hackermondev

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

stenuto

#!/bin/bash

# Function to display usage information
usage() {
    echo "Usage: $0 /path/to/input.mp4 [ /path/to/output_directory ]"
    exit 1
}

# Check if at least one argument (input file) is provided
if [ $# -lt 1 ]; then

timothyham

A Short IPv6 Guide for Home IPv4 Admins

This guide is for homelab admins who understand IPv4s well but find setting up IPv6 hard or annoying because things work differently. In some ways, managing an IPv6 network can be simpler than IPv4, one just needs to learn some new concepts and discard some old ones.

Let’s begin.

First of all, there are some concepts that one must unlearn from ipv4:

Concept 1

brianwoo

Debian or Kali Linux installed to as KVM (libvirtd) guests do not automatically have qemu-guest-agent or spice-vdagent installed. This will prevent seamless movement of the mouse cursor between the guest and host desktop in Virtual Machine Manager (requiring the use of a Ctrl-Alt to release the cursor from the guest window).

To cure this, install both qemu-guest-agent and spice-vdagent on each guest and reboot (the guests).

sudo apt install qemu-guest-agent
sudo apt install spice-vdagent
sudo apt install xserver-xorg-video-qxl

cGandom

Emulating Raspberry Pi 4 with Qemu

Just a quick update before we dive in: what we're actually doing here is running Raspberry Pi OS (64-bit) on a QEMU virtual ARM setup. This isn't full-blown hardware emulation of the Raspberry Pi 4, but more about creating a virtual environment for the OS. It doesn't mimic all the specific hardware features of the Pi 4, but it's pretty useful and great for general testing. I turned to this solution mainly to extract a modified sysroot from the Raspberry Pi OS, something not readily available in other resources. For those looking into detailed emulation of the actual Raspberry Pi 4's hardware in QEMU, check out this link for the latest updates: https://gitlab.com/qemu-project/qemu/-/issues/1208.

Hope it helps! :D

Shortcomings: No GUI yet, only console.

Steps

firelightning13

Running Windows 10/11 Guest with GPU Passthrough using laptop running Fedora

Abstract

This is a full guide for people who wanted to set up Windows 10/11 VM with QEMU/KVM hypervisor enhancements for a laptop that is configured with hybrid graphics card like Intel/AMD + NVIDIA. This process will take about 1 to 2 hours, depending on your system's performance and your patience =)

There is another comprehensive guide you can follow here (shoutout to asus-linux team who made supergfxctl which is a very important tool for this guide). It is more up-to-date than mine. I would probably incorporate those information into my guide, but you are welcome to use this one as a reference!

Before we proceed:

• This guide is exclusively for Fedora users because this distro is quite different to set up than other distro such as Arch. I would say Arch is easier to setup than Fedora, but sometimes you like to use Fedora than Arc

YuriyGuts

#!/usr/bin/env bash

# This script installs a PAM configuration script as a macOS launch daemon
# so that Touch ID for sudo is always available and persists across OS updates.
# NOTE: You might need to allow /usr/bin/env in Security & Privacy > Full Disk Access.

set -euo pipefail

PACKAGE_NAME="com.yuriyguts.persistent-touch-id-sudo"
CONFIG_SCRIPT_INSTALL_PATH="/usr/local/bin/${PACKAGE_NAME}.sh"

Gowee

#!/bin/sh
# Copyright (C) 2020 Michel Stam <[email protected]>
# Copyright (C) 2021 Hung-I Wang <[email protected]>
# 
# The script is adatped from:
# https://github.com/ndilieto/uacme/blob/5edec0eea1bcf6f454ec1787297c2408c2f2e97a/nsupdate.sh
# 
# Licensed under the the GNU General Public License <http://www.gnu.org/licenses/>.

# The script is meant to be used as a hook script of uacme to update TXT records for acme challenges. 

CHSuworatrai

VMware vSphere 6 Enterprise Plus	
1C20K-4Z214-H84U1-T92EP-92838
1A2JU-DEH12-48460-CT956-AC84D
MC28R-4L006-484D1-VV8NK-C7R58
5C6TK-4C39J-48E00-PH0XH-828Q4
4A4X0-69HE3-M8548-6L1QK-1Y240

VMware vSphere with Operations Management 6 Enterprise	
4Y2NU-4Z301-085C8-M18EP-2K8M8
1Y48R-0EJEK-084R0-GK9XM-23R52

alexg0

#! /bin/bash

APPLE_WATCH_PAMID_LIBPATH=/usr/local/lib/pam/pam_watchid.so.2
APPLE_WATCH_PAMID_URL=https://github.com/msanders/pam-watchid
APPLE_WATCH_PAMID_PATH=$HOME/src/pamid-applewatch
enable_sudo_with_apple_watch_and_touch_id() {
  trap 'popd' EXIT INT HUP

  enable_apple_watch() {
    if ! test -f $APPLE_WATCH_PAMID_LIBPATH