When I was a teenager we had some natural disaster and the highschools had to share sites, the way they did it was we did school 12-6. We would eat dinner togeather after school I think we enjoyed it despite not being the norm
I love these HiSilicon boxes, take a look at the OpenIPC project if you want to secure your device. It's open source firmware for these boxes, I want to give a big shoutout to Igor Zalatov and Flyrouter for all their support when working on these boxes http://openipc.org
@thu2111 He's giving you an attack chain.
If you rebind the dns server of the modem with a snmp/tr069 exploit you could redirect/inject into the http traffic a page that contained the javascript payload to exploit the Cable Haunt vulnerabiliy against the Spectrum Analyser endpoint. Because websockets doesn't use CORS to restrict the requesting hosts domain to the modem, you could execute code on the gateway modem from the internet with the combination of a client on the remote network running a http request from a browser combined with an alternative dns rebinding attack against the gateway and a server hosting the malicious websockets payload on a http server.
I recently had the frustration of trying to use a Vodafone ISP Supplied modem. It had a propietary interface which didn't allow using the modem as a bridge to a network not on a vlan. Along with the help of the awesome team at hack-technicolor we managed to find a command execution exploit in the dyndns updater which allowed us to free the Vodafone UltraHub Technicolor DGA0130VDF modem along with others. The device is a cool box running a Dual Core Broadcom 400MHz CPU with 256MB DDR3 RAM it's a DSL/WAN router with ADSL/VDSL, Wi-Fi 11b/g/n/ac 5GHz/2.4GHz, And SIP support for two phones. Also now a working WAN port to a non-vodafone gateway. The device was running openwrt; We also figured out how to keep persistance on the device after a firmware update to an unexploitable version meaning you can even have SSH running on the latest kernel from Vodafone too. In all had a great time working on this box and feels awesome to free an otherwise awesome device from the trash-heap!
https://github.com/kevdagoat/hack-technicolor/issues/68
I'm more getting at the facy that this is a link to reading an article
Not a link to a who-can-get rid of the popup the best contest
We're the people that build these systems and this is about design and usability and when you open a can of cola you would be upset if it were worms because it said cola on the front
I wonder how many hours of peoples lives are lost to trying to control the computer to get it to do what it said it was doing on the tin, rather than what is in the interests of the politics or the profit
I correlate it to the same level as clickbait and I'm sure their are other humans out their that get the same taste in their mouth when using the internet, and then go on to do other things instead, which means that they are potentially missing out on learning something vaulable in the future, because of an impression your design made in the past.
People should think more about the psycology of design and what the goal of the message of the content their sending is and try not to give into logic like this:
I publish my papers online, they are academic and educational; I want more money. I add ads or political messages onto the website that was before purely educational because it will help me aquire money. You are no longer selling a delicious can of cola but a terrible can of worms
The New Zealand Nuclear Free Zone, Disarmament and Arms Control Act 1987 is arguably the strongest anti-nuclear weapon domestic legislation in the world. It bans nuclear weapons and propulsion from New Zealand's land, sea and airspace out to the country's 12-mile territorial limits.
In most javascript sandboxes if you request a domain from an site you are restricted by the same content policy. This makes it harder to do things like make requests to sites for example that don't use https when your on one that does use it.
also no support for plugins web interfaces on chrome headless meaning every time you want to test a plugin you have to bring up a virtual X11 server to deal with it
I work with chromium using chromes debug protocol (CDP) to do automation. You'd be suprised how much of the browser your dealing with as a facade- they sell things like a headless browser that don't oblige by the most basic of requests given to the browser e.g hide all the scrollbars
that in addition to using double the resources and taking twice as long to preform any operations
I tell you that thing looks shiny on the surface but their is nothing their
I think the work should be done on building and making webkit, blink and gecko better as the referece implementations before we try and yet again make something shiny that can barely do the job it should be
I'm currently bootstrapping an api/sass that takes any url and converts it to an image. It runs on top of chromium and uses the CDP protocol to do cool things like automate basic auth, custom http headers, injected js, mock mobile templates and device emulation, custom interactions with the webpage, it can also return json or upload the results to dropbox, s3, or google cloud storage. I'm looking to chat with people interested in this kind of technology as I polish off the final touches on the API and get the product live!
What kind of features would be useful to you if you were to go the API route for something like this?
I used something similar to this in the past to evade traffic manipulation on a controlled network. Iodine gives you a full tun/tap connection and encapsulates an ipv4 connection over dns null requests and responses. I'm not sure it is stealthy as such countless random requests to a single wildcard domain look a little suspicious even in the high noise environment I was testing in the blue team caught on after a few months.
I ran mosh and ssh over top to secure the connection
Just enough bandwidth for an 80x30 in realtime
I think you can force load a plugin in chromium headless with a command line argument.
Last time I checked the issue was accessing the html dom of the extension e.g chrome-extension://blahblahblah as it only returns a blank page.
The other annoying issues I experienced and currently remain unresolved in the latest chromium build headless mode + CDP are:
1. Granting permissions to scopes for sites e.g geolocation, notifications
in Browser.GrantPermissions
2. Setting a mock geolocation
in Page.setGeolocationOverride
I've tried replacing the JS navigator function for geolocation, even if you grant the geolocation permission on the site it still says that it is prompting the user
If anyone has any advice on how to resolve these issues without a virtual X server it would be greatly appreciated. Feel free to drop me a bell @ [email protected] or in a comment.
If google needs anyone to find bugs in chrome headless and CDP I need a job.
I generally find other people to hit me with a broom until I finish the project I'm currently working on.
This is not renewable because generally these people don't fully understand the product I am building and at the same time the whole broom as a service does get expensive.
I think if we can get too the point where we distribute the brooms in such a way that people do not need a third party for their sweeping needs that humanity as a whole might finally be able to finish a project.
Hi, I was wondering if anyone could answer a couple of questions how this application interfaces with CPEs and how it compares to existing tools (TR-064/TR-069). So I understand messages are passed over http
1. how does the cpe then know where to get and set the relevant configuration data? Is this done automaticly or do I have to write additional code to interface with the specific device implementation from here?
(how posix compatible is this?)
2. How does this library scale? How many devices are you able to concurrently manage and how beefy of a machine\internet connection does it require?
Looks like a cool project I'm currently writing my own TR-064\TR-069 libary with plans on an ACS in python. I'll have to have a bit more of a read but some more flowcharts would be awesome, I love flowcharts for big picture stuff like this.
What if one community has money to spend on drones,
While the other does not?
What if both communities have enough money and value human life so they just send endless drones at each other smashing said drones into pieces until one community has enough money to spend on drones and one does not
It could be about power, and from what I've seen, the people that come from that: don't like to not come from that
complacency is a word that comes to mind