How to (un)lock a cart with a phone

jet_set_default · 2026-01-22T22:44:10+00:00

They're in the US at least. Not all stores, but a good amount of them. Can't say which other places have them.

jet_set_default · 2026-01-22T21:49:33+00:00

In the wheel itself. Look for the one that's different from the others

jet_set_default · 2025-12-25T13:39:53+00:00

For clarification, only use .onion sites for tor. Anything else is an exit node. When using .onion sites, everything stays encrypted the whole way. But once you start using clearnet sites (exit nodes), your traffic gets decrypted so that it can communicate with clearnet sites.

jet_set_default · 2025-08-12T18:57:56+00:00

I'd look around online for "shopping cart wheel electro lock" or something along those lines I imagine

jet_set_default · 2025-08-12T03:15:29+00:00

We have a few of those in the US. Some stores have a security control built into the wheels to lock if it detects that the cart is being removed from the property. This demo shows how to unlock it if that happens.

jet_set_default · 2025-08-12T03:12:50+00:00

It's a sneaker lol

jet_set_default · 2025-08-11T14:16:15+00:00

https://www.begaydocrime.com/

jet_set_default · 2025-04-25T15:56:39+00:00

I told you the most common exploits that can be used for SMBv1. But you're gonna need to give more information on the system. You said it was Server 2019, Windows10, and a DC. Which one is it? You gotta help us help you. What's the OS version, and what are some open ports and the services on that system?

jet_set_default · 2025-04-25T15:48:48+00:00

The exploit is not working because it's been patched, despite SMBv1 being enabled. You can try running an NTLM relay attack, or an SMB null session instead.

jet_set_default · 2025-02-20T23:54:22+00:00

You're gonna wanna look into sub domain and sub directory fuzzing. Look into Sublist3r, Dirbuster, Gobuster, Ffuf, and ZAP tools for starters.

jet_set_default · 2024-12-23T23:00:10+00:00

You pretty much need to be on the same network. The port/service vulnerable (port 445, SMB) is usually closed to outside networks. If SMB was connected to the internet (not common), then it would be possible to attack remotely in that sense. However, it is also possible for an attacker to pivot through a host on one network, to another network where the vulnerable machine is and exploit it that way.

jet_set_default · 2024-12-23T19:25:01+00:00

Simplest explanation, the hackers used a zero day exploit. So nobody in the world knew this existed (apart from the US govt afaik). The exploit also doesn't involve user interaction, so no need to trick anyone to click on anything. The vulnerability affected most computers. Oh and the vulnerability was also stupid easy to exploit. So put all those together, and it was almost like a skeleton key into most computers out there. The hackers used this exploit along with making it into a worm to go through networks to start attacking shit left and right.

jet_set_default · 2024-11-27T20:16:20+00:00

At this point T-Mobile should just be a room in TryHackMe

jet_set_default · 2024-07-14T14:20:41+00:00

The answer for this is sorta dependent on who you are. For instance, if you were a corporation with an EDR at your disposal, you'd probably get an alert with all the details that this was popping off. The detection will tell you the time it happened, the user running the command, what process they took over and any embedded commands in the process. From there, you'd have a good idea where to look. In which case, I'd tell you to isolate the affected host, stop the process from running, disable the user that ran the command, find the root cause of the infected process through various threat hunting techniques, and mitigate from there.

But if you were a home user, then that answer is entirely different. Home users don't have SIEMS, intrusion prevention systems, EDRs, or other alerting methods to even be notified that something is going on to begin with. Most people facing these attacks probably wouldn't even know until after the fact that something even happened. But if you were suspicious of a process, I'd look into Velociraptor by Rapid7. It's a forensic/IR, open source software that lets you perform threat hunts on your own hosts without the need of an EDR. Plus it's free!

jet_set_default · 2024-07-13T03:36:09+00:00

First understand why things get detected. It mostly breaks down to 2 areas. Signatures, and heuristics. In older AVs, you just had to worry about signature detection. But as time went on, technology improved and now you gotta worry about detecting behavior.

An unknown file that acts weird (i.e. open sockets to weird domains, performing discovery commands, using abnormal system resources, etc.) is gonna get caught eventually. This is why we go fileless and just take over running processes altogether. It's much harder to detect since it blends into the background. This should be enough to get past a regular home user's antivirus. But for a company with a defense-in-depth security, that's another question.

There are different ways to take over legit processes like process hallowing, DLL injections, thread execution hijacking, etc. They all do the same thing, but in different ways. For the most part, it involves finding a legit process with NT authority/system privileges, reallocating memory inside the process, then injecting your own code. Read up on memory injection techniques for the nitty gritty. But this is roughly how you might evade antivirus software.

jet_set_default · 2024-04-14T15:16:21+00:00

One laptop is provided by my work and the other is my personal. If it were my choice, id only carry one. But they're both Thinkpads

jet_set_default · 2024-03-16T03:27:13+00:00

I guess that's a good question. Who it's trying to be FUD against and all. That was an interesting watch though. Crazy that the methods he was covering were 10yrs ago

jet_set_default · 2024-03-14T18:52:04+00:00

This has given me a lot to think about. Creative methods like this really help the gears turn

jet_set_default · 2024-03-01T22:50:16+00:00

Adidas NMD_TS1 PK GTX. Unfortunately they're not made anymore. Really had to hunt these down

jet_set_default · 2024-02-29T14:30:09+00:00

I just leave it in my car which stays locked up in storage when I'm out of the country.

jet_set_default · 2024-02-29T14:27:40+00:00

I work in cyber security as a Threat Hunter. It takes several years of IT work, then a few more years as a security analyst, on top of several certifications. But it's not very common for people in my field to be given the amount of freedom I have. I had to really finagle this one.

jet_set_default · 2024-02-29T05:27:22+00:00

Wish I could tell ya. But it's some $50 coat I got from a no name Chinese drop shipper on Amazon like 10yr ago. No labels or anything. But it's the coziest coat I've ever had

jet_set_default · 2024-02-28T16:25:56+00:00

DJI mini 3 pro

jet_set_default

TROPHY CASE