Will Dormann is on Mastodon
@wdormann.bsky.social
I play with vulnerabilities and exploits.
While this site initially showed promise, I've grown tired with its lack of improvement.
You'll find me @[email protected] on Mastodon.
While this site initially showed promise, I've grown tired with its lack of improvement.
You'll find me @[email protected] on Mastodon.
Eh, I just enabled passwordless for my 20-year-old hotmail account.
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
May 1, 2025 at 3:21 PM
Eh, I just enabled passwordless for my 20-year-old hotmail account.
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
And RDP still accepted my old password. (No Microsoft Authenticator required)
🤷♂️
Testing GIF upload from an iPhone...
April 28, 2025 at 7:07 PM
Testing GIF upload from an iPhone...
If the desire is to implement your own homemade WDAC block policies, tread lightly. If you simply apply a "block this thing" policy, you might very well end up preventing Windows from booting, as a "block this thing" without a corresponding "allow this", well...
WDAC will only block and not allow.😬
WDAC will only block and not allow.😬
March 12, 2025 at 1:25 PM
If the desire is to implement your own homemade WDAC block policies, tread lightly. If you simply apply a "block this thing" policy, you might very well end up preventing Windows from booting, as a "block this thing" without a corresponding "allow this", well...
WDAC will only block and not allow.😬
WDAC will only block and not allow.😬
No, I don't have a Facebook or Reddit account.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
December 2, 2024 at 9:21 PM
No, I don't have a Facebook or Reddit account.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
I suppose I was referring to Twitter and Mastodon.
With either of those you can upload a media thing (image, animated, GIF, MP4, etc.), and the trigger to do that is you click a single "media" button.
Separate buttons is completely unnecessary.
Wait...
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
December 2, 2024 at 8:17 PM
Wait...
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
Animated GIF images maybe need to be uploaded using the "Movie" icon, because GIF89a's are clearly not images? 🤔
Oh, BlueSky doesn't even support uploading animated GIFs.
FFS why is this platform so slow to improve?
FFS why is this platform so slow to improve?
November 18, 2024 at 3:06 AM
Oh, BlueSky doesn't even support uploading animated GIFs.
FFS why is this platform so slow to improve?
FFS why is this platform so slow to improve?
So you have to use BlueSky directly to get animated GIFs? Lame...
November 18, 2024 at 3:04 AM
So you have to use BlueSky directly to get animated GIFs? Lame...
Testing multi-posting app Croissant...
November 18, 2024 at 3:01 AM
Testing multi-posting app Croissant...
Eventually your client will get throttled with an HTTP 429 (Too many requests), or the site will otherwise fail.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
November 16, 2024 at 8:14 PM
Eventually your client will get throttled with an HTTP 429 (Too many requests), or the site will otherwise fail.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
If you have a lot of posts to delete, it's going to take a while.
But is worth it, IMO.
You'll note that what you get is not just a blob of text that you'll have to grep through, but a FULLY FUNCTIONAL website including search! And all uploaded media will be there in the form that it was in on the Twitter website.
Delete away, friends!
Delete away, friends!
November 16, 2024 at 8:11 PM
You'll note that what you get is not just a blob of text that you'll have to grep through, but a FULLY FUNCTIONAL website including search! And all uploaded media will be there in the form that it was in on the Twitter website.
Delete away, friends!
Delete away, friends!
Did everybody enjoy that video streaming marvel that was the Mike Tyson fight last night?
November 16, 2024 at 3:22 PM
Did everybody enjoy that video streaming marvel that was the Mike Tyson fight last night?
PDD is a company that makes Pinduoduo and Temu. The former is the version of the store for the Chinese market, made available in Chinese app stores. The latter is for the rest of the world, available in the Google Play Store.
The company that runs Pinduoduo and Temu decided to use an 0day exploit.
The company that runs Pinduoduo and Temu decided to use an 0day exploit.
February 14, 2024 at 2:48 PM
PDD is a company that makes Pinduoduo and Temu. The former is the version of the store for the Chinese market, made available in Chinese app stores. The latter is for the rest of the world, available in the Google Play Store.
The company that runs Pinduoduo and Temu decided to use an 0day exploit.
The company that runs Pinduoduo and Temu decided to use an 0day exploit.
Every Patch Tuesday I'm reminded that in Microsoft's world, "No thanks" means "Ask me again later".
February 13, 2024 at 7:22 PM
Every Patch Tuesday I'm reminded that in Microsoft's world, "No thanks" means "Ask me again later".
Dear documentation authors,
You... You do know that people can't click buttons on paper, right?
You... You do know that people can't click buttons on paper, right?
February 11, 2024 at 5:13 PM
Dear documentation authors,
You... You do know that people can't click buttons on paper, right?
You... You do know that people can't click buttons on paper, right?
watchTowr: Ivanti Connect Secure CVE-2024-22024 - Are We Now Part Of Ivanti?
labs.watchtowr.com/are-we-now-p...
labs.watchtowr.com/are-we-now-p...
February 9, 2024 at 1:20 PM
watchTowr: Ivanti Connect Secure CVE-2024-22024 - Are We Now Part Of Ivanti?
labs.watchtowr.com/are-we-now-p...
labs.watchtowr.com/are-we-now-p...
I get it that it's a touch more effort to do your homework and determine if a vulnerability is new, or whether it's merely another product affected by an EXISTING vulnerability. But can we at least pretend that we want to follow CVE rules?
CVE-2024-21893 is merely CVE-2023-36661
CVE-2024-21893 is merely CVE-2023-36661
February 5, 2024 at 2:01 PM
I get it that it's a touch more effort to do your homework and determine if a vulnerability is new, or whether it's merely another product affected by an EXISTING vulnerability. But can we at least pretend that we want to follow CVE rules?
CVE-2024-21893 is merely CVE-2023-36661
CVE-2024-21893 is merely CVE-2023-36661
Ivanti Connect Secure is vulnerable to xmltooling CVE-2023-36661.
How was this handled?
HackerOne assigned CVE-2024-21893 to capture this.
Nobody knows how CVE works, and nobody enforces any rules. 🤦♂️
twitter.com/stephenfewer...
How was this handled?
HackerOne assigned CVE-2024-21893 to capture this.
Nobody knows how CVE works, and nobody enforces any rules. 🤦♂️
twitter.com/stephenfewer...
February 3, 2024 at 4:41 PM
Ivanti Connect Secure is vulnerable to xmltooling CVE-2023-36661.
How was this handled?
HackerOne assigned CVE-2024-21893 to capture this.
Nobody knows how CVE works, and nobody enforces any rules. 🤦♂️
twitter.com/stephenfewer...
How was this handled?
HackerOne assigned CVE-2024-21893 to capture this.
Nobody knows how CVE works, and nobody enforces any rules. 🤦♂️
twitter.com/stephenfewer...
Remember when Barracuda Networks told customers to discard devices exposed during CVE-2023-2868?
Completely ridiculous, right???
Actually, no. This advice is evidence that Barracuda actually understands how things work.
Thoughts and prayers for the Ivanti customers out there...
Completely ridiculous, right???
Actually, no. This advice is evidence that Barracuda actually understands how things work.
Thoughts and prayers for the Ivanti customers out there...
February 2, 2024 at 5:34 PM
Remember when Barracuda Networks told customers to discard devices exposed during CVE-2023-2868?
Completely ridiculous, right???
Actually, no. This advice is evidence that Barracuda actually understands how things work.
Thoughts and prayers for the Ivanti customers out there...
Completely ridiculous, right???
Actually, no. This advice is evidence that Barracuda actually understands how things work.
Thoughts and prayers for the Ivanti customers out there...
There we go. Now, given that it definitely costs more to make and attach fake antennas... Presumably it was determined that sales would be better (in an amount that exceeded the extra cost) if it wasn't obvious that this used an internal antenna? 🤔
February 2, 2024 at 3:42 PM
There we go. Now, given that it definitely costs more to make and attach fake antennas... Presumably it was determined that sales would be better (in an amount that exceeded the extra cost) if it wasn't obvious that this used an internal antenna? 🤔
Got a cheap toy drone, and it has... Fake antennas!
I mean, why bother?
I mean, why bother?
February 2, 2024 at 3:27 AM
Got a cheap toy drone, and it has... Fake antennas!
I mean, why bother?
I mean, why bother?
Looks like some kind soul uploaded mitigation.release.20240126.5.xml to VirusTotal.
As such, here are the mitigitations for CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.
CVE-2024-21888 has no love?
tinyurl.com/2vyjedh6
tinyurl.com/bp5t7vr5
tinyurl.com/4jjmtnj9
As such, here are the mitigitations for CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.
CVE-2024-21888 has no love?
tinyurl.com/2vyjedh6
tinyurl.com/bp5t7vr5
tinyurl.com/4jjmtnj9
February 1, 2024 at 3:51 PM
Looks like some kind soul uploaded mitigation.release.20240126.5.xml to VirusTotal.
As such, here are the mitigitations for CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.
CVE-2024-21888 has no love?
tinyurl.com/2vyjedh6
tinyurl.com/bp5t7vr5
tinyurl.com/4jjmtnj9
As such, here are the mitigitations for CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893.
CVE-2024-21888 has no love?
tinyurl.com/2vyjedh6
tinyurl.com/bp5t7vr5
tinyurl.com/4jjmtnj9
Hey everybody there are unfixed vulnerabilities in Ivanti Connect Secure!
No, not those (which are STILL unfixed).
The new ones: CVE-2024-21888 (privesc to admin) and CVE-2024-21893 (SSRF to access "restricted resources")
mitigation.release.20240126.5.xml
forums.ivanti.com/s/article/KB...
No, not those (which are STILL unfixed).
The new ones: CVE-2024-21888 (privesc to admin) and CVE-2024-21893 (SSRF to access "restricted resources")
mitigation.release.20240126.5.xml
forums.ivanti.com/s/article/KB...
January 31, 2024 at 1:00 PM
Hey everybody there are unfixed vulnerabilities in Ivanti Connect Secure!
No, not those (which are STILL unfixed).
The new ones: CVE-2024-21888 (privesc to admin) and CVE-2024-21893 (SSRF to access "restricted resources")
mitigation.release.20240126.5.xml
forums.ivanti.com/s/article/KB...
No, not those (which are STILL unfixed).
The new ones: CVE-2024-21888 (privesc to admin) and CVE-2024-21893 (SSRF to access "restricted resources")
mitigation.release.20240126.5.xml
forums.ivanti.com/s/article/KB...
Apparently the Intel Wi-Fi driver for Linux isn't terribly reliable.
Which makes me wonder... what's the go-to Wi-Fi 6E adapter that people use in the Linux world these days?
Or has the Linux world not quite embraced Wi-Fi yet, and reliable requires wired?
bugzilla.kernel.org/show_bug.cgi...
Which makes me wonder... what's the go-to Wi-Fi 6E adapter that people use in the Linux world these days?
Or has the Linux world not quite embraced Wi-Fi yet, and reliable requires wired?
bugzilla.kernel.org/show_bug.cgi...
January 28, 2024 at 2:29 PM
Apparently the Intel Wi-Fi driver for Linux isn't terribly reliable.
Which makes me wonder... what's the go-to Wi-Fi 6E adapter that people use in the Linux world these days?
Or has the Linux world not quite embraced Wi-Fi yet, and reliable requires wired?
bugzilla.kernel.org/show_bug.cgi...
Which makes me wonder... what's the go-to Wi-Fi 6E adapter that people use in the Linux world these days?
Or has the Linux world not quite embraced Wi-Fi yet, and reliable requires wired?
bugzilla.kernel.org/show_bug.cgi...
Looks like they fixed it.
I guess updating websites without breaking existing links is... difficult?
I guess updating websites without breaking existing links is... difficult?
January 25, 2024 at 10:19 PM
Looks like they fixed it.
I guess updating websites without breaking existing links is... difficult?
I guess updating websites without breaking existing links is... difficult?