Thank you to everyone who made it out for my DEF CON 33 presentation, "Shaking Out Shells With SSHamble", you can find the materials online at https://hdm.io/decks/MOORE%20-%20Shaking%20Out%20Shells%20With%20SSHamble.pdf

This deck includes some lightly-censored zero-day and I recommend tossing `sshamble scan -u root,admin,guest 22,24442,2222,70,222,10022,10399,2022,22222 --interact=all` at your local network to see what shakes out =D

(PS. You can find most of my presentations at https://hdm.io/)

Finally a useful magic quadrant

Thanks to @wendynather for the discovery.

#cybersecurity #vulnerability

On a fresh #Linux install in 2025...

Reinforcement learning makes LLM bullshit more.
https://machine-bullshit.github.io

[RSS] Creating the longest possible Ski Jump in The Games: Winter Challenge

https://mrwint.github.io/winter/writeup/writeup2.html

[oss-security] CVE-2025-55188: 7-Zip: Arbitrary file write on extraction, may lead to code execution

https://seclists.org/oss-sec/2025/q3/82

🐧🏆 Linux just bagged a Pwnie with my CVE—well, technically multiple rejected CVEs 😏 Congrats!

📜 BTW, MITRE is still investigating my -4.6 Dispute Resolution- request… submitted back in June. 🗓️⏳

If you want an ebook of some public domain work, either:

1. Check standardebooks.org before Gutenberg. They clean up books from Gutenberg with sane typography and print design.

2. Consider buying a "Dover Thrift Editions" version of the ebook. Many fly-by-night ebook "publishers" are turning a quick buck on selling you a Gutenberg edition. Dover is a real publisher, even in print, and their well-formatted ebooks of public domain works are usually under $4, or even less.

Happy Zero Cool Day

I wonder how things are going right now in the universe where IBM chose CP/M for the IBM PC instead of MS-DOS.

(Like… with computers. I mean.)

@lethalbit Then you'd pbbly also like Mystical: https://suberic.net/~dmm/projects/mystical/README.html

I've been wrestling with #Ghidra's decompiler API and a slight hangover for a couple of hours now (even invoking LLM's!). Turns out I wrote up the gist of the solution 5 years ago:

Ghidra Decompiler Notes (from 2020)
https://gist.github.com/v-p-b/5be986dfe494249374cecf058d4dd41c

I definitely have to find a better place to host this...

#TIL that last month some dimwits at Ventegus Anti-Piracy GmbH (likely on behalf of Hex-Rays?) submitted a #DMCA (Copyright) Complaint to #Google to remove these two pages from search results:

https://0xdeadbeef.info/augur/augur/
https://0xdeadbeef.info/augur/src/haruspex/lib.rs.html

See for yourself:
https://lumendatabase.org/notices/54378675

Not that I care, but WTAF...

I am in this picture.. and I like it :-) #why2025

CVE-2025-48708: #ghostscript can embed plaintext #password in encrypted #PDFs 😶

https://www.openwall.com/lists/oss-security/2025/05/23/2

Debian 13 "trixie" has been released, thanks to everyone involved! "trixie" images are available for download at https://www.debian.org/distrib/ or you can run apt full-upgrade as always ;-) #debian #debian13 #trixie #ReleasingDebianTrixie

[RSS] Should you trust your zero trust? Bypassing Zscaler posture checks

https://www.synacktiv.com/en/publications/should-you-trust-your-zero-trust-bypassing-zscaler-posture-checks

[RSS] Hyper-V Research [by r0keb]

https://r0keb.github.io/posts/Hyper-V-Research/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 004f2a10

tls_post_process_client_hello

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F004f2a10.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F004f2a10.json&colors=light

Thanks to the most awesome @c3voc people the most excellent registration of my #why2025 talk yesterday is up already! DNA & Molecular Biology: A 2025 digital view has been released on media.ccc.de and YouTube #why2025 #Thesquarehole #Andromeda #why2025eng https://media.ccc.de/v/why2025-33-dna-molecular-biology-a-2025-digital-view https://www.youtube.com/watch?v=22lcbiXf9gc https://program.why2025.org/why2025/talk/GGDRKY/