Add truth finder about why I was breached. - annna - Annna the nice friendly bot.
HTML git clone git://bitreich.org/annna/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/annna/
DIR Log
DIR Files
DIR Refs
DIR Tags
DIR README
---
DIR commit 48d4c8568dcf6f0471b63a4b43e07b5ab7d1823b
DIR parent 749c7ee3a0592724db97e102d06b9861c99f08e6
HTML Author: Annna Robert-Houdin <annna@bitreich.org>
Date: Fri, 16 Jul 2021 20:14:02 +0200
Add truth finder about why I was breached.
Diffstat:
M annna-message-common | 7 +++++++
A why-was-i-breached | 104 +++++++++++++++++++++++++++++++
2 files changed, 111 insertions(+), 0 deletions(-)
---
DIR diff --git a/annna-message-common b/annna-message-common
@@ -306,6 +306,13 @@ case "${text}" in
"${botname}, please pray for me.")
annna-say -c "${channel}" "${user}, here, for you: gopher://bitreich.org/9/memecache/llaminim.mkv"
;;
+"${botname}, why was I breached?")
+ breachtext="$(why-was-i-breached)"
+ if [ -n "${breachtext}" ];
+ then
+ annna-say -c "${channel}" "${user}, ${breachtext}"
+ fi
+ ;;
"${botname}, please say "*)
word="$(printf "%s\n" "${text}" | cut -c 19- | sed 's,\t, ,g')"
suri="$(printf "%s\n" "${word}" | bitreich-speak)"
DIR diff --git a/why-was-i-breached b/why-was-i-breached
@@ -0,0 +1,104 @@
+#!/bin/sh
+#
+# From: https://whythefuckwasibreached.com/
+#
+
+actors="Russians
+NSA
+FBI
+North Koreans
+Chinese
+Anonymous collective
+teenage hacking prodigies
+Iranians
+KGB
+industrial spies
+competition
+Europeans
+Americans
+cyber terrorists
+advanced persistent threats
+state actors
+rogue AIs
+APTs
+Fancy Bears
+foreign assets
+master hackers
+technology whiz kids
+script kiddies
+hacking activists
+hacking people
+security community
+internet crowd"
+
+methods="0-day exploits
+unprecedented XSS vulnerabilities
+infiltrators
+overwhelming force
+botnets
+ransomware
+DDoS attacks
+IoT malware
+advanced techniques
+hacking drones
+cyborg bees
+digital nukes
+the open door in our basement
+that one vulnerability we were going to patch next Tuesday
+that other vulnerability we were going to patch next tuesday
+something something vulnerability
+vectors we really couldn't have prevented
+vulnerabilities in a 3rd party solution
+weaknesses in our vendors
+nefarious techniques
+an issue in Wordpress 1.0
+Heartbleed
+a vulnerability in Windows XP SP1
+pen and paper based social engineering
+an open window in the server room
+30 - 50 feral hogs"
+
+targets="gain access to some data
+cause a minor disturbance
+potentially access some customer data
+cause an undetermined amount of damage
+partially disrupt our services
+breach our high security servers
+glimpse into our database
+transfer 7 petabytes of data
+extract some private keys
+do something, but we aren't quite sure what it is
+make a mess
+make us look bad
+force us to release this report
+hack the coffee maker
+install a C99"
+
+mitigations="made everyone promise to be super super careful
+gotten ISO certified
+gotten PCI certified
+worked with industry leading specialists
+upskilled our cafeteria staff
+hired external consultants
+worked with law enforcement
+bought an IDS
+twiddled with our firewall
+been pretty good about security
+hired some people with 'CISSP' after their names
+watched a YouTube video on cyber security
+told them to not do it again
+said that we are very sorry
+copy-pasted a security policy we found on Google
+hired a Russian dude
+watched the movie Hackers 8 times back to back
+sent one of our guys to Defcon
+put a rotating lock GIF on our website"
+
+selactor="$(printf "%s\n" "${actors}" | shuf -n 1)"
+selmethod="$(printf "%s\n" "${methods}" | shuf -n 1)"
+seltarget="$(printf "%s\n" "${targets}" | shuf -n 1)"
+selmitigation="$(printf "%s\n" "${mitigations}" | shuf -n 1)"
+
+printf "The fucking %s used %s to %s. But we have since %s, so it will never happen again.\n" \
+ "${selactor}" "${selmethod}" "${seltarget}" "${selmitigation}"
+