@SuitedUpDev@mastodon.online
@SuitedUpDev@mastodon.online avatar

SuitedUpDev

@SuitedUpDev@mastodon.online

Laravel Developer by day, sleeping developer by night. Sometimes Python and JS. Does stuff with Home Assistant. Toots in 2 languages (NL/EN). Trying to learn Korean.

Light themes 💓
Deploys on Friday's :blobcatknife:
Leader of the pabo board.

btw I use arch.

#Laravel #PHP #Linux #ArchLinux #HomeAssistant #DevOps #CatsOfMastodon

This profile is from a federated server and may be incomplete. Browse more on the original instance.

megamatt, to conspiracy
@megamatt@mastodon.online avatar

So Dutch Threads is uh, it's a wild ride. This person thinks is a WEF conspiracy for planned obsolescence and surveillance? I asked them and they assured me that this was not satire.

(Translation in alt)

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@megamatt if only the IPv6 migration went as far as fast as the conspiracy theory implied 🥲

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@megamatt Oh god.. Better 5G reception would be the dream :ablobcatheartsqueeze:

PS. Odido if you are reading this, pls join this conspiracy. I want IPv6 as well!

SuitedUpDev, to random
@SuitedUpDev@mastodon.online avatar

> posts 2 hours ago "sleep is important"
It's 2 AM here and I can't sleep.

Just typical.

SuitedUpDev, to random
@SuitedUpDev@mastodon.online avatar

I'm such a Timmy

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@WandaLee58 Yes but Wanda's need sleep!

jarno, to random Dutch
@jarno@mastonederland.nl avatar

Wie van jullie heeft er ook een verkiezingsposter voor het raam hangen en zo ja, van welke partij?

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@jarno NOG niet, maar er komt een GL/PvdA poster te hangen

meidastouch, to random

🚨 This story needs to be everywhere:

Donald Trump posted a video about "What's Next For America" if he were to become president.

Underneath, it touts "the creation of a UNIFIED REICH" – straight out of Nazi Germany.

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@meidastouch Is there are mirror of the video available somewhere?

SuitedUpDev, to random
@SuitedUpDev@mastodon.online avatar

I am currently, de-compiling MIPS binaries for Linux.

Because apparently my life isn't horrible enough. 😩

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Oeh.. that's interesting to know! 😇

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen @knuppelbeer 🤐 🤐 🤐

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Yeah it shows that you've done professional C and C++ development work.

Unfortunately this is isn't opensource code, hence the decompilation ;-)

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen It's for a functionality called "WiFi file transfer".

But it's leaky, it's extremely easy to let the webserver display the root of the device.

I haven't started exploiting the webserver yet, but I am definitely going to! 😄

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Yesterday evening (right before I wanted to go to bed) I managed to compile a 'dropbear' (ssh server) binary for MIPS.

I still have to try it on the device itself tho... I at least figured out a way to potentially run of the microSD card, so I don't need to repackage firmware updates or anything.

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen I extracted a firmware update for the device, which just gave me convenient access to everything 😃

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Yeah it's run kernel 3.10.14 and the firmware is based on "Buildroot 2014.05".

The fact that their entire OS is based on a release from 2014 but the device was release in 2019 kinda worries me 🙈.

But even without those CVEs, validation for file uploads are done on the frontend. From what I gathered so far, the backend will just accept ANYTHING, you throw at it.

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Yes I already figured out that it does a check on the upload to see if the path name starts with /mnt/mmc if it does start with that it will just do a system call to "mv" the file from the temp directory to the actual directory.

So my guess that setting the path to "/mnt/mmc/../../tmp/" would suffice.

(I have to try it out tho)

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen I think (almost) everybody agrees with you on this 😁

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

Aright! Here goes nothing 🤞

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

Debugging time I guess...

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen MUAHAHA it works...

image/png

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@hvangalen Yes! Yesterday I already put the dropbear binary and the supporting scripts on the SD card. But it refuses to boot.

Because having ssh on would make this endeavor a whole lot easier.

sakurako, to random
@sakurako@kpop.social avatar

@ikonoijoy_ is back and so are unikoraburies <33

likewise, 😄🤟
likewise, change of outfit, demonic lightning

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@sakurako Don't go to the upside down....

It's has Strange Things there... :scremcat:

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@sakurako wat.... Why not?

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@sakurako Now I am disappoint. 😭

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@sakurako 😭

SuitedUpDev,
@SuitedUpDev@mastodon.online avatar

@sakurako No you didn't! :apartyblobcat:

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • cubers
  • DreamBathrooms
  • thenastyranch
  • ngwrru68w68
  • Durango
  • magazineikmin
  • Youngstown
  • InstantRegret
  • rosin
  • slotface
  • tester
  • kavyap
  • ethstaker
  • megavids
  • osvaldo12
  • khanakhh
  • cisconetworking
  • tacticalgear
  • everett
  • mdbf
  • Leos
  • anitta
  • GTA5RPClips
  • normalnudes
  • modclub
  • provamag3
  • lostlight
  • All magazines
    •