@eater yup. XCOM2:War of the Chosen has a feature called the photobooth, where you can put your soldiers in ridiculous ass poses, and take pictures from different points on the map. Huge variety of poster fonts, image effects, etc.
I don't even understand why the fuck windows update even has error codes when every single fucking one of them always has the same advice from microsoft: Delete SoftwareDistribution, run the troublshooter which never works, run dism /cleanupimage /restorehealth or use the windows 11 installer tool to do a clean install. Don't even bother giving me the error code.
Then you go to the event viewer for windows update logs and its like "the update failed to download" and you ponder the pros of lobotomy via soup spoon.
happy "we always have money to dedicate to this worthless fucking stadium that charges 20 dollars for a beer, but fuck if we have money to maintain infrastructure, schools, feed the children, or literally any-fucking-thing else that returns massive dividends" day
I ran into a shit ton of issues reaching windows update last night, but it turns out that was likely because mitmproxy was grabbing those connections and the OS didn't appreciate that. After I disabled the proxy, it worked fine.
I made some slight changes to my pfblocker config on the firewall. some of these domains just did not want to co-operate with being put in the hosts file.absolutely refused to null route www.msn.com and config.msedge.skype.com so I null routed them on the DNS server. Fuck you: the revengeance
So I tried keeping ms teams and dropbox installed on my malware box to make it look a little "lived in", and I fucking can't lads. Those two apps alone generated like 180MB of traffic in the span of moments after the machine booted. I didn't create a dropbox or teams account for either app on the system and they were just shitting traffic EVERYWHERE.
wonderful. Got mitmproxy and tshark working as services on my windows analysis box. I'm able to stop the services, grab the pcaps, keylog file, open it up in wireshark elsewhere, and apply the keylogfile to decrypt SSL sessions seamlessly.
-Use fog to grab a new Windows baseline image. I'll worry about populating this thing with data later.
-LIVE MALWARE TESTING
-Set up service automation on the Linux malware box and test it.
-After testing, rebaseline the Linux box as well.
-LIVE MALWARE TESTING
in addition to starting MITMproxy on startup, I'm looking to start up tshark. Currently working on perfecting my tcpdump filter to eliminate a bunch of annoying ass noise.