Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
That sounds kinda evil, I thought you didn't want to be evil
Or is this satire? 😜 -
R-C-D157496y@alexbrooklyn hey I'm angry !
Thus the system is stupidly insecure ! (I was going to fix some of them before they fire me ) -
@jschmold I thought this was satire, but I agree this behaviour is unprofessional
-
R-C-D157496y@jschmold well I'm not actually gonna do anything (not that stupid)
Just relaxing my rege :)) -
Dude, you fucked up big time. Just admit it, we all do it here and there. Nobody is perfect, that‘s just how it is.
No need to be angry, you have experience in a field which is well paid and hopefully you can prove you know what you are doing(CVEs etc).
You will laugh about that in a year, even some months.
Cheer up, enjoy life and get to work. You don‘t have a job? Do bug bounties, submit vulns in open/closed source projects and build up reputation, you can do it.
See you at the next blackhat/xxc3/defcon/pwn2own. -
@R1100 I actually have tons of resources but I don‘t know at which level you are.
For example: I started about 12 years ago with my first CVE and 15 years ago with serious security related work.
At the end of may I will talk about security in front of 500 people(from 5 countries) which are all working in security just for our company. This was a long way and I never, let me emphasize this, never thought I can do this.
Since I learned it while the whole industry evolved there was no tutorial but I can give you sources or rate sources if you have questions. For example: web app security or binary exploitation? Do you know where you want to go first? -
R-C-D157496y@ExGetMessage I've been in this field since high school , but still a loooong way :)
Recently I've been on exploit developement and application cracking -
@R1100 ok so exploits. Cracking is nice - in the old days we inserted some nops and that was it - but it didn‘t really earn me money.
If you discover exploits in applications, there are many places to sell those. For example ZDI(Zero day initiative) and a lot more, you don‘t need me to google.
What I can tell you is: You don‘t need to reinvent the wheel. I didn‘t do anything special to get known here for example, but showing a company of over 20k people that all of their websites are vulnerable to web cache poisoning and how I can own them by this? Priceless.
Today it is web cache poisoning, idors(everything is an API) and stuff like this. Sqli is nice and all but normally shouldn‘t work.
I got some time here and there for fun like this. If you need a second eye just message me. -
@R1100 yeah one of my favourites, too, at the moment. Parameter pollution, host injection, stuff nobody thinks about is what I like.
But of course I‘ll use that xss and sqli if it‘s there ;)
Edit: yeah and I use those lfi/rfi/rce if it‘s that easy :) -
@R1100 Huh? Let me show you that db with 4 million users and md5 as password i got a month ago.
Also: into outfile mysql - google it -
The guy is just venting and joking geez..... y'all acting like if he was gonna blow up a fucking building out of spite and shit.
-
@jschmold exactly. He is young but he has been fired. Nothing bad about this. Been there done that.
My juniors don‘t listen to me most of the time but you OP are listening and know a lot already.
That‘s why I said: See you on one of the next big conferences, I know we will.
My guess is the senior who should have warned/instructed you was actually the one who messed up in this case. -
@AleCx04 yeah and your advice is to tell him fucking up is a good thing?
When I was 19 I got drunk and lost all my stuff more than once. So you think this is something I should tell my children to do? No, I will tell them what an idiot I was and how I fucked up. I won‘t tell them to not drink, I will tell them to try and just not be the idiot I was.
Op here is trying and doing pretty good actually. So get off your high horse and get down to us who actually fail, fail again and stand up. -
@ExGetMessage did you read what I said? Did I offer any advice or anything like that? No. The reason being that the dude was just fucking around when he posted this rant.
If anything, it would be stupid to go and give him life advice when he already said that he was joking.
Its like when someone says "i am gonna kill that guy" and some grandpa goes off explaining while killing its bad.
For some reason your awesome skills of reading comprehension got that I was shitting on him when I wasn't.
Its a bad case of the whooooosh man. -
@jschmold joking, venting and like op said "relaxing his rege" which probably meant venting is frowned upon?
This is a rant forum. Not a linkedin forum dude. I get you, i really do, and under a different type of forum i would back you up 100%
But its a devrant app. I ain't taking this shit seriously enough to tell the dude not to post this shit here or tell him that this post is frown upon. -
@AleCx04 I totally got you wrong then. Maybe it was because of the previous rant I read which was written by him.
I totally over-interpreted your post, sorry.
Related Rants
Ok ! I'm fired !
But U fuckers will pay !
Never fire your pentester , NEVER !!
rant
pentester
revenge
rage