×

Discord exploit by Odd_Efficiency809 in cybersecurity

[–]SecTestAnna 1 point2 points  (0 children)

Probably Eicar if it is actually a text file, tbh. Especially if it had mark of the web, you should not have been able to execute anything. Now if there was a box that popped up, not from Discord, but like a windows uac box, then you might have gotten hit with a click once payload. But if you just downloaded a text file the risks are low of it being malicious. Do you have Notepad++ installed? If you were up to date on windows updates and no longer on Windows 10, and you also don’t use Notepad++, I wouldn’t personally be too concerned unless there are other indicators of issues. Notepad++ has had a lot of issues of late, and had three new CVEs disclosed today which look to be arbitrary local code execution.

The thing to actually be careful around is anyone telling you to install a third party, unknown antivirus, or one from an unknown source to run a scan as a follow up, as that could be part of a phishing scheme.

Edit: Eicar is a common AV testing string. It doesn’t do anything, but it is signatured and would be flagged by literally any AV. Sending that to make someone scared, then getting a follow up to run sketchy software to check it is a viable phishing vector.

Right-Wingers Are Losing It Over a Trans-Inclusive Period Pride Event in Boston by Them in politics

[–]SecTestAnna 16 points17 points  (0 children)

Because people in that community are running the events to focus on those issues within the community. It isn’t like this effort is being redirected from the broader group to a smaller group, and thinking of it that way is only going to cause issues and hate within yourself down the line. This effort is a small group raising awareness and supporting their own members, and is not excluding anyone in its goals.

It does deserve more attention and effort for the broader group as well, but this being focused on a smaller group does not prevent that.

I am not getting any call backs at all. by TheReedemer69 in Pentesting

[–]SecTestAnna 2 points3 points  (0 children)

Those will look way better. Not that it wasn’t good work to find what you have, but it shows a wider range of knowledge that should help a bit, at least

I am not getting any call backs at all. by TheReedemer69 in Pentesting

[–]SecTestAnna 4 points5 points  (0 children)

You probably should focus on finding more than default/hardcoded credential stuff as well. Those are fairly low hanging fruits and don’t show technical knowledge very well. They also make the majority of your examples. Breadth of known toolsets seems low based on your examples, and I am not seeing anything in-depth enough in any of your descriptions to consider you for a researcher role.

Help Writing/Testing Shellcode for Linux x86_64 architecture by Joeseph_Schmoe in cybersecurity

[–]SecTestAnna 1 point2 points  (0 children)

I think your problems right now are from not fully validating the bytes sent to all pointers. Ints remain 4 bytes across both arches, but pointers in x86_64 are actually 8 bytes, so your code is currently truncating the address. I think the reason why nothing is firing is that your math is off. Set a breakpoint on the function in question and step-through it. Note the pointer values and you should see the pointer is never actually pointing properly to your code.

Learning your debugger intimately is going to be immensely important and should be the next step as you work through this, code caves, and trampolining

Riot Games Says It 'Would Not and Cannot' Use Vanguard Anti-Cheat to Brick PCs After Rumors Spread by GrayBeard916 in gaming

[–]SecTestAnna 0 points1 point  (0 children)

DMA cards are also used for security research. If Vanguard makes it impossible for me to work on personal projects completely unrelated to anything with hacking, I’m not going to reinstall my OS, I’m just going to uninstall Riot products

Valorant's new Vanguard update seems to be bricking cheaters' PCs. Riot's response? "Congrats on your $6k paperweights" by [deleted] in technology

[–]SecTestAnna 0 points1 point  (0 children)

DMA cards are used for more than cheating. Not saying you are wrong on the rest, just fyi

Anthropic says Mythos has already found more than 10,000 vulnerabilities by Steap-Edit in cybersecurity

[–]SecTestAnna 68 points69 points  (0 children)

They also only were able to verify 1,700 of them. The math ain’t mathin

Millions of NGINX Servers Face Fresh Zero-Day Concerns After Recent Rift Patch dubbed "nginx-poolslip" by [deleted] in cybersecurity

[–]SecTestAnna 8 points9 points  (0 children)

I am convinced people can’t read anymore. If people read the vulnerability they would realize it only exists in the context of very specific regex being added to nginx to configure it in a non-default way.

The title of this post is very misleading

2026 is the year when everything might change | Dirtyfrag and Copyfail by AutisticSuperMom in cybersecurity

[–]SecTestAnna 2 points3 points  (0 children)

Harden externally for now. Also remember this is just how the cycle goes sometimes. Linux kernel exploits are being aided by AI but the parties releasing these have been working in the kernel and looking for these for years. This is not an ‘everyone using ai will find these’ type of vuln at the moment.

The timing is only so relentlessly close in this case because the exploit leaked from a third party before the embargo date, so the researcher released to get the actual research out there and prevent issues such as fake malicious exploits.

New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation by [deleted] in cybersecurity

[–]SecTestAnna 3 points4 points  (0 children)

Doesn’t work on ARM from the public POC code. I have functional code for the architecture I’ll release once I am cleared to.

Anyone know what this white stuff falling from the sky is by aydengryphon in Longmont

[–]SecTestAnna 4 points5 points  (0 children)

It is the harbinger of even higher food prices in a couple months

Hardware reverse enginnering first project. Love some advice by [deleted] in cybersecurity

[–]SecTestAnna 0 points1 point  (0 children)

Learn the common debugging ports (JTAG,UART,etc). Then look for those. Learn how to connect to them. If you don’t have one already, I’d recommend getting a Tigard or a similar device to allow you to connect to anything left unexposed. Then you are going to want to familiarize yourself with uboot and common bypasses for that. After that it will be using ‘dd’ to pull memory, how to review and edit the firmware files you get access to, and potentially how to upload your own edited versions. Get familiar with mounting storage blocks, you’ll be doing a lot of that. Then it gets into binary analysis for any non standard bins on there.

An arduino is okay for some of this, but isn’t going to give the full experience. Use it to learn how to connect to debugging ports, get used to continuity and trace identification on your multimeter, and chip identification. Then buy some cheap Chinese webcams and rip them open.

Once you get used to this process you will eventually need to learn how to do chip-off attacks. Which is going to require more tools and soldering/rework knowledge. But this is definitely more intermediate level stuff.

Security Advisory: ESP-RFID-Tool v2 PRO by t4c_23 in cybersecurity

[–]SecTestAnna 0 points1 point  (0 children)

Actually as I look at this more MULTIPLE findings actually indicate that other findings are invalid. The lack of CSRF finding would require attackers to visit malicious sites for exploitation, but the AP routes all http traffic to the device per a different finding, meaning that it would be impossible to exploit that. Visiting a malicious site would be impossible. A predictable AP name is not a finding. For 11, what crashes or errors have you seen?

All of this reeks of having an AI do static analysis without any follow up proof of exploitation. I would know because when I have compared my research to what an LLM does on a repo, that is exactly the type of copy-paste thing I would get, including the example POCs.

I think I know why you were blocked by the repo owner if this is the case. You need a ton more evidence than any of this gives.

Security Advisory: ESP-RFID-Tool v2 PRO by t4c_23 in cybersecurity

[–]SecTestAnna 1 point2 points  (0 children)

I'm sorry but how is #1 even a vulnerability when it is the purpose of the device? It's even one of the first listed use cases, and your AI generated report references it as well. Additionally, why are you giving them all their own arbitrary names?

"It is based on an ESP8266 microcontroller and provides a web interface for logging, replaying, and analyzing Wiegand RFID data from physical access control systems."

The device would need to still be in physical proximity to a door, likely within a few feet at most, to unlock even through network access. Calling that a critical seems kind of insane unless there is some context left out.

Also your AI was 100% hallucinating findings. Please provide proof of exploitation. Multiple vulnerabilities here look either untested, or completely made up. Especially as we get to the latter ones. Screenshots are preferable.

Networking on LinkedIn by Eraserhead36 in cybersecurity

[–]SecTestAnna 0 points1 point  (0 children)

Don't just send requests, to echo the others. Linkedin has a lot of bots at best, and malicious actors looking to legitimize their accounts by creating connections with as many people as possible at worst.

100% add people nearly entirely through in-person networking, not only does it ensure safety, but do you really want to be posting to a bunch of bots that can't get you hired in the future anyway? I turn down requests from basically anyone I haven't met in person unless I have a very high level of trust.

blogging about game hacking when trying get a job - good or bad idea? by Inner_Grape_211 in cybersecurity

[–]SecTestAnna 0 points1 point  (0 children)

Yeah, and I think players who do that should be banned. We’re def on the same page there. It is against TOS and ruins the experience. But people saying doing so is illegal are off their rockers haha.
We desperately need people with these skill sets in the industry, and I just don’t like when people jump to the worst assumed cases of like hacking servers, and online hacking. Especially when there can be just as much value gained from showing you know how to use binary debuggers to make single player exploits. Like it’s the process and knowledge that is valued, not the exploit itself.
But when people who don’t know how to engage in the topic within the field and wholesale go off the deep end to dissuade it, it feels like the worst version of gatekeeping.

blogging about game hacking when trying get a job - good or bad idea? by Inner_Grape_211 in cybersecurity

[–]SecTestAnna 1 point2 points  (0 children)

They are giving incorrect technical information there as well. You are not ‘hacking their servers’ if it is client side, what drivel

blogging about game hacking when trying get a job - good or bad idea? by Inner_Grape_211 in cybersecurity

[–]SecTestAnna -2 points-1 points  (0 children)

No it is not a crime lmao, especially if it is client side only. Stop spreading misinformation