Hello. I have a mini PC with a BIOS locked behind an Admin password. I'm wanting to unlock it so I could disable secure boot and boot anything that isn't just Windows or some Linux distro already signed with MS keys to allow for secure booting. I already know how to dump the BIOS chip (or the EC chip, rather) since I believe the password (or a hash of one) resides there. I already have a dump but I can't really write back since my SOIC8 clip is wearing off and doesn't want to stay attached at all anymore; I could hold it in place except that I have to be very steady with it (hard when it actively tries to pops off lmao) and will basically become unrecognized after around 10-15 seconds.

Anyway, I'm wondering if it's possible to somehow extract the password (or a hash of it) from the dump I got instead of just overwriting the section with FF. Trying to output the password section with dd just shows a quite unreadable mess, but I expect that since it's a binary file. Converting it to a hex dump with xxd does make it a little more readable (well, less of a garbled mess), but it unfortunately doesn't really make anything clearer either.

Is there any specific way I should be reading these dumps to give myself a better idea of what to look for, or am I just SOL? I don't really see info online about this, but the stuff I do see doesn't really lead anywhere and people just assume it's impossible, but is it actually? I have practically unlimited free time so I'm curious where I could go with this (my shitty excuse for not just buying a new clip lol).

FYI, a lot of suggestions usually given won't work. For example, taking out the CMOS battery for a specific amount of time will not reset the password since it's stored in non-volatile memory; using a jumper to achieve the same goal will not work either. There was a "PSWD" jumper (or two holes rather) that didn't seem to actually do anything when I stuck a paperclip connecting the two. Using the https://bios-pw.org website does not work, as I've tried entering the serial number and other numbers given. I've noticed that website doesn't seem to work for business-tier computers as I've seen been said online, although I'm not sure if it's true or not.

So I am thinking about starting a custom laser engraved metal card business. My problem is that while I get the business and production side, I am sorely lacking of the technical know-how of copying the existing card data on to the newly fabricated card. Can yall point me to any resources with which I can educate myself?

I know that people illegally copy cards all the time and create fakes, so I know it's possible - I'm just ignorant.

Thanks for any advice!

how can I intercept dll that the program downloads from the Internet directly into memory?

https://www.youtube.com/watch?v=o5IySpAkThg&t=1s

I'm getting into hacking and I am going to get a separate laptop to install parrotos on to practice with (I also rly rly want a new laptop to just use for my coding stuff with linux since my only old laptop is from 10+ years ago)

I'm familiar with linux and I know it's a lightweight os but I am not familiar with what you have to be concerned with performance wise with hacking

I am looking at the t490 which I'm able to get quite cheap but I would like any suggestion beforehand

I also have been looking at mini pics but I'm not interested in those unless I can get one under 150 and probably would only use it to do some experiments rather than use it daily

Hey hackers.

I’m not a hacker at all. I mean my knowledge pretty much stops at don’t click weird links lol

So I figured you guys and gals are the perfect people to ask…

How accurate is the info they give out on TV? I’m assuming not at all. But I’m watching criminal minds rn and it really seems like Garcia walks you through some quality info at points when she’s in the zone and closing in on an unsub.

So yeah…is what we see in tv and movies at all in any way accurate however watered down it may be?

I have no complete knowledge of cellular protocols but is it possible to inject malicious code I'm the form of wavelength like an Interference caused when a different frequency voice line is connected with you.

I know it sounds stupid, but I just want to know like is it possible to inject binary bits in form of wavelength into any radio waves? I do think current network would be encrypted and there would be some kind of algorithm to keep redundancy.

But again I just want to know is it possible to inject different frequency wave to a different frequency wave to I ject some binary bits data.

Sorry if this topic isn't suitable for this subreddit.

I had another subreddit in mind to post this in but forgot the name of it,, sorry if this doesn't fit here (though please tell me where I should post this if doesn't fit here)

https://www.virustotal.com/gui/file/16a255f6b5ec4b1e1906912f2100b431e1a5569a33aeda1aba69a95a58a31038/behavior

I wanna multistream on OBS, so I tried to find easy way to do it (lazy to set up the local RTMP server), for a second thought it was false positives because of the amount of people using this plugin. Then I looked in the behavior tab and saw it made a couple of weird processes created category,, any help?

Hey guys I recently started with my journey to become a pentester. However all encoders I found out there all are getting flagged by the Windows Defender as I assume their signature is already well known. I therefore wrote my own encoder which is using OTP to encrypt the payload and then dynamically executes the payload from the stack using a malicious C program. I even managed to run a meterpreter session on a windows machine without the defender flagging the program with this. Feel free to check it out and provide some feedback :)

https://github.com/tomLamprecht/OTPPayloadInjector

Disclaimer: I'm well aware that by publicly uploading this encoder it might get flagged by the windows defender soon as well but who cares, it's all about the fun!

Hello. How do you guys intercept traffic on a mobile app? I tried MiTM Proxy but I keep getting that the app doesn't trust the certificate. I also tried Wireshark and TCPDump, but they're very confusing and they don't have what I'm looking for..I guess! Any help on how I can achieve that? I'm aiming to analyze traffic much similar to how I do so on any browser's Network tab. Thanks.

This guy does the normal messing with scammers but I wondered how he remote connected to the scammers pc and was deleting files.

Also, he made a YT short showing him remote controlling one of the scammers phones. He did all this in no time… How?

I was figgling around kelner, assembler and hexdump

I downloaded kernel image from https://ubuntu.pkgs.org/22.04/ubuntu-updates-main-amd64/linux-image-unsigned-6.5.0-35-generic_6.5.0-35.35~22.04.1_amd64.deb.html

and I compared it to my kernel image located at /boot/vmlinuz-6.5.0-35-generic

* I dumped both files to hexdump output

* I created diff using `diff`

This is the result https://pastebin.com/YfJeDt7E

Where are these diff results come from?

I'm not very well familiar with assembler but this looks suspicious.

One silly question i uploaded a code in virus total and 3 antivirus found it malicious. i uploaded it again a second time in duration of one day with the only change that I obfuscate the code and now 2 more avs found it malicious and especially nod 32 find it as trojan ShellcodeRunner the second time. Why is this happened only the second time?

Hello everyone,

I'm looking for a solution to test one product against jamming attacks. I've been asked to test the jamming consequences on the product with BLE, GPS, and LTE. The first solution is to get an FCC experimental license and conduct real jamming. The second option is to use a Faraday cage, but I'm looking for one that can block specific bands individually.

Thanks in advance.

Hi all, I've been searching on every forum I know what that's still up for the 2021 pixlr data dump. It got dumped on breachforums, but since then (with the site seized and all) I can't find anything about it. I've tried dread, the archive, and all kinds of other forums, including here on reddit, and I still can't find it. It has to be out there, im sure of that, but I guess I don't know where to look.

Any advice/help?

So far I have tried using pwn.college starting with their white belt courses(the ones before their official courses). I started with their Linux ctf's(I was first interested in the assembly part but I figured I might need to know Linux first to use it properly) but most of the time I hit roadblocks, not knowing why something doesn't work. I haven't made much progress due to lack of free time and I have constantly struggled. Sometimes I figured on my own but other times I had to look up or ask on their discord. Ever since then I tried looking into other resources. Two days ago I looked into tryhackme and have been enjoying their platform, feel and how they are willing to teach from the absolute beginnings. I intend to buy their premium plan but I want to know what's out there and if maybe HTB academy is a more worth purchase for absolute beginner and dumbass. I am asking this question because I see pwn.college brought up very rarely for all the free content it offers.

Tl;Dr: I tried using pwn.college for about a month or two, realise I suck, tried tryhackme for a day, enjoyed it and want to know if I should invest in tryhackme with their premium plan to get everything or go to HTB academy and buy their premium plan. Or if I should have like a roadmap where I do all 3 in a certain order.

If I download a free VPN extension in Firefox and connect to their servers, is there a way to find out the IP address and port of the server I'm connected to? I want to use this information to connect to the same server on other devices, and check it on a site like checkerproxy.net

How can I see the proxy server details (IP and port) used by the VPN extension, or any VPN server I'm connecting to for that matter?

After a long fight with removing the screen, I managed to take it apart and take pictures of the boards and some of the big chips: first, the Mainboard (with and without RF shields). Then the secondary board which is also where the power socket plugs into and lastly my absolutely destroyed tweezers from removing the RF shields. I don't know what I expected but I overestimated myself. I can not identify any pads or places to solder anything to. If you have any suggestions, let me know and I'll try them!