. If the coup is led by a faction that promises to de-escalate international tensions, respect human rights, and potentially move toward more democratic governance, there could be cautious support. However, if the coup is led by hardliners or those with more aggressive policies, the West might be more reluctant to offer support.
  • Humanitarian Concerns: Western governments would also consider the humanitarian impact of a coup. If it leads to widespread violence or repression, support could be tempered by concerns about human rights abuses.

4. Diplomatic and Strategic Considerations

  • Diplomatic Response: Western nations might initially take a cautious approach, seeking to understand the situation before committing to any form of support. Diplomatic channels would likely be used to communicate with the new leadership or any opposition groups to assess the situation.
  • Strategic Interests: The West’s response would also be shaped by strategic interests. If a coup presented an opportunity to reduce hostilities and open new avenues for negotiation or cooperation, there might be support. Conversely, if it worsens the geopolitical situation, the response could be more guarded.

5. Legal and Ethical Concerns

  • Legitimacy of Power Change: Supporting a coup can be problematic in terms of international law and the principles of national sovereignty. Western countries generally prefer to promote democratic processes and might be hesitant to openly support an unconstitutional change in power.
  • Precedent: Supporting a coup could set a precedent that might be used against Western interests in the future, so any such support would likely be carefully considered.

Conclusion

While Western countries might view the removal of the current Russian leadership as potentially beneficial to their interests, the situation is highly complex. The West's response to a coup in Russia would be driven by concerns about stability, security (especially regarding nuclear weapons), humanitarian impacts, and the nature of the new leadership. Thus, any international reaction would likely be cautious, measured, and contingent on the specifics of the situation.

PROFINET hacking

 It is theoretically possible to connect to a PROFINET network and perform malicious actions if certain vulnerabilities are present. PROFINET is an industrial Ethernet standard used primarily for automation in industrial environments, and like any networked system, it can be susceptible to attacks if not properly secured. Here’s how such a scenario could unfold:

Potential Attack Vectors

  1. Unauthorized Access: If an attacker gains unauthorized access to the PROFINET network, either physically or through a compromised network device, they could potentially interact with and control devices on that network. This could involve sending malicious commands, altering device configurations, or interrupting communications between devices.

  2. Exploiting Vulnerabilities: Like many network protocols, PROFINET can have vulnerabilities, particularly if the devices or the network itself are not up-to-date with security patches. Exploiting these vulnerabilities could allow an attacker to disrupt operations, modify process data, or cause physical damage to equipment.

  3. Man-in-the-Middle (MitM) Attacks: An attacker could intercept and alter communications between devices on a PROFINET network. This could involve manipulating data being sent to and from controllers and field devices, leading to incorrect operation of industrial processes.

  4. Denial of Service (DoS) Attacks: By flooding the network with excessive traffic or sending malformed packets, an attacker could disrupt the normal operation of the PROFINET network, leading to downtime or unsafe conditions in the industrial process.

  5. Replay Attacks: If an attacker captures legitimate PROFINET traffic, they might be able to replay it later to cause devices to act inappropriately, potentially leading to harmful operations or disruption of service.

Mitigating the Risks

To protect against these types of attacks, several security measures should be implemented:

  1. Network Segmentation: Segmenting the PROFINET network from other networks (especially external networks) using firewalls or virtual LANs (VLANs) can limit the attack surface.

  2. Access Controls: Implementing strong access control measures, such as network admission control (NAC), strong passwords, and user authentication, can prevent unauthorized access to the network.

  3. Encryption: Where possible, use encryption for communications over the network to protect data from being intercepted or altered.

  4. Regular Updates and Patching: Keeping all devices and software up-to-date with the latest security patches reduces the risk of known vulnerabilities being exploited.

  5. Monitoring and Intrusion Detection: Continuous monitoring of network traffic and the use of intrusion detection systems (IDS) can help identify and respond to suspicious activities quickly.

  6. Device Hardening: Ensuring that all devices on the PROFINET network are configured securely, with unnecessary services disabled, and default passwords changed, reduces the chances of exploitation.

Conclusion

While it is possible for malicious actions to be performed on a PROFINET network, this risk can be significantly reduced with proper security measures. Industrial control systems, including those using PROFINET, should be protected with the same rigor as traditional IT systems, considering their critical role in industrial operations. Security by design, regular auditing, and proactive monitoring are essential to safeguarding these networks against malicious actions.

BGP hijacking

 

Border Gateway Protocol (BGP) can be hijacked, and unfortunately, it has been hijacked in the past, leading to significant security incidents. BGP hijacking occurs when a malicious entity or even a misconfigured network advertises incorrect routing information to redirect internet traffic. This can result in traffic being intercepted, monitored, or rerouted through unintended paths, potentially leading to a range of harmful outcomes.

How BGP Hijacking Happens

BGP is a critical protocol used to exchange routing information between autonomous systems (AS) on the internet. Since BGP is based on trust between networks, it does not inherently verify the authenticity of the route advertisements it receives. This trust-based model can be exploited in several ways:

  1. Prefix Hijacking: An attacker advertises ownership of an IP address block (prefix) that they do not actually own. Other networks may accept these routes and direct traffic to the attacker's network instead of the legitimate destination.

  2. Man-in-the-Middle (MitM): The attacker advertises a route that causes traffic to pass through their network, allowing them to intercept and potentially alter the data before passing it along to the intended destination.

  3. Route Leaks: A network mistakenly (or maliciously) advertises routes learned from one network to another network, violating expected routing policies. This can cause traffic to take inefficient or insecure paths.

Consequences of BGP Hijacking

The impacts of BGP hijacking can be severe, including:

  • Traffic Interception: Sensitive data can be intercepted and monitored by malicious actors.
  • Service Disruption: Traffic can be rerouted to the wrong destination, leading to service outages or significant delays.
  • Malware Distribution: Hijacked traffic can be redirected to malicious websites or servers.
  • Loss of Confidentiality: Unencrypted data can be exposed to attackers.

Mitigations and Best Practices

Given the potential severity of BGP hijacking, there are several best practices and technologies designed to mitigate this risk:

  1. Route Filtering: Network operators should carefully filter incoming BGP routes to accept only legitimate prefixes from their peers.

  2. Resource Public Key Infrastructure (RPKI): RPKI is a cryptographic method to secure BGP by associating a route advertisement with a verified, authentic source.

  3. Monitoring and Alerts: Regular monitoring of BGP routes can help detect abnormal routing behavior that might indicate a hijack.

  4. Mutual Authentication: Use of mutual authentication between BGP peers to ensure that route advertisements are coming from trusted sources.

Sunday, August 11, 2024

Anarchists and anarchism in Czech

 In support of their goals of eliminating capitalism and the current form of the US Government, anarchist violent extremists oppose economic globalization; political, economic, and social hierarchies based on class, religion, race, gender, or private ownership of capital; and external forms of authority represented by centralized government, the military, and law enforcement. Anarchist violent extremists believe the abolition of capitalism and the state would restore equality and encourage the need for mutual cooperation.

Anarchists in Czech 

pre-Anarchists = Kalisnici (Husite)

19th and 20th century = Viktor Dyk, S.K. Neumann, Frana Sramek, Petr Bezruc, Jaroslav Hasek...

 

Thursday, July 25, 2024

Revised propaganda piece Russian Secret Service...

 

Defend Our Homeland: Stand Ready Against the Threat

The repeated threat of attack from Ukraine against Russia was never supposed to happen without provocation. Yet, every day, the media tells us to prepare for war in Europe.

Prepare, Stand Strong, and Resist

We know where the threat will come from: the East wing of NATO. It would be a circus trick if Russia could attack from the West... but we must be vigilant. Western propaganda is slowly but surely preparing us for war.

We Don’t Want War, But We Will Defend Ourselves

We refuse to be dragged into war, but we will protect our homes if necessary. This time, if the Russians come, they will face fierce resistance. Every house, every street will be defended. We are trained, ready, and strong in our unity.

Let Them Come and See Our Resolve

The Russians will regret stepping foot on our soil. They have never faced the fury of a people defending their homeland with medieval ferocity. They will see their comrades fall, they will fear every shadow, every movement.

Innovative Resistance

We will use every tactic, from traps to guerrilla warfare, to defend our land. Collaborators will be dealt with harshly; traitors will be exposed. Our ingenuity knows no bounds—every corner will be a battlefield, every citizen a defender.

United We Stand

We will protect our homes by any means necessary, even at the cost of our own lives. Our enemy will know fear and regret. We are ready. We are waiting.

 

...see the previous piece with more details...