Notices by :niggy: (niggy@poa.st)
-
@fluffy @phnt @Goalkeeper @Myshkin @matty @sapphire the real high-value stuff yeah. like web browser exploits were common everywhere a decade ago, now basically only governments use them.
"0 days" is very broad though, there's still tons of stuff out there full of very basic trivially exploitable bugs. I find vulnerabilities that are technically 0 days all the time, just mostly in random shitty software and appliances, instead of like google chrome.
generally the more black-box, there worse it is inside. often no-ones done the effort to look before.
-
@peemasons @PurpCat @phnt @fluffy @Goalkeeper @Myshkin @matty @sapphire hello friend
-
@PurpCat @phnt @fluffy @Goalkeeper @Myshkin @matty @sapphire yeah the biggest initial access vector right now is infostealers. people see free_fortnite_vbucks.exe through google ads and download, it works. employees at massive companies.
many people overestimate how important 0-days really are. if you need to remotely hack a targeted politicians iphone then yeah, but for large organization networks you'll almost never need them.
-
@romin
-
I think people would be surprised how much of the worlds infrastructure just runs on top of ordinary Windows computers, not fundamentally much different from your home PC.
A single buggy kernel driver update from CS Falcon is showing it.
Even grocery store checkout machines aren't safe.
RT: https://hell.twtr.plus/objects/7778bd02-3146-491e-8662-7df87b44a0d8
-
@AsukaNeko Kaspersky is the only major company that actually investigates and reports on US and five eyes hacking ops, they've burned many over the years. Something media's not mentioning in these articles, but definitely a factor in this ban.
Just last year they burned NSA tooling targeting iphones:
securelist.com/operation-triangulation/109842/
-
important question. any scientific oomfies here know what a "profilometer" is used for?
I can see they're very expensive and and read the wikipedia article for what they do, but what are they actually used for in the real world?
like if there was a secured cleanroom lab in a university with one of these, what could it be used for? some type of student work? research? manufacturing? how could their operations be affected if this "profilometer" were to break?
thank you oomfies
-
I can't find any information online about what these are actually used for other than just "measure a surface's profile"
-
@peemasons @Fash-E @graf @rher @ImperialAgent @nozaki @King_Noticer it's real
-
only started this as a simple tool to emulate an interactive shell, without a pty on target
unix-like systems record a login when a interactive terminal (pty) is opened, but ssh protocol actually allows executing single commands without one. so you can silently run system commands without any logins in system logs
then wanted to add a couple more features, and before I knew it of course every single feature the ssh protocol offers. even had to write a custom SOCKS5 protocol parser...
-
created a custom ssh + sftp client
may actually open source this, one of my few tools that can't really be signatured
-
got file upload/download working, now need to do asp and javaserver agents
-
squeezing water from the stone that is php4 (released 2000)
-
first field use :hapyniggy:
-
asp.net agent done
-
friends, its officially 11/25. wish her a happy niggy day
project-imas.wiki/Sachiko_Koshimizu
-
@splitshockvirus her name is niggy
-
interesting islamic lore I just learned. in the end times, they believe the trees will animate alive calling out locations of jews for muslims to kill
except one specific type of tree, which has gone rogue collaborating with the jews. they believe israel is secretly farming massive plantations of this tree to defend them in the coming apocalypse
en.wikipedia.org/wiki/Gharqad
-
@HockeyDoxie @PeachySummer
-
@duponin is the API state-changing or modifying anything friend?
:niggy:
- Tags
-
- ActivityPub
- Remote Profile
Statistics
- User ID
- 5958
- Member since
- 30 Dec 2022
- Notices
- 75
- Daily average
- 0
:niggy:
All 076萌SNS content and data are available under the