Rairii

@Rairii@haqueers.com

Reversing (malware and otherwise); appsec and websec; embedded security; exploit dev; software preservationist; knows how not to use cryptography.

Currently finding bugs in Windows bootloaders.

You may also know me from capcom.sys.

#nobot

This profile is from a federated server and may be incomplete. Browse more on the original instance.

rysiek, to random
@rysiek@mstdn.social avatar

I had a thought recently that is not yet entirely formed — but I'll put it out here anyway.

When the :birdsite: migration started in November, among many pieces written about it, I remember somebody (can't remember who!) making a point that the main product of a social network is moderation. And it made a lot of sense then and continues to do so in the context of fedi.

But looking at changes on :birdsite: and at BlueSky, it seems to me there is another possible product: reach.

Rairii,

@rysiek just did a quick search for a screenshot of the client, bs does have boosts

Sterophonick, to random

VisualBoyAdvance users going to hell for using VisualBoyAdvance

Rairii,

@Sterophonick Very Bad Amulator

atomicpoet, to random

Bluesky vs. Mastodon is not as black and white as many seem to think.

Let me explain why. 🧵

  1. A Twitter founder funds and advises Bluesky.

Okay, a Twitter founder (@ev) runs a for-profit instance, and another (@biz) has offered to advise Mastodon.

  1. Bluesky accepted VC money.

A VC firm owns 3 of the top 5 largest Mastodon servers

  1. An evil corporation (Twitter) helped develop Bluesky.

An evil corporation (Google) helped develop the Fediverse

I have further thoughts here...

Rairii,

@atomicpoet this assumes that Barcelona really will implement ActivityPub fully (from the start), and not just a one-way bridge.

"I don't like Meta. They're terrible. They're a shit stain on society" - agreed, and in my opinion people agreeing with this statement is why Barcelona will get heavily blocked upon release.

Rairii, to random

hmm

hal function pointers still aren't protected by patchguard

anti-cheat drivers hook hal function pointers

Rairii, to random

onenote copilot

it's not as broken as word copilot was

of course it still hallunicates stuff as you'd expect lol

Rairii, to random

there are definitely private keys in the MSI AMIBIOS trees.

Rairii,

for example:

"E7D78AMS120.exe", a 7z sfx containing AMIBIOS src tree.

this is for the "PRO B650-P WIFI" (and the AGESA tree inside happens to have Proton/HSP related bianries/headers in there).

there's a signed binary in there, signature is valid, and the binary is 100% identical to https://download.msi.com/bos_exe/mb/7D78v12.zip

the private key in that tree is the production private key.

EeveeEuphoria, to random

multi-level marketing firm based in the metaverse

Rairii,

@EeveeEuphoria the company name? sussy baka

0xabad1dea, to random

Windows 11 has a really aggravating misfeature: every 15 minutes or so, an icon appears on the taskbar to indicate that the built-in widgets are accessing my location, which causes the entire taskbar to ripple to accommodate it, then ripple again when it despawns

Rairii,

@jernej__s @0xabad1dea note to self: figure out what to hook to fix that

Rairii, to random

nice, what looks like AMI BMI firmware trees as part of the MSI drop

Rairii, to random

downloaded a zip file from the msi src tree drop
check dir tree, looks 8051, with c compiler / etc included
extract... broken zipcrypto lol

looks like i'm going to have to run a known plaintext attack on an android phone :D

Rairii,

well, that worked lol

the key for NB_EC/DEC/MSIK/202212/SRC/17L5EMS2.107.SRC.zip is 50a827ad bdf0c003 c6defabb

password is over 11 chars long, bruting that from an android phone is going to be impractical lol

Rairii,

ok, there's a batch file inside that zip that has the password in it lol

it's MsiGamingTopChoice

Rairii,

oh nice, an RSA-2048 keypair (in DER format) for signing embedded controller firmware images

FWpriv_ADL_17L5.key

Rairii,

@vathpela and even then some "interesting" choices of HSM have been used

for example: sentinel HASP dongle

Rairii, to random

I just noticed money message quietly dropped the MSI src trees.

hxxp://vkge4tbgo3kfc6n5lgjyvb7abjxp7wdnaumkh6xscyj4dceifieunkad.onion/SW_sourcecode/

I wonder how long it'll take for people to mirror everything.

atomicpoet, to random

The federation.info says Misskey has 1,616,122 users.

I have my doubts about this because two other sources say it’s appr. 300,000.

Rairii,

@atomicpoet yeah, there's several *key servers that according to the-federation are obviously faking user counts

Xeno, to random

Windows 10 22H2 is the final version of Windows 10 + Windows 11 LTSC coming in late 2024

Source: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-client-roadmap-update/ba-p/3805227

Rairii,

@Xeno Next Valley eta wen

atomicpoet, to random

It’s bizarre that people aren’t taking Bluesky to task for using only ONE node!

Rairii,

@atomicpoet how long has their timeline for Actual Decentralisation been "Soon(tm)"?

kiwa, to random
@kiwa@bitbang.social avatar

🗣️🗣️🗣️🗣️🗣️🗣️🗣️🗣️

Rairii,

@kiwa "i'll tell my kids this was quantum computing"

winload_exe, to random
@winload_exe@wetdry.world avatar

running doom in winload/bootmgfw or bust

Rairii,

@winload_exe this https://github.com/Cacodemon345/uefidoom

plus this https://github.com/Wack0/SecureBootPolicyTools/tree/master/BootAppToEfi

GossiTheDog, to random
@GossiTheDog@cyberplace.social avatar

If you need a way of identifying systems - PaperCut MF is being used by Cl0p ransomware group via vulnerabilities - here's a @shodan query: http.favicon.hash:-1142586156

Add org:ASNname to search your company name

If you want to be more generic for older versions, use html:Papercut as search

It's a heavy exposure in western countries.

MSFT background: https://twitter.com/MsftSecIntel/status/1651346653901725696

Rairii,

@GossiTheDog so your forecast is lots of publicly distributed backups?

jan, to fediverse
@jan@toot.io avatar

deleted_by_author

    •
    Rairii,

    @jan oh look it's run by jeff

    evelyn, to random

    person engages in weird culture warring over CWs?
    check profile
    november 2022, every time

    Rairii,

    @evelyn i can't believe i'm quoting david cameron, but too many twits might make a twat

    ioletsgo, to random
    @ioletsgo@wetdry.world avatar

    They are imprisoned for pirating Shrek 3

    Rairii,

    @ipg @ioletsgo but shrek the third doesn't exist

  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • InstantRegret
  • mdbf
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • JUstTest
  • Durango
  • everett
  • cisconetworking
  • Leos
  • normalnudes
  • cubers
  • modclub
  • ngwrru68w68
  • tacticalgear
  • megavids
  • anitta
  • tester
  • lostlight
  • All magazines
    •