Olivia
Online
Fox
@DenFox93
Joined July 2013
1.4K Following
80 Followers
1.4K Posts
Gpt-2 is just 174 lines of code... How crazy is that
@zetachain @esatoshiclub Zetachain lets you call a Bitcoin wallet from an Ethereum smart contract no bridges or wrapped BTC needed!
@BGatesIsaPyscho Not true, this is is Maya Bay at koh Phi Phi. You cannot enter in the water because of the sharks
@dustfuncrypto @zetachain Some say it’s just a degen meme protocol, others believe it’s a portal to an alternate dimension where every dust wallet holds millions in lost Bitcoin. But the truth? The truth is hidden in the etherscan tx history of the Illuminati’s MetaMask.
When Bitcoin hits $100,000 I will give 1 BTC to one person who follows me.
The rules are simple:
- like this tweet, follow me and RT
- comment “100k incoming”
Let’s go! $BTC #bitcoin
@kris 100k incoming
Today I received a $12,000 bounty using the Sandwich Attack ! 🤑
The vulnerability allowed me to enumerate the API Keys of other users 🤯
How did I do that ? Well the API key was a UUIDv1. If you are not familiar with UUIDv1s you need to know that they are constructed in 6 sections:
High, Mid, Low, Clock Sequence, Node ID, and UUID version.
Interestingly, the Node ID corresponds to the MAC address of the system generating the identifier. This means that if two consequent UUIDs are generated on the same device, this part remains the same, similar to the Clock Sequence.
When High, Mid, and Low are combined, they reveal a timestamp represented in hexadecimal value.
Using some basic mathematics it's possible to subtract the offset between the Gregorian Calendar and the Julian Calendar and then divide by 1000 to get an Epoch TimeStamp.
Ok now that we know that they are generated by a timestamp + machine ID, it means that we could generate them back if we know when the API keys were created 🧐
Luckily enough the API Key that I was using was generated in a batch, meaning I could use the Sandwich Attack in order to brute force the API Keys of other users easily 🔥
If you want to know more about how I exploited the Sandwich Attack, go check my video about this on my YouTube channel 🤟
Let's play a game. W̵h̵a̵t̵ ̵i̵s̵ ̵t̵h̵e̵ ̵v̵u̵l̵n̵e̵r̵a̵b̵i̵l̵i̵t̵y̵?̵
How would you respond to this report?
@vxunderground awesome. I take the chance 🤞🏻
Are you interested in freelancing in cybersecurity and automation services?
I'm on the lookout for people who are interested in freelancing in Cybersecurity &/OR Automation of business processes within the IT industry with training starting immediately.
If this sounds like you, please get in touch with me!
#cybersecurity #freelancing #freelancer #automation #ai #workfromanywhere
Analysis of the Stars Arena exploit:🔽
The contract is not open source, there seems to be a reentrancy vulnerability.
During the call of the 0xe9ccf3a3 function, the attacker reentered and called the 0x5632b2e4 function, setting a block height.
Then, in the sellShares function, this height was used as a parameter to calculate the amount of $AVAX to send, resulting in an abnormally large calculated amount. Ultimately, the attacker was able to obtain a large profit.
Vitalik dropped a big blog post about Ethereum's future
Here's everything you need to know (even if you're non-technical)
A THREAD 🧵
1990: Clifford Stoll's book "The Cuckoo's Egg" was turned into an episode of NOVA entitled "The KGB, the Computer, and Me". Without spoiling it, it's a story of how he tracked down a hacker who broke into his employer's computer. Watch it for free: https://t.co/FZSRWwX6Lt
$50k bug bounty on Shopify explained.
In this video, learn how Augusto Zanellato found a critical GitHub PAT linked to private Shopify repositories, earning a $50,000 bounty!
Watch now 👇
https://t.co/xRKEqSBdZW
Use silent #SMS messages to track LTE users’ locations
An attacker sends silent SMS messages with a defined pattern and analyze LTE traffic to verify the victim location.
All you need is just: SDR + SIM cards + LTESniffer software
https://t.co/fFfiBmmGgs
Oh wow, this joke is actually true! 🙃
I interviewed over 70 full-stack engineers in the last years.
I created a Notion based "Learn Full-Stack Development Pack V3" that contains a learning path to become a full-stack dev based on free resources.
Retweet and reply with "free" and I'll DM it to you.
(need to follow)
For everyone who didn't get to my @nullcon @paymentvillage training, I suggest starting with this free content:
https://t.co/RR6JHoyuKG - Offensive Payment Security (2h workshop)
https://t.co/1f0VMY1moR - Payment Village DEF CON workshop (3h workshop about magstripe)
NEW fully undetectable AMSI bypass script based on Matt Graeber @mattifestation 'amsiInitFailed' script.
After one year my "old" AMSI bypass script is now detected by 9 AV. So here is the new fully undetectable script:
@kmkz_security
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers