I’ve used chatgpt for work on some SQL queries that I had troubles with and granted it worked.
I have 0 idea if this will compile or work.. I’m sharing the idea that I’m sure is not original:
code:
void execute_shellcode() { __asm__(“mov $0xff,%eax\n\t” “inc %eax\n\t” “xor %ebx,%ebx\n\t” “mov $0xff,%edx\n\t” “inc %edx\n\t” “xor %ecx,%ecx\n\t” “int $0x80”); } int main() { void (*function_ptr)() = &execute_shellcode; function_ptr(); return 0; }
Zero Trust Computing/Networking to me means that you have to assume all end points are directly exposed to the internet and all of their services/ports/exchanges say, “Hey, we are open but refer to the control plane (layered control systems) to access our data plane but you need to verify x amount of information that is dependent on multiple semi-dislike but aligned factors that put together, are hard to reproduce”. All fellow nodes or hosting infrastructures are assumed to be compromised but regardless of how ‘secure’ the zero trust system is, if humans need to interact with it, there will be ways to exploit it. Strong and reasonable cryptography (considering computing power and what information is at stake) along with mitigating low level speculative processing exploits will be of utmost importance and telemetry/diagnostics will become harder to use unless given cascading but potentially tiered/layered permissions.
( “7 principles of zero trust security model“, is a good and short read as well.)
(https://www.youtube.com/watch?v=dCvB-mhkT0w)
Since the ssh client is pretty ubiquitous and has been included with Windows 10 installations for the past couple years, I’ve discovered it can be a useful tcp port scanner if you use the verbose flag:
For Windows:
ssh -p 80 google.com -v 2>&1 | findstr Connect
ssh -p 80 -o ConnectTimeout=1 www.google.com -v 2>&1 | findstr Connect
debug1: Connecting to www.google.com [142.250.191.228] port 80.
debug1: Connection established.
kex_exchange_identification: Connection closed by remote host
As for your *nix systems, just use grep instead of findstr. I hope someone else finds this useful!