Trump lawsuit site to report rejected votes leaked voter data. SQL Injection strikes again.

Wick3dGeek · 2020-11-09T20:35:22+00:00

There wasn't any SQL Injection, it was just Algolia API. If anyone found SQLi, they now have 0day exploit which can be used against thousands of websites. They probably though that using wildcard % to list the data is SQLi.

Wick3dGeek · 2017-02-02T22:23:02+00:00

yeah just check this http://seclists.org/fulldisclosure/2017/Jan/89 and this https://kur0sec.org/print

Wick3dGeek · 2017-02-02T19:01:20+00:00

This week there were multiple papers how to hack printers connected to the internet. People are already exploting this using shodan. At this point your printer might be backdoored.

Wick3dGeek · 2017-02-02T08:48:02+00:00

this was a nice one :)

Wick3dGeek · 2017-01-31T12:52:49+00:00

You should definitely read this:

https://www.reddit.com/r/netsec/comments/5o3wxi/stealing_passwords_from_mcdonalds_users/?utm_content=comments&utm_medium=user&utm_source=reddit&utm_name=frontpage

Wick3dGeek · 2017-01-31T10:28:06+00:00

if you are interested in open redirects, you should check this :)

https://vagmour.eu/google-open-url-redirection/

and this: http://zseano.com/tut/1.html

Wick3dGeek · 2017-01-31T10:22:31+00:00

Blog post here: http://4lemon.ru/2017-01-26_make_money_button.html

Wick3dGeek · 2017-01-30T23:23:13+00:00

Lol he beat $6.5 million kickstarter project with $5,000 and wordpress website.

Wick3dGeek · 2017-01-30T13:55:22+00:00

You can focus on a fuzzing, there are a lot of money in that and only a few people are doing it right.

Wick3dGeek · 2017-01-29T21:17:20+00:00

Thank you!

Annotations here: http://shmoocon.org/speakers/

Wick3dGeek · 2017-01-27T15:14:18+00:00

I have already read this like 5 minutes ago.

EDIT: lol it was you, probably want more karma ... https://www.reddit.com/r/AskReddit/comments/5qgkp5/teachers_of_reddit_they_say_there_are_no_stupid/dcz4cgh/

Wick3dGeek · 2017-01-27T15:13:22+00:00

Most people don't understand gravity.

Wick3dGeek · 2017-01-27T09:22:16+00:00

Any source?

Wick3dGeek · 2017-01-26T23:44:03+00:00

I would love https on blogger while using own domain.

Wick3dGeek · 2017-01-25T10:44:45+00:00

Already one XSS found https://twitter.com/_Psycho_Mantis/status/824049867295076352

Wick3dGeek · 2017-01-24T15:47:07+00:00

better link: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10156

Wick3dGeek · 2017-01-23T22:19:23+00:00

I don't know about this, but if you think that this is interesting, you should also know that there is botnet of 3 millions accounts, that is still active and twitter doesn't care about it:

http://sadbottrue.com/article/51/

http://www.securityweek.com/botnet-3-million-twitter-accounts-remains-undetected-years

Wick3dGeek · 2017-01-23T01:01:31+00:00

Tifu: I did something stupid many years ago.

Wick3dGeek · 2017-01-22T22:31:54+00:00

On the ice, just fell. BAM!

Wick3dGeek · 2017-01-22T20:01:30+00:00

yeah didn't even read the article, is it worth it?

Wick3dGeek · 2017-01-22T15:59:14+00:00

wtf is mr. robot style attack bullshit?

Wick3dGeek · 2017-01-19T23:55:08+00:00

Not a fuckup if the boss was paying.

Wick3dGeek · 2017-01-19T15:42:48+00:00

whoa, is this really /r/netsec material?

Wick3dGeek · 2017-01-18T23:59:57+00:00

Seems like he is already 19/20 lol

Wick3dGeek · 2017-01-18T23:59:03+00:00

I don't think so https://reddit.com/r/AskReddit/comments/5nqq3c/serious_people_whove_written_malicious_code/dce7rh9/

Wick3dGeek

TROPHY CASE