Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "hacking"
i just love /r/hacking, best funny pics reddit i have ever seen.
Also, who would have tought rhat hackers are some of the most politest people?7
My last wk93 story, the time we discovered school faculty was spying on students and we uncovered student's deepest secrets.
I call it, kiddiegate.
So if you've read my past rants you've noticed I did some pretty childish and reckless stuff with my highschool's systems when I was younger, but nothing compares to this thing.
After resetting the sysadmin account pwd on some machines it occurred to me I could write a keylogger to capture teachers Moodle accounts and so on, I decided to try it out on a regular lab computer first.
Imagine my surprise when I found a hidden keylogger already installed! I couldn't believe it but then I thought, what if other PC's have it? So I recruited my mates and teached them the process to check if a PC had been infected...ALL PCs were, over 30 computers we checked had been logging for over 3 months! That damn sysadmin! >:[
We were shocked and angry, but then I thought "hey. . . My work has been done for me, better take advantage"
So we did, we extracted each log and then removed it from the PCs along with the keyloggers. There were hundreds of records and then one day we started snooping into the fb accounts of some students (we shouldn't have) we uncovered so many nasty, shocking secrets...
One of the school's lady's man had a drunk one nighter with one of our gay friends, the most secluded and shy guy was sexting like crazy with 15 chicks at the same time, things like that...we promised to never say a word and deleted the logs.
After that we didn't do much and continued highschool as every teenage minor should, getting drunk and avoiding responsibilities, though we could never see many of our classmates the same way. The sysadmin was fired shortly after I graduated, no reason was stablished.
I want to clear out we were minors and laws in my country weren't clearly stablished at the time plus no harm was ever done. I don't condone hacking or any kind of illegal activity, just thought I'd share.6
Worst fight I've had with a co-worker?
Had my share of 'disagreements', but one that seemed like it could have gone to blows was a developer, 'T', that tried to man-splain me how ADO.Net worked with SQLServer.
<T walks into our work area>
T: "Your solution is going to cause a lot of problems in SQLServer"
Me: "No, its not, your solution is worse. For performance, its better to use ADO.Net connection pooling."
T: "NO! Every single transaction is atomic! SQLServer will prioritize the operation thread, making the whole transaction faster than what you're trying to do."
<T goes on and on about threads, made up nonsense about priority queues, on and on>
Me: "No it won't, unless you change something in the connection string, ADO.Net will utilize connection pooling and use the same SPID, even if you explicitly call Close() on the connection. You are just wasting code thinking that works."
T walks over, stands over me (he's about 6.5", 300+ pounds), maybe 6 inches away
T: "I've been doing .net development for over 10 years. I know what I'm doing!"
I turn my chair to face him, look up, cross my arms.
Me: "I know I'm kinda new to this, but let me show you something ..."
<I threw together a C# console app, simple connect, get some data, close the connection>
Me: "I'll fire up SQLProfiler and we can see the actual connection SPID and when sql server closes the SPID....see....the connection to SQLServer is still has an active SPID after I called Close. When I exit the application, SQLServer will drop the SPD....tada...see?"
T: "Wha...what is that...SQLProfiler? Is that some kind of hacking tool? DBAs should know about that!"
Me: "It's part of the SQLServer client tools, its on everyone's machine, including yours."
T: "Doesn't prove a damn thing! I'm going to do my own experiment and prove my solution works."
Me: "Look forward to seeing what you come up with ... and you haven't been doing .net for 10 years. I was part of the team that reviewed your resume when you were hired. You're going to have to try that on someone else."
About 10 seconds later I hear him from across the room slam his keyboard on his desk.
100% sure he would have kicked my ass, but that day I let him know his bully tactics worked on some, but wouldn't work on me.7
So, you want to tell me the security method used by the f*cking state of Missouri is CSS's "display: none"???
I was watching "hacker reviews hacking scenes from movies", and god forbid they brought a woman to do the analysis. A lot of butt hurt boys in the comments, that women left the kitchen and got into programming.
This aside, the combination of ignorance and arrogance was just wow. I mean, if you want to be a dick, at least back it up with skills.
Don't make claims about how "GUI is the single most important piece of any software". *laughing in embedded programming*24
I tweeted a silly story about how I accidentally hacked my principal's email account when I was in middle school. (Yes, I did say "accidentally". The school network's security was that bad.)
Within minutes I had four replies telling me to contact people on Instagram to get my hacked account back. I guess I said the magic words and triggered some bots.
Dev of 15 years here. All my career historically started and evolved/revolved around Microsoft in one way or the other, so was my exposure to only DOS and the Windows as a child and growing up.
Like already discussed in multiple rants here, I was one of those naturally Windows -favoring ppl through all my life. That is not to say I didn't try Linux here and there, for hosting of personal projects, as one usually does. But it never quite stuck with me as a personal daily driver, mainly because all I ever needed for personal use was a browser, discord, and Steam/GOG/Epic Games store for gaming (work-wise I always had and still have company provided laptops which are OF COURSE Windows powered)
Anyway, maybe you can see where I'm going with this... I recently gave Nobara Linux a go (Glorious Eggroll's Fedora flavor, with some custom kernel patches) and I have to say, not thinking of going back to Windows at all.
Just a few thoughts on comparing two sets of experiences with Win vs Nobara
- Win definitely feels more sluggish
- Nobara's default desktop env was Gnome 42 with some extensions pre-enabled. I dove right into hacking/customizing it to my tastes and it looked glorious. Never would have achieved this customization with Win
- I was using RDP to remote into my work laptop from my personal desktop setup with Windows and I still successfully do so with Remmina now in Linux
- A week ago I dove deeper and installed Awesome window manager as a UI and mh boy does this feel intimidating at first. But then the allure of having nice window managing experience was too strong, and 15 years of coding do help with just seeing a new language and kinda feeling at home instantly (Lua language for AwesomeWM customization/themes). Fast forward a week and now I'm sitting happily with 3 monitor setup, one of them vertical, all properly auto aligned with arandr on startup, variety+wal for wallpaper auto circling and applying a theme out of main wallpaper colors every so often (+wrote a script to put those main colors into my RGB peripherals via OpenRGB)
- Gaming. I still game, Steam Deck from steam gave me all the confidence to set up Linux gaming that I needed. I think I am now properly versed in all things Wine/Proton/Lutris/Bottles/Heroic Games Launcher, you name it. Recently finished Cyberpunk 2077.
ANYWAY, thank you for coming to my Linux appreciation TED talk. It's amazing.
The most annoying hack I've had to deal with was back when I did IT support, actually. Level 1 call center tech at the time. Apparently someone fell for a phishing email and gave out his outlook credentials. The phisher used that email account to send out another phishing email to roughly 1800 employees.
Security Operations noticed, because this guy's job didn't generally involve sending out mass-communication emails. They investigated, figured out what had happened, and opted for the nuclear option: they reset the password for EVERY SINGLE ACCOUNT that received the email. All 1800 of them. Over the weekend.
I walked into the call center Monday morning and checked the call stats, then did a double-take. There were over 300 people waiting in the queue. I almost left and called in sick. Turns out it wasn't that bad though. Annoying to reset so many passwords and having no downtime due to the full queue, but on the other hand my stats were better that day than any other, since every call was a 5-minute password reset.1
I'm a fullstack engineer, this period there is literally nothing to do, we are a 1000+ employees company.
I got so bored I toke over the database of our production server two times in a week, exploiting dumb vulnerabilities I discovered out of boredom, of course I reported everything.
The funny thing is that they just don't care, no one took action or is willing to fix it and they actually insulted me because I set a query in sleep for 8 minutes exploiting one of the vulnerabilities.
I work for a great company that hosts (in this very server) most italian citizens informations C: free to take for everyone c:7
In a real-time multiplayer competitive game where you control a vehicle, is it feasible to simulate the whole thing on server side, such that the client only sends controls and receives sensor results? I mean like the client doesn't even know its own precise rotation, just the readings of a gyroscope and an accelerometer which are both susceptible to errors, and deduces the "down" direction from those two and approximate control forces. This would both solve hacking (writing a good robot is just as challenging) and lead to fun results like an attitude indicator going crazy from a gust of wind.18
This guy has to be trolling. If not I fear for the future of programming. The whole article suffers from a lack of any understanding of anything.
Reminds me of the post from here where a manager thought making a variable private prevents hacking.21
Today, I Had this wild idea of doing a career 360 into cancer research after earning enough (money and suffering) to leave programming in some years. Can't tell how feasible that'll be, seeing as I have no degree in the field. But it's pretty surprising that none of the bright minds throughout history have given it their best shot without hacking it for good8
For all of youse that ever wanted to try out Common Lisp and do not know where to start (but are interested in getting some knowledge of Common Lisp) I recommend two things:
As an introductory tutorial:
And as your dev environment:
Notice that the dev environment in question is Emacs, regardless of how you might feel about it as a text editor, i can recommend just going through the portacle help that gives you some basic starting points regarding editing. Learn about splitting buffers, evaluating the code you are typing in order for it to appear in the Common Lisp REPL (this one comes with an environment known as SLIME which is very popular in the Lisp world) as well as saving and editing your files.
Portacle is self contained inside of one single directory, so if you by any chance already have an Emacs environment then do not worry, Portacle will not touch any of that. I will admit that as far as I am concerned, Emacs will probably be the biggest hurdle for most people not used to it.
Can I use VS Code? Yes, yes you can, but I am not familiar with setting up a VSCode dev environment for Emacs, or any other environment hat comes close to the live environment that emacs provides for this?
Why the fuck should I try Common Lisp or any Lisp for that matter? You do not have to, I happen to like it a lot and have built applications at work with a different dialect of Lisp known as Clojure which runs in the JVM, do I recommend it? Yeah I do, I love functional programming, Clojure is pretty pure on that (not haskell level imo though, but I am not using Haskell for anything other than academic purposes) and with clojure you get the entire repertoire of Java libraries at your disposal. Moving to Clojure was cake coming from Common Lisp.
Why Common Lisp then if you used Clojure in prod? Mostly historical reasons, I want to just let people know that ANSI Common Lisp has a lot of good things going for it, I selected Clojure since I already knew what I needed from the JVM, and parallelism and concurrency are baked into Clojure, which was a priority. While I could have done the same thing in Common Lisp, I wanted to turn in a deliverable as quickly as possible rather than building the entire thing by myself which would have taken longer (had one week)
Am I getting something out of learning Common Lisp? Depends on you, I am not bringing about the whole "it opens your mind" deal with Lisp dialects as most other people do inside of the community, although I did experience new perspectives as to what programming and a programming language could do, and had fun doing it, maybe you will as well.
Does Lisp stands for Lots of Irritating Superfluous Parentheses or Los in stupid parentheses? Yes, also for Lost of Insidious Silly Parentheses and Lisp is Perfect, use paredit (comes with Portacle) also, Lisp stands for Lisp Is Perfect. None of that List Processing bs, any other definition will do.
Are there any other books? Yes, the famous online text Practical Common Lisp can be easily read online for free, I would recommend the Lisperati tutorial first to get a feel for it since PCL demands more tedious study. There is also Common Lisp a gentle introduction. If you want to go the Clojure route try Clojure for the brave and true.
What about Scheme and the Structure and Interpretation of Computer Programs? Too academic for my taste, and if in Common Lisp you have to do a lot of things on your own, Scheme is a whole other beast. Simple and beautiful really, but I go for practical in terms of Lisp, thus I prefer Common Lisp.
how did you start with Lisp?
I need some inspiration man......show me something? Sure, look for a game called Kandria in youtube, the creator, Shimera (Nicolas Hafner) is an absolute genius in the world of Lisp and a true inspiration. He coded the game in Common Lisp, he is also the person behind portacle. If that were not enough, he might very well also be Shirakumo, another prominent member of the Common Lisp Community.
Ok, you got me, what is the first thing in common lisp that I should try after I install the portacle environment? go to the repl and evaluate this:
(+ 0.1 0.2)
Watch in awe at what you get.
In the truest and original sense of the phrase (MIT based) "happy hacking!"10
So I’m reading this book called Hacking: The art of exploitation and I’ve got to admit. It’s one of my favourite books I’ve read. It really gets into the nitty gritty of how programs are laid out in memory and goes over how assembly works, among some other low level concepts. Highly recommend.1
everything is going as planned! :)
Learned Rust Lang. i loved it (that doesn't mean i am done learning na? No! never stop)
new language i could do game memory hacking in without worrying about C++ memory leaks or issues. it also compiles to assembly! another of my favorite languages!
(i use rust for game development and other stuff)
i am not leaving C / C++ though that would be harsh!,
finished learning the android java api so im basically set anything i want to make i can just go on my pc, listen to music and write it out in a couple of days.
well phazor what are you going to do now?!
i will code till i am old.
i will leave my mark like a shid that made its skid in the bowl :)5
computers are fuckin weird sometimes.
Was just playing some hacking game, where each level is it's own user, acessed by ssh.
And suddenly copy-pasting passwords when prompted doesn't work ...
like, I can paste it in my terminal to see it, it can manually type it ... but I can't paste it into the prompt anymore.
It always worked until today, I could swear that!!
Why not today?3
some of us should start hacking to bring power back to developers again.
Idk why but this morning I was thinking about this high school elective class where we learned Adobe flash. But specifically 2 instances where I ignored the teacher and did my own thing
1. We were using Sprite sheets and he had us use photoshop to cut out the Sprite to a different layer and manually save each Sprite one by one to disk to use in flash. Some sheets had 50 fucking sprites
2. Our final projects we could do anything but he suggested not doing anything too complicated cause of time constraints and he barely taught is the scrptinh language for Adobe flash so making flash games was almost out of the question.
Me being stupid really wanted to make a working pong game. So I spent too long watching a German (i dont know German) tutorial video I found, and troubleshooting outdated code from that video. And improving things where I could with my limited knowledge made worse cause I wasn't interested in programming and didn't start learning python until the following year
Yeah don't know why I was thinking about those. But I feel it's a good perspective on how far I've come. From hacking together a pong clone with no skills, to being hired to automate and optimize processes and legacy projects
I was just wondering if anyone knows of a software that does for files on a server what dropbox does for files in the cloud. A search interface, moving files around, copy pasting etc..
I'm just using nginx's autoindex at the moment with an authentication layer but I was hoping to get a nice gui with search capabilities and copy paste, potentially share file, etc..
Kind regards and keep on hacking.6
I am very confused nowadays, exist a great number technologies but i don't decide what technology or language of programming i want specialize me.
I love it the hacking but i have very little experience in programming and have a basic knowdledge in networks and database.
I love it the assembly language but only can code a pair of syntax in this language and know very little about components, architecture and the rest.
I love it the data mining, big data, IA, machine learning but i don't control the statistic.
Of every topics i have a basic knowdlege.
Actually i try to discover my practicality. I am learning Perl and regular expressions.5
Get to know the new company better (Changed job shortly before Christmas).
Learn some DPs, DDD, k8s, finish introduction to hacking course, start doing htb and thm machines, finish and defend my thesis, finish books clean code, thinking in java (reading it to fill in gaps on knowledge), a few books about pentesting.
Among non tech goals: pass drivers license exam for cars, another one for motorcycles, go back to learning russian.
Y does it seem to be hard to get a real book for hacking online?.
Someone should please recommend a place and a book?.8