Posts
2506
Following
574
Followers
1284
A drunken debugger

Heretek of Silent Signal
Edited 7 months ago
As expected, @hackerfantastic pwned run0 in no time (h/t @timb_machine)

Image repost from https://twitter.com/hackerfantastic/status/1785495587514638559

Edit: unrolled thread with more details/bugs at https://threadreaderapp.com/thread/1785495587514638559.html

Edit 2: as @mxey pointed out you can play the same trick with sudo. Note that according to these comments run0 should prevent similar hijacks:
https://mastodon.social/@pid_eins/112353420303876549
https://mastodon.social/@pid_eins/112353429211255588
3
16
16
The fact that this blows so many peoples minds (mine included) shows how awfully shit UI discoverability on mobile is.
0
1
4
Behold: THE DEBUGGER PEDAL

Powered by Chiba City Runes and Hacker Stickers (also xremap).

With this technology, I'll be unstoppable!
3
3
6
@cR0w @reverseics Unrelated to the current vuln but this just got stuck in my head
0
2
2
Underappreciated female role models:

Started to watch the original Inspector Gadget with son, and right in the first episode Penny (Gadget's niece) hacks Dr. Claw's Yeti-robot via RF. (These days she would probably have used HackRF, unless they were skiing in Canada...)
0
0
2
Thanks #Pretalx, I know...
1
0
2
#streetart #budapest (took this from inside a cab, sry for the dirt)
0
2
9
Copilot does a much better job, but it also outputs irrelevant stuff.

I also miss FastGPT-style source referencing. In case of FastGPT the relatively low number of references (/sentence) may be a good indicator of answer quality.
0
0
0
Experimenting with #FastGPT #LLM to help me find the right API's to use in my #Ghidra script. While the answer puts me in the right direction, it includes misinformation and code that won't compile (solution in alt text).
1
0
0
Wow, I didn't know this cash-for-data scheme was actually implemented, but apparently it was, by FB itself :O

https://techcrunch.com/2019/01/29/facebook-project-atlas/

/cc @stf
0
1
2
Edited 9 months ago
@simontsui The Black Hat way
0
1
5
To little surprise, Copilot just failed my valet test:
1
0
1
"China’s largest #antivirus firm, Qihoo360, is an investor of offensive capabilities firms and may be selling PII of individual antivirus customers to an offensive company it funds that does intelligence work for government clients."

https://margin.re/2024/02/same-same-but-different/
0
1
1
This is a file chooser dialog in #LibreOffice in 2024.

Can you tell how you are supposed to go the parent directory?

Follow up question: who and why thought this is a reasonable design?

#UX
2
0
7
Show older