Posts
2722
Following
485
Followers
1167
A drunken debugger

Heretek of Silent Signal
[RSS] SSD Advisory – SonicWall SMA100 Stored XSS to RCE

https://ssd-disclosure.com/ssd-advisory-sonicwall-sma100-stored-xss-to-rce/
0
1
1
repeated
repeated

Introduction to the Wild West of Proof of Concept Code () aka SSHing the Masses

https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

1
3
0
repeated
5
22
3
repeated

Everyone complains about meetings, but rarely anybody puts time before the meeting to do the work needed for the meeting to be useful.

5
2
1
Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Execution

https://0reg.dev/blog/evernote-rce
0
2
4
[RSS] Looking for vulnerabilities in Strapi (CVE-2024-34065)

http://blog.quarkslab.com/looking-for-vulnerabilities-in-strapi-cve-2024-34065.html
0
0
0
[RSS] Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2)

https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1
0
0
0
repeated

CCC researchers had live access to 2nd factor SMS of more than 200 affected companies - served conveniently by IdentifyMobile who logged this sensitive data online without access control.
You had one job.

https://www.ccc.de/en/updates/2024/2fa-sms

1
6
0
repeated

Does anyone have a technical reference (assuming it is public) for the hardware additions to ARMv8 which Apple made in Apple Silicon to support Rosetta 2?

1
1
0
repeated

“Admiral Grace Hopper’s landmark lecture is found, but the NSA won’t release it “: https://www.muckrock.com/news/archives/2024/jul/10/grace-hopper-lost-lecture-found-nsa/
(I heard her speak at Chapel Hill when I was in grad school. Sadly, she did not hand out nanoseconds at that talk.)

3
4
0
repeated

"adhd is a new thing" is very funny to me, you used to be able to buy amphetamines over the counter, anyone with it could self medicate

much like erdős did, heh

a close friend bet him $500 he couldn't last a month without them. he did

"you have set mathematics back by a month"

2
3
1
"organize the world's information and make it universally accessible and useful"

I try hard to maintain an up-to-date copy of Ghidra's documentation so people (incl. myself) can find things like:

https://scrapco.de/ghidra_docs/javadoc/ghidra/framework/model/AbstractDomainObjectListenerBuilder.EachBuilder.html

Notably, I have to spend considerable amount of time in different SEO consoles, because today serving useful, unique content is not enough to pass the bar of most search engines.

To be clear: #AdTech is the cause of this, and I'll be happy to drink the tears of everyone who will fall with it when the bubble finally pops.
0
1
1
repeated

gambling is the only non-substance addiction disorder recognized in the American Psychiatric Association’s DSM-5 🤔 good thing modern smartphone use is totally unlike gambling in any way whatsoever

3
3
0
repeated
repeated

My blog post about several findings in Dynamics 365 Business Central. I tried writing in a .NET primer style for code audit beginners.

https://frycos.github.io/vulns4free/2024/07/10/dynamics-ups-and-downs.html

0
8
0
repeated

VMware security advisory: VMSA-2024-0017
CVE-2024-22280 (8.5 high) SQL-injection vulnerability in VMware Aria Automation: An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database. No mention of exploitation.

0
1
0
repeated

Only something this useless could be this educational https://robertheaton.com/pyskywifi/

2
3
0
Show older