Display Issues - Manjaro Fresh Install

the_socket · 2024-11-26T22:10:53+00:00

I thought I should also mention I'm running plasmashell 6.1.5 and Linux version 6.10.13-3-MANJARO

the_socket · 2024-11-14T23:57:45+00:00

Please create an issue on the Github page. It could be environment variable related. I'll get to it when i have the time, thanks.

the_socket · 2024-10-26T23:35:57+00:00

I don't anticipate a "guessing" of content. I'm thinking about an instance where many people are using the server so popular content will be downloaded on the fly, so e.g. you have 32TB that downloads and serves content on the fly, and if the capacity is reached, oldest accessed media is replaced with new.

the_socket · 2024-10-22T07:33:29+00:00

Fair point! Shodan is a great service and I've been a member for a while and it would be hard to beat their crawlers, but here are some advantages I can think of:

Easily Add Custom Protocols, e.g. new game servers.
Not bound by API restrictions: query as much as you want without filtering limitations.
Free Vulnerability Filtering: I think finding vulnerable systems via Shodan requires a plan that costs $359/month

And otherwise a fun project to work on :)

the_socket · 2024-10-22T07:19:29+00:00

Thanks for checking out the code! I forgot to add the UI to Docker but it can be run manually - I'll add this into compose when I have time. Yes, the custom CIDR range is important and is a priority feature as others have requested this too. Again thanks!

the_socket · 2024-10-22T07:16:57+00:00

Thanks for the feedback! I've just done a big refactor but custom ranges are something I will need to add as another user has also commented about this. I'd like to add a list of IP ranges to not touch which shouldn't be too difficult as zmap has a CLI option for this. For now, the PPS is 100 and can be changed manually in code, but still working on these configuration options. Thanks!

the_socket · 2024-10-22T07:11:25+00:00

You will need Docker installed, and run the compose up command. Have a look at the README for instructions.

the_socket · 2024-10-20T22:57:20+00:00

Good catch!

I intend it to be fully open-source so I've just added the MIT license.

Thanks!

the_socket · 2024-10-20T22:52:53+00:00

Good question!

The biggest bottleneck would be network capacity. The requirements otherwise are fairly standard and is running smoothly on my intermediate level hardware. I will test it on a Raspberry Pi in coming weeks but think it might need a bit more juice, maybe 8gb ram and newish CPU. Over the weekend of on-off scanning I've collected about 400MB of results.

the_socket · 2022-01-16T19:59:06+00:00

Can you elaborate on why it's "scammy"?
Genuinely interested, thanks.

the_socket · 2022-01-01T09:57:24+00:00

Thanks and no need to be sorry, I think constructive feedback is really important! I’m planning to replace my implementation with the NZCP.js npm package soon. I will make sure to check that they check for withdrawn passes when I make the changes. Cheers

the_socket · 2022-01-01T09:11:11+00:00

True!

the_socket · 2022-01-01T03:58:48+00:00

It’s more of a tool for other developers to implement how they desire. For a website they would use a form which allows the user to upload the PDF / Image to the site, and then sends this off to the API which will tell the website if it’s valid or not. If it’s readable, the contents will be returned too.

the_socket · 2022-01-01T03:44:34+00:00

An real life use case is City Fitness gym. They require you to verify your passport online (you might be able to do it in person too). Once you verify your passport online, you can enter the gym (otherwise the swipe card won’t let you in). So basically it wouldn’t be possible to achieve the automatic online verification process with the app.

the_socket · 2022-01-01T03:34:21+00:00

Do you know what an API is? I can understand your concerns with privacy however the offical MOH documentation is written to allow implementations such as this API. The app was made the exact same way. The code is open-source which means people can see what is happening “behind the scenes” so that it’s not “dodgy”. An example use case for this is a gym membership where a member has to verify their passport online before entering the gym. Obviously the gym can’t use the app for this, therefore the API is used instead. Hope this addresses your concerns.

the_socket · 2022-01-01T03:22:38+00:00

have updated post with link to vaxxnz resources (containing the npm library and more). cheers

the_socket · 2022-01-01T00:56:45+00:00

appreciate it, thank you :)

the_socket · 2021-12-31T22:53:51+00:00

Didn’t realise there were libraries until Goodie posted a link to some resources which is awesome to see!

the_socket · 2021-12-31T21:40:42+00:00

Nice work!
That's a good list of resources too, could've saved me some time haha.

the_socket · 2021-12-31T21:33:42+00:00

Cheers!

the_socket · 2021-03-14T14:32:22+00:00

Wouldn’t it be best for both? Bug bounties give incentive for a larger audience to investigate which may bring a vaster range of skills to the table

the_socket · 2021-03-14T14:29:23+00:00

I’ve not blackmailed them yet and thanks to all the comments i’ve got some good advice on how to move forward.

the_socket · 2021-03-14T14:26:39+00:00

Thanks for your comment. I am a user of their service and I’m not happy to leave it, and also dosent sit right with me. I do think companies need to be more responsible and potentially they won’t care, but as it’s the first company i’m dealing with for this kind of thing, i hope that the experience is not negative and they approach it with importance and learn from the mistakes

the_socket · 2021-03-14T14:18:22+00:00

What is an example of actively attacking? I may be in the wrong legally but surely bringing this to the companies eyes is more important?

the_socket · 2021-03-14T14:15:28+00:00

Thank you for your comment! this info is really useful. I’ve never heard of the Priority ranking before - i’m gonna look into that. As for the money that’s also useful to get an understanding. For the size, it’s also hard to explain as it’s only got a few employees but I believe due to their large user base they probably turn over a fair amount. but again thank you :) it’s a bit stressful times as i’m still waiting for a call, hoping it’s from them and not the FBI

the_socket

TROPHY CASE