Show more

I built pmOS edge onto my pinephone and have ditched all my smartphones. After I figured out how to setup the flatpak / appstream for gnome-software, I got a Linux smartphone experience with numerous apps. I wasn't able to go fully into pinephone until I solved needing a couple of communication apps found on traditional smartphones. Then I discovered Anbox and it's AMAZING. I have Android 7.1.2 running in a container and my phone is really a computer in my pocket with me as root not vendor

If only this worked on the latest kernel for pinebook pro, the GPU/VGA output in QEmu under KVM doesn't load post 5.5 kernels. It's the only thing so far that seems to run under QEmu that is worth hacking around on. I definitely need to find a nice virtual Win10 aarch64 platform, it's going to become more widespread and even with the x64 translation layer it's going to cause headaches for testing tools.

I have to give a huge shoutout to @hackerfantastic he gifted me a diebold voting machine tonight. I’ll be playing with this one for months to come, and when this pandemic finally ends, DC502 will have a great toy to play with!

Now to run Doom on it!

Nice list of currently effective exploits that were being utilized by FireEye’s red team stolen in a recent breach. You should have these in your toolbox github.com/fireeye/red_team_to

Built Windows 2003 from source code. Interesting to note that there are now several never-to-be-patched vulnerabilities in this OS as it reached EoL and aside from SMBv1 patches in MS17-010 many other RCE have been left in the platform and didn't get patches but have mitigations. I doubt anyone still running this applies mitigations.

Updated the shellcodez and targets in my hfsunsshd to include a working ROP chain for Solaris 11.0 (SunSSH 2.0) on x86. I had to re-write the shellcode for 11.0 as dup2() and execve() have different argument conventions on Solaris 11 systems, also had some additional NULL in the stack address required to mprotect(). I will not be adding more targets or architectures to this (at least publicly) as it now contains the most recent x86 Solaris systems - enjoy! github.com/hackerhouse-opensou

#Pinecil soldering irons based on #RISCV are rolling off the production line. We think they turned out great!

Coming to the Pine Store very soon.

German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning wired.co.uk/article/ransomware

I added another target, Solaris 11 11/11 11.0 Sun_SSH_2.0 x86, to my PoC and discovered the execve() call has been replaced with a new execvex() that breaks all other shellcodes on 11.0 & up. It's relatively easy to fix as execvex() takes a flags argument now which can be set to NULL and it will work as before, this breaks all known public x86 shellcodes for Solaris 11 though so I will have to write a bind shell, put a basic execve() to demonstrate in the PoC.

Show more
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!