incognitjoe @incognitjoe@mastodon.social
If you've ever pulled an old webpage out the Wayback Machine, or made use of their copious collections of old audio, music and film, drop by https://archive.org/ and give them a few $$ during their fundraising drive. Keep the history of the web alive!
So, there's a Chinese botnet package known as "Destroyer" (破坏者).
It, ironically, can itself be destroyed, thanks to a stack buffer overflow.
I wasn't able to get full RCE, but a jump to "call ExitProcess" should be enough, no? It can be triggered directly after "start DDoS", for even more lulz.
Here's the exploit: https://gist.github.com/Wack0/d0aa7f56d5d044fb918056207d2149b1
And here's a bot sample hash: b17535de8061dce3d6630e92d601ebe1ebac44ed52b3a04a8bb72f6661f23d44
Let's #destroythedestroyer :)
One of my favorite remixes I've done:
Lux Aeterna + The Impossible Voyage + Movie Theme "Unbreakable"
spent my day testing for RCEs in my work stuff, and had a couple of colleagues get completely confused over how i was using reverse shells to figure out when a command actually fired, so i wrote an introductory guide https://incognitjoe.github.io/reverse-shells-for-dummies.html
It is a truth universally acknowledged, that a newly booted web server must be in want of a bot constantly attacking /wp-login.php
Ok, I did it: there's a ne #mastodon instance only for #functional languages like #Clojure, #lisp, #haskell, #ocaml, #erlang, #elixirlang and others. Feel free to join! https://functional.cafe
Man am I glad that Snowden isn't here, shitting this place up too.
@HalvarFlake @charlyblack There's WikiDevi, that I heavily perused for Broadcom stuff: https://wikidevi.com/wiki/Broadcom. Not complete, but a good start.
another day volunteering at the richard dawkins museum. everyone keeps asking me what they can take through security. honey,
Ah, the lovely part where I finish (part of) a thing and get to close 20 tabs.
YOU: Hangs mirrors around your bedroom to foster a larger sense of space.
ME: Paints the walls, ceiling, and floor with Vantablack® to manifest a cold and infinite void.
Brilliant <thing on other network we don't talk about> by @Mudge:
https://twitter.com/dotmudge/status/850385568148140033
"This is a brilliant tactic. There are so many others like this because the AV community keeps thinking this is a one-move game... Kudos!"
That definition of the strategy of the AV community is absolutely perfect. Depth: zero.
frog tips needs to come to mastodon.
Twitter sued Customs and Border Protection for trying to unmask one of their pseudonymous alt agency accounts. Within 24 hours of Twitter filing the lawsuit, the government withdrew its subpoena. What happened here?
I explain it all: https://motherboard.vice.com/en_us/article/alt-twitter-account-trump-customs-lawsuit
I worked for a company in the past―a distributed company. We had a policy that all developers should be able to recreate their development environment within an hour of putting a bullet through their current one. Good policy. Kept everything distributed, and lightweight :)
https://mastodon.social/media/xH9DRSbd8bAOwNLIXHM this is the collection so far. Each of them is a memento. Each of them holds a memory.
@da_667 https://www.humblebundle.com/books/python-book-bundle Link for the lazy.
and while I'm talking about books and technology training materials, I wrote a thing. blindseeker.com/AVATAR
Have you ever wanted to build your own VM lab? or know someone who wants to break into IT? Blue team? Red team? and needs to know how to stand up their own? Check out the book I wrote.
This guy is having a tough time right now https://github.com/tootsuite/mastodon/issues/1002
