hackermondev

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

dhh

Vim Manipulation Cheat Sheet

Action

Key	Result
v	select
y	copy (yank)
c	change
d	delete

fideloper

# Used on Ubuntu 18.04 and 20.04
# Find instructions for other OSes here: https://certbot.eff.org/instructions

# Install Certbot via Snaps
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

# Install DNS CloudFlare plugin
sudo snap set certbot trust-plugin-with-root=ok

nuhkoca

BindingScoped.kt

@Scope
@Retention(AnnotationRetention.BINARY)
annotation class BindingScoped

-------------------------------------------------------

CustomBindingComponent.kt

liemle3893

# Disable the Gradle daemon for Continuous Integration servers as correctness
# is usually a priority over speed in CI environments. Using a fresh
# runtime for each build is more reliable since the runtime is completely
# isolated from any previous builds.
variables:
  GRADLE_OPTS: "-Dorg.gradle.daemon=false"
  DOCKER_TLS_CERTDIR: ""

before_script:
  - export GRADLE_USER_HOME=`pwd`/.gradle

jamesmacfie

How to use

In iTerm2, in the menu bar go to Scripts > Manage > New Python Script

Select Basic. Select Long-Running Daemon

Give the script a decent name (I chose auto_dark_mode.py)

Save and open the script in your editor of choice.

jivimberg

package com.jivimberg.sqs.published

import kotlinx.coroutines.CancellationException
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.isActive
import kotlinx.coroutines.yield
import java.lang.Thread.currentThread

suspend fun CoroutineScope.repeatUntilCancelled(block: suspend () -> Unit) {
    while (isActive) {

zhunik

version: "3"
services:
  postgress:
  ....
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5
  app:

SoulSu

package idcardocr

import (
	"bytes"
	"crypto/cipher"
	"crypto/des"
)

// 3DES加密

hitautodestruct

Source: https://community.online.net/t/reset-root-password-via-console/1724/3

I solved this problem, found a hint here: https://github.com/scaleway/initrd/tree/master/Linux 184.

Here is what I did:

1. Edit the “Tags” field in the server definition and add “INITRD_POST_SHELL=1” as one (or the only) tag.
2. Reboot the server
3. Wait until you get a shell