|
Also: https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce 18 year old college student punches App Engine, $36k falls out.
|
# ? May 22, 2018 01:31 |
|
|
# ? Apr 29, 2024 18:09 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 01:40 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 01:52 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 01:53 |
|
the pentium was a mistake im going back to a 486, its the year of windows 3.1 on the desktop
|
# ? May 22, 2018 01:56 |
|
Schadenboner posted:Is encryption of swap a thing? absolutely
|
# ? May 22, 2018 02:02 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 02:16 |
|
mrmcd posted:Also: https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce Please stop exploring this further, as it seems that you could easily break something using these internal APIs. always a good sign
|
# ? May 22, 2018 02:17 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 02:22 |
https://www.politico.com/story/2018/05/21/trump-phone-security-risk-hackers-601903
|
|
# ? May 22, 2018 02:30 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 02:31 |
|
Hey, if Baron says it's ok, I'm sure it's fine
|
# ? May 22, 2018 02:45 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 02:48 |
|
mrmcd posted:Also: https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce I'm the $35k payout with a $1,337 bonus.
|
# ? May 22, 2018 02:55 |
|
It's okay, I'm using [VPN service lacking per-customer out of band key exchange]
|
# ? May 22, 2018 02:56 |
|
Potato Salad posted:I'm the $35k payout with a $1,337 bonus.
|
# ? May 22, 2018 02:59 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 03:12 |
|
it was $31337 for rce and $5k for a different issue
|
# ? May 22, 2018 03:14 |
|
quote:The president uses at least two iPhones, according to one of the officials. The phones — one capable only of making calls, the other equipped only with the Twitter app and preloaded with a handful of news sites — are issued by White House Information Technology and the White House Communications Agency, an office staffed by military personnel that oversees White House telecommunications. lmao they gave him a phone just for twitter and fox news presumably because he kept trying to install twitter on his other secret white house phone e: lmao quote:The White House declined to comment for this story, but a senior West Wing official said the call-capable phones “are seamlessly swapped out on a regular basis through routine support operations. Because of the security controls of the Twitter phone and the Twitter account, it does not necessitate regular change-out.” we got the most securest twitters and cameras unlike obama
|
# ? May 22, 2018 03:32 |
|
quote:Trump’s call-capable cellphone has a camera and microphone, unlike the White House-issued cellphones used by Obama. they gave Obama a phone without a mic? he’d just listen and send back DTMF?
|
# ? May 22, 2018 03:43 |
|
Like, if you're living in DC and have access to even middling funds and support from an XYZ-istani intelligence agency, how could you resist loving stinging the everliving poo poo out of the mobile device of POTUS and his staff His phone is a playground for script kiddies with cheap wifi APs and nation states with stingers alike
|
# ? May 22, 2018 03:43 |
|
Potato Salad posted:Like, if you're living in DC and have access to even middling funds and support from an XYZ-istani intelligence agency, how could you resist loving stinging the everliving poo poo out of the mobile device of POTUS and his staff the threat of going to prison forever, OP
|
# ? May 22, 2018 03:56 |
|
Subjunctive posted:they gave Obama a phone without a mic? he’d just listen and send back DTMF? literally yes, they did - if you read the full article his phone couldn't even make calls and he described it as "a toy phone you'd give a 3 year old"
|
# ? May 22, 2018 04:09 |
|
Lutha Mahtin posted:the threat of going to prison forever, OP yes the threat of prison is a well-known deterrent that has completely solved the problem of foreign intelligence operatives
|
# ? May 22, 2018 04:14 |
|
Lutha Mahtin posted:the threat of going to prison forever, OP lol selling out or beating your wife is how you get a loving appointment these days
|
# ? May 22, 2018 04:28 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 06:39 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 11:27 |
|
Raere posted:absolutely
|
# ? May 22, 2018 14:14 |
|
can we just change the thread title already?
|
# ? May 22, 2018 14:18 |
|
neat
|
# ? May 22, 2018 14:28 |
|
Oh yeah, there's this too:
|
# ? May 22, 2018 15:04 |
|
Subjunctive posted:can we just change the thread title already? rjmccall posted:Security Fuckup Megathread - v16.1 - cache reveals everything around me
|
# ? May 22, 2018 15:21 |
|
BangersInMyKnickers posted:Oh yeah, there's this too: it would be awesome if that interacted with the encryption one to do a "throw away key" delete. but i doubt it does and i guess it's still not really "clearing".
|
# ? May 22, 2018 15:41 |
|
crazysim posted:it would be awesome if that interacted with the encryption one to do a "throw away key" delete. but i doubt it does and i guess it's still not really "clearing". Yeah, that does a zero overwrite on the blocks allocated to the pagefile so the data isn't recoverable. The EFS encryption of the pagefile doesn't have the concept of disposable keys like you are describing to my knowledge.
|
# ? May 22, 2018 15:56 |
|
rjmccall posted:cache reveals everything around me
|
# ? May 22, 2018 16:01 |
|
The other day I put a '#' in my WebEx password and now I cannot login through our web portal, although the desktop connection tools program still works fine. I'm not even sure if this counts as a real secfuck or not but it's bloody annoying all the same.
|
# ? May 22, 2018 20:27 |
|
jammyozzy posted:The other day I put a '#' in my WebEx password and now I cannot login through our web portal, although the desktop connection tools program still works fine. it could probably be upgraded easily to a secfuck because someone is sanitizing inputs wrong
|
# ? May 22, 2018 20:30 |
|
Potato Salad posted:Like, if you're living in DC and have access to even middling funds and support from an XYZ-istani intelligence agency, how could you resist loving stinging the everliving poo poo out of the mobile device of POTUS and his staff as if every network tech in dc doesn't have a half-dozen business cards for three letter agencies on their cube wall
|
# ? May 22, 2018 20:30 |
|
by "XYZ-istani" they meant other countries
|
# ? May 22, 2018 20:44 |
|
|
# ? Apr 29, 2024 18:09 |
|
still holds, they just don’t know it
|
# ? May 22, 2018 20:50 |