We are the Electronic Minds, a group of free-minded rebels. Cyberpunks. We live in Cyberspace. We are everywhere. We know no boundaries. This is our manifest. The Cyberpunks’ manifest.

I. Cyberpunk

1. We are those, the Different. Outsiders. Technological rats, swimming in the ocean of information

2. We are the introverted little kid at school, sitting at the last desk in the corner of the classroom.

3. We are the teenager all his classmates consider strange.

4. We are the student hacking computer systems, exploring the depth of his reach.

postmarketOS is a touch-optimized and pre-configured Alpine Linux. It can be installed on smartphones and other devices. It is in a very early, experimental state and not usable for most people yet. pmbootstrap allows installation and development of pmOS.

The Flame device is the official reference device for developing, testing, and debugging Firefox OS and open web apps.

Documentation

• postmarketOS website and wiki
• pmbootstrap git repository
• postmarketOS on Mozilla Flame (t2m-flame)
• postmarketOS Installation Guide
• Mozilla guide on Flame (obsolete)
• Firefox OS initial setup on Flame
• Mirror of abandoned Mozilla Flame B2G builds

Below are some useful Linux commands for penetration testing, target reconaissance and capability assessment. Use them for good, not for evil. Part 1 is here.

Identify operating system, kernel version

$ cat /etc/issue
$ cat /etc/*-release
$ cat /etc/lsb-release
$ cat /etc/redhat-release
$ cat /proc/version   
$ uname -a
$ uname -mrs 
$ rpm -q kernel 
$ dmesg | grep Linux
$ ls /boot | grep vmlinuz-

dig (domain information groper) is a network administration command-line tool for querying Domain Name System (DNS) servers. dig is useful for network troubleshooting and for educational purposes. dig can operate in interactive command line mode or in batch mode by reading requests from an operating system file.

When a specific name server is not specified in the command invocation, it will use the operating system’s default resolver, usually configured via the resolv.conf file. Without any arguments it queries the DNS root zone.

Make sure you read the dig manual here or on your Linux machine:

$ man dig

For start, let’s query Google’s DNS server for all A records that point to a specific DOMAIN:

$ dig A +additional +multiline +trace +dnssec <DOMAIN>. @8.8.4.4

In case you don’t know what Meltdown and Spectre are, check this out (paper for Meltdown | paper for Spectre).

Below is the assembler code (link for download | mirror) that breaks the isolation between userspace and kernelspace, aka Meltdown. For research reasons, of course.

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge.