As seen in 2600 The Hacker Quarterly, Autumn 2023!! A Crash Course in LLM AI So, for a long time people have thought about what happens when computers become sentient, what defines sentience, a...
Peripheral network reconnaissance OSINT
Intro to Reconnaissance Learning about a network from afar, whether actively or passively is always one of the first things you do when deciding to penetrate a computer system. There are a varie...
Bluetooth HCI HID Controller abuse RCE exploit
The Words of Caution This writeup is a lesson in what happens when we are not, and why we should be very, very cautious of what bluetooth devices we pair to. We’ll start with this, just to set t...
Writing the shortest valid C quine
For a while, I have had a fascination with code poetry (also things like “perl golf”). Elegance is quite beautiful, really. What is a quine? In short, it is a program that prints its own sourc...
Crack Bitcoin wallet.dat passwords using John
Inspriation This article is inspired by my other article on cracking /etc/shadow hashes with John the Ripper. I’ve seen some people asking about a hot topic these days, bitcoin wallet recovery....
Backdoors embedded along side installers
What is PyInstaller and why do we need it? PyInstaller is basically a binary that includes bundled within: python, your python dependancies, your python scripts, as well as any other binaries (....
Enumerating SUID files targeted for priv esc
Background One of the methods hackers utilize in getting root, or escelating of their priveleges on a system of some kind, is to explot system binaries that are set to run as a user other than t...
Lock binaries in memory using vmtouch cache
What does this really accomplish? Our goal here is to first look at reads on everything you commonly use when you use a linux computer, where be it common command line utilities, or GUI apps suc...
The importance of autonomous backups
Why do I need backups? The simple answer: You never know when you will need them, but when you need them, you really need them. With the internet rampet with viruses and worms infecting machines...
Anatomy of a hardened Apache2 configuration
Some Suggestions This guide applies to Apache 2.4+. I cover most things here, but anything else is easily found at the Apache2 documentation site. So first I want to suggest that you break up ...
Jekyll minification optimization
Jekyll minify intro So as you can see, I build websites with Jekyll static site generator a lot. The problem with this is the jekyll implementation is usually used on GitHub for internal sites,...
Chipmonk with NUT to event script power outages
Ah, shit. The power went out. So you just found the key, almost have the exploit at a PoC state where it fin… Wait what? The power went out! You just lost your last 10 minutes in between commit...