Just an FYI, I’ve moved over to @xorcat - see you there!

**Without looking**, what does `etc` mean? Context: *nix

"... turn on for 8 seconds ..."
---
RT @NumbersMuncher@twitter.com
This (real) video from GE on how to reset their "C" light bulbs is the most incredible how-to video you'll ever see.

They want to see how far they can push their customers before they snap. youtu.be/1BB6wj6RyKo
twitter.com/NumbersMuncher/sta

RT @TheColonial@twitter.com
Finally v3.0.0 is up! Thanks to everyone who contributed and for @_FireFart_@twitter.com putting so much into it.

Binaries can be found here: github.com/OJ/gobuster/release
Be sure to read the README, as a lot has changed, including the CLI: github.com/OJ/gobuster

In March 2019, I discovered five vulnerabilities in Fortinet's FCM-MB40 security camera, the most severe leading to remote command execution as root.

90 days are up, and here we are (unfortunately, without a patch).

xor.cat/2019/06/19/fortinet-fo

RT @justinsteven@twitter.com
.@TheColonial@twitter.com got SYSTEM in the wrong neighbourhood youtube.com/watch?v=8rwITeY5h1

RT @danluu@twitter.com
This comment describing how Microsoft responded to a security disclosure in 2010 is incredible:

news.ycombinator.com/item?id=2

“set nomodeline”
---
RT @rawsec@twitter.com
Arbitrary code execution vulnerability in Vim < 8.1.1365 and Neovim < 0.3.6 via modelines. 😬 Also, why you should not use Vim with default config, or cat without -v. github.com/numirias/security/b
twitter.com/rawsec/status/1135

RT @DarknetDiaries@twitter.com
Darknet Diaries ep 39 is here. Find out the mystery behind @3AlarmLampscoot@twitter.com.

Some security conference drama you probably didn't hear about.

Listen on @ApplePodcasts@twitter.com.

darknetdiaries.com/episode/39/

RT @BradyHaran@twitter.com
The Fibonacci Sequence (as reimagined by @squarespace@twitter.com)

0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 100, 100 ...

@SquarespaceHelp@twitter.com

Firefox -> about:config -> toolkit.tabbox.switchByScrolling

I can't believe I'd missed this until now!

RT @bagder@twitter.com
curl 7.65.0 is here! 50 contributors, did 3 changes, 119 bug-fixes include two security related ones. In 56 days. daniel.haxx.se/blog/2019/05/22

#Google says it stored some G Suite #passwords in unhashed (but encrypted) form between 2005 and 2019.
This was caused by a bug in an old G Suite tool.
zdnet.com/google-amp/article/g

RT @dotslashpipe@twitter.com
Mostly finished catching up on @TheColonial@twitter.com’s video series on writing a CLR meterpreter implementation. I have learnt a ton of details about meterp internals (and history) so far. It’s something like 22 hours of content so far but highly recommend.

vimeo.com/ojreeves

RT @FuzzySec@twitter.com
Soon everyone will find out anyway so you should be aware that SandboxEscaper has dropped another 0day -> github.com/SandboxEscaper/pola
I'm pretty tired of this => Not earning 💰 on 0day and putting people at unnecessary risk. It's really kind of lame in my book 👎

RT @mikeloss@twitter.com
Sometimes when I drop a keylogger on a sysadmin, I read back the log and think: "man, I know exactly how you feel".

RT @mgechev@twitter.com
A bash function I use constantly on airports:

function changeMac() {
local mac=$(openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//')
sudo ifconfig en0 ether $mac
sudo ifconfig en0 down
sudo ifconfig en0 up
echo "Your new physical address is $mac"
}

Unlimited WiFi ✨

Show more
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!