Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
I fucking love people like this.
Yesterday I met a 'friend' who I hadn't seen in a very long time. Just a guy I used to know tbh but let's call him Friend anyway. After a while in the conversation this happened...
*Friend doesn't know I have a degree in CS*
Friend: "WHAT?? YOU LIKE PROGRAMMING? NO WAY! ME TOO!"
Me: "THAT'S AWESOME! You've been programming for long?"
Friend: "A little over a year now. I know almost all languages now. C++, C#, Python, Java and HTML. Still a couple left to go. Once you're on the level I achieved programming becomes really, really easy. How long have you been programming?"
Me: "Almost a decade now"
Friend: "Damn dude you must know all languages by now I suppose?"
Me: "I've been mainly doing C++ so not really haha"
Friend: "I can always help when you're struggling with one language. C++ is pretty easy tbh. You should learn others too btw. HTML for example is pretty important because you can program websites with it"
Me: "Yeah... Thanks... So... What project are you working on right now?"
Friend: "I'm making a register page for my very own forum. The only problem I have is that PHP won't save the login details"
Me: "Hahaha I know the feeling. MySQL?"
Friend: "What?"
Me: "What do you use to save your data"
Friend: "Just a txt file. It's easier that way."
Me: "Hahaha true. Who needs safety right? *smiles*"
Friend: "Actually it's 100% safe because only I can see the txt file so other people can not hack other users."
Me: "Yes! That's great! Cya!"
Friend: "I'm working on a mmorpg too btw! I can learn you to make games if you want. Just call me. Here's my number"
Me: "Alright... Thanks... Bye!"
*Arrives at home*
*Deletes number*
I do not make this up.
I can understand that someone who isn't in the CS industry doesn't take it too seriously and gets hyped when their "Hello World" program works.
I'm fine with that.
The thing that really triggers me is big headed ass holes like this. Like how much more like a absolute dickhead could you possibly more act? Fucking hate people like that.32 -
Hacker uses windows media player to hack into police database....
//Happens only in Indian movies
PS : don't try it at home.
22 -
Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜
Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.
First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.
Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.
Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.
Dealing with attacks and getting hacked.
Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.
linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)
How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!
One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)
Dealing with different kinds of attacks:
Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.
So yah, hereby :P39 -
This isn't really a hacking story but it does remind me of something I did as "revenge."
In middle school, this one fool kept bullying me. Always tried to harm me, always tried to insult me, always tried to make me fall during PE.
I hated him a lot, so instead of trying to kill him as planned, I did a harmless little keylogger prank thing.
I installed a keylogger on the school's laptop before class. (I did it during break, and when class started, I placed it on his desk.)
He took the bait, and instead of doing work, he logged onto his social media accounts. Now I had his passwords and everything.
When I went home, I logged onto his social media. I checked his messages so I can get some dirt on him, didn't find much except for the fact he snuck out a few times, and smoked before.
I changed his profile picture to some cringy anime thing and messaged one of his friends (the one who always copied my test answers in History and would steal my homework) and I said, "tell --- that if he doesn't stop being an asshole, I'll do worse than "hack" his social media."
It freaked them both out a bit, but didn't change their behavior, which is a shame because my threat was empty. It's not like I was able to do anything more than that in middle school. To this day, they still have no idea who did that.
This was about 4 years ago.16 -
Seven months ago:
===============
Project Manager: - "Guys, we need to make this brand new ProjectX, here are the specs. What do you think?"
Bored Old Lead: - "I was going to resign this week but you've convinced me, this is a challenge, I never worked with this stack, I'm staying! I'll gladly play with this framework I never used before, it seems to work with this libA I can use here and this libB that I can use here! Such fun!"
Project Manager: - "Awesome! I'm counting on you!"
Six months ago:
====================
Cprn: - "So this part you asked me to implement is tons of work due to the way you're using libA. I really don't think we need it here. We could use a more common approach."
Bored Old Lead: - "No, I already rewrote parts of libB to work with libA, we're keeping it. Just do what's needed."
Cprn: - "Really? Oh, I see. It solves this one issue I'm having at least. Did you push the changes upstream?"
Bored Old Lead: - "No, nobody uses it like that, people don't need it."
Cprn: - "Wait... What? Then why did you even *think* about using those two libs together? It makes no sense."
Bored Old Lead: - "Come on, it's a challenge! Read it! Understand it! It'll make you a better coder!"
Four months ago:
==============
Cprn: - "That version of the framework you used is loosing support next month. We really should update."
Bored Old Lead: - "Yeah, we can't. I changed some core framework mechanics and the patches won't work with the new version. I'd have to rewrite these."
Cprn: - "Please do?"
Bored Old Lead: - "Nah, it's a waste of time! We're not updating!"
Three months ago:
===============
Bored Old Lead: - "The code you committed doesn't pass the tests."
Cprn: - "I just run it on my working copy and everything passes."
Bored Old Lead: - "Doesn't work on mine."
Cprn: - "Let me take a look... Ah! Here you go! You've misused these two options in the framework config for your dev environment."
Bored Old Lead: - "No, I had to hack them like that to work with libB."
Cprn: - "But the new framework version already brings everything we need from libB. We could just update and drop it."
Bored Old Lead: - "No! Can't update, remember?"
Last Friday:
=========
Bored Old Lead: - "You need to rewrite these tests. They work really slow. Two hours to pass all."
Cprn: - "What..? How come? I just run them on revision from this morning and all passed in a minute."
Bored Old Lead: - "Pull the changes and try again. I changed few input dataset objects and then copied results from error messages to assertions to make the tests pass and now it takes two hours. I've narrowed it to those weird tests here."
Cprn: - "Yeah, all of those use ORM. Maybe it's something with the model?"
Bored Old Lead: - "No, all is fine with the model. I was just there rewriting the way framework maps data types to accommodate for my new type that's really just an enum but I made it into a special custom object that needs special custom handling in the ORM. I haven't noticed any issues."
Cprn: - "What!? This makes *zero* sense! You're rewriting vendor code and expect everything to just work!? You're using libs that aren't designed to work together in production code because you wanted a challenge!?? And when everything blows up you're blaming my test code that you're feeding with incorrect dataset!??? See you on Monday, I'm going home! *door slam*"
Today:
=====
Project Manager: - "Cprn, Bored Old Lead left on Friday. He said he can't work with you. You're responsible for Project X now."24 -
The first time I decided to hack around a bit:D
One of my teachers made a quiz software, which is only used by him(his lectures are about databases), and it is highly unsecure. When I heard that it is written in C# I decided to look in it's source code. The biggest problem I ran into: this program is only available on the computers in his classroom, and he monitors the computers display. However, I successfully put it into my pendrive without getting caught.
So when I got home, I just had to use a .NET decompiler(in this case: dotPeek) to get the fully functional source code. The basic function of the program was to download a quiz from his database server, and when it was finished, grade it client-side. Than, I realized how bad it was: It contains the number of questions, the number of correct and incorrect answers.
I've just made a modified .exe, which contained really little modification(like correctAnswers=maxQuestions, incorrectAnswers=0). Everything looks the same, you just have to click over it, and everytime it will return with 100%.
And the bonus: The program connects to the database as a user with root access, and without password. I was able to log in, download(dropping was available too, but didn't try) databases(with all the answers) and so on.
Never had to use it though, it was just a sort-of experience gaining.:)6 -
Worst thing you've seen another dev do? So many things. Here is one...
Lead web developer had in the root of their web application config.txt (ex. http://OurPublicSite/config.txt) that contained passwords because they felt the web.config was not secure enough. Any/all applications off of the root could access the file to retrieve their credentials (sql server logins, network share passwords, etc)
When I pointed out the security flaw, the developer accused me of 'hacking' the site.
I get called into the vice-president's office which he was 'deeply concerned' about my ethical behavior and if we needed to make any personnel adjustments (grown-up speak for "Do I need to fire you over this?")
Me:"I didn't hack anything. You can navigate directly to the text file using any browser."
Dev: "Directory browsing is denied on the root folder, so you hacked something to get there."
Me: "No, I knew the name of the file so I was able to access it just like any other file."
Dev: "That is only because you have admin permissions. Normal people wouldn't have access"
Me: "I could access it from my home computer"
Dev:"BECAUSE YOU HAVE ADMIN PERMISSIONS!"
Me: "On my personal laptop where I never had to login?"
VP: "What? You mean ...no....please tell me I heard that wrong."
Dev: "No..no...its secure....no one can access that file."
<click..click>
VP: "Hmmm...I can see the system administration password right here. This is unacceptable."
Dev: "Only because your an admin too."
VP: "I'll head home over lunch and try this out on my laptop...oh wait...I left it on...I can remote into it from here"
<click..click..click..click>
VP: "OMG...there it is. That account has access to everything."
<in an almost panic>
Dev: "Only because it's you...you are an admin...that's what I'm trying to say."
Me: "That is not how our public web site works."
VP: "Thank you, but Adam and I need to discuss the next course of action. You two may go."
<Adam is her boss>
Not even 5 minutes later a company wide email was sent from Adam..
"I would like to thank <Dev> for finding and fixing the security flaw that was exposed on our site. She did a great job in securing our customer data and a great asset to our team. If you see <Dev> in the hallway, be sure to give her a big thank you!"
The "fix"? She moved the text file from the root to the bin directory, where technically, the file was no longer publicly visible.
That 'pattern' was used heavily until she was promoted to upper management and the younger webdev bucks (and does) felt storing admin-level passwords was unethical and found more secure ways to authenticate.5 -
!rant
The change log from notepad++ update. The last paragraph is the cream!
" The issue of a hijacked DLL concerns scilexer.dll (needed by Notepad++) on a compromised PC, which is replaced by a modified scilexer.dll built by the CIA. When Notepad++ is launched, the modified scilexer.dll is loaded instead of the original one.
It doesn't mean that CIA is interested in your coding skill or in your sex message content typed in Notepad++, but rather it prevents raising any red flags while the DLL does data collection in the background.
It's not a vulnerability/security issue in Notepad++, but for remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it. If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch.
Checking the certificate of DLL makes it harder to hack. Note that once users’ PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.
Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately. "2 -
After a long wait of 8 months, C.H.I.P the 8$ headless computer finally arrived. And since I have already made something like a cheap hack of siri(I call it dyna and it lets me control my laptop with voice), I am going to automate the f*** out of my home!!!7
-
1 - Please hack his/her facebook account for me.
2 - (at home) I used to block wifi access by mac filtering and if there's legit server down and wifi isn't working, everyone blames me.
(I am freelancer and mostly work from home)
3 - almost all of my relatives think I don't work.
4 - I am first choice for everyone's phone, PC and hardware repair.
This one is classic
GET A REAL JOB, you need to go out in the field for work.5 -
So probably about a decade ago at this point I was working for free for a friend's start-up hosting company. He had rented out a high-end server in some data center and sold out virtualized chunks to clients.
This is back when you had only a few options for running virtual servers, but the market was taking off like a bat out of hell. In our case, we used User-Mode Linux (UML).
UML is essentially a kernel hack that lets you run the kernel in user space. That alone helps keep things separate or jailed. I'm pretty sure some of you can shed more light on it, but that's as I understood it at the time and I wasn't too shabby at hacking the kernel when we'd have driver issues.
Anyway, one of the ways my friend would on-board someone was to generate a new disk image file, mount it, and then chroot to that mount path. He'd basically use a stock image to do this and then wipe it out before putting it live.
I'm not sure exactly what he was doing at the time, but I got a panicked message on New Years Day saying that he had deleted everything. By everything, he had done an rm -fr /home as root on what he had thought was the root of a drive image.
It wasn't an image. It was the host server.
In the stoke of a single command, all user data was lost. We were pretty much screwed, but I have a knack for not giving up - so I spent a ton of time investigating linux file recovery.
Fun fact about UML - since the kernel runs in user space as a regular ol' process, anything it opens is attached to that process. I had noticed that while the files were "gone", I could still see disk usage. I ended up finding the images attached to their file pointers associated with each running kernel - and thankfully all customers were running at the time.
The next part was crazy, and I still think is crazy. I don't remember the command, but I had to essentially copy the image from the referenced path into a new image file, then shutdown the kernel and power it back on from the new image. We had configs all set aside, so that was easy. When it finally worked I was floored.
Rinse and repeat, I managed to drag every last missing bit out of /proc - with the only side effect being that all MySQL databases needed to be cleaned up.3 -
I miss old times rants...So i guess, here it goes mine:
Tomorrow is the day of the first demo to our client of a "forward-looking project" which is totally fucked up, because our "Technical Quality Assurance" - basically a developer from the '90-s, who gained the position by "he is a good guy from my last company where we worked together on sum old legacy project...".
He fucked up our marvellous, loose coupling, publish/subscribe microservice architecture, which was meant to replace an old, un-maintainable enormous monolitch app. Basically we have to replace some old-ass db stored functions.
Everyone was on our side, even the sysadmins were on our side, and he just walked in the conversation, and said: No, i don't like it, 'cause it's not clear how it would even work... Make it an RPC without loose coupling with the good-old common lib pattern, which made it now (it's the 4th 2 week/sprint, and it is a dependency hell). I could go on day and night about his "awesome ideas", and all the lovely e-mails and pull request comments... But back to business
So tomorrow is the demo. The client side project manager accidentally invited EVERYONE to this, even fucking CIO, legal department, all the designers... so yeah... pretty nice couple of swallowed company...
Today was a day, when my lead colleague just simply stayed home, to be more productive, our companys project manager had to work on other prjects, and can't help, and all the 3 other prject members were thinking it is important to interrupt me frequently...
I have to install our projects which is not even had a heart beat... not even on developer machines. Ok it is not a reeeeaaally big thing, but it is 6 MS from which 2 not even building because of tight coupling fucktard bitch..., But ok, i mean, i do my best, and make it work for the first time ever... I worked like 10 ours, just on the first fucking app to build, and deploy, run on the server, connect to db and rabbit mq... 10 FUCKING HOURS!!! (sorry, i mean) and it all was about 1, i mean ONE FUCKING LINE!
Let me explain: spring boot amqp with SSL was never tested before this time. I searched everything i could tought about, what could cause "Connection reset"... Yeah... not so helpful error message... I even have to "hack" into the demo server to test the keystore-truststore at localhost... and all the fucking configs, user names, urls, everything was correct... But one fucking line was missing...
EXCEPT ONE FUCKING LINE:
spring.rabbitmq.ssl.enabled=false # Whether to enable SSL support.
This little bitch took me 6 hours to figure out...so please guys, learn from my fault and check the spring boot appendix for default application properties, if everything is correct, but it is not working...
And of course, if you want SSL then ENABLE it...
spring.rabbitmq.ssl.enabled=true
BTW i really miss those old rants from angry devs, and i hope someone will smile on my fucking torture5 -
Really fed up with my colleague and possibly my job. Am starting to doubt am cut out to be a developer
Am a junior java dev , been working working for this company for about 2 years now. Although they hired me to be a java dev, they pretty much exclusively had me working on JavaScript crap because none of the other more senior devs wanted to do even so much as poke JS with a long stick....
Oh and the salary was crap but i figured since i had barely 3 years of exp i thought i would stick with it for a while
But a few months ago after seeing other opportunities I got fed up and threatened to quit , already started interviewing etc
Got an offer, not exactly what i wanted but better than where i was. Went to quit but they freaked out and started throwing money at me. They matched and exceed the other salary and promised to addressed the issues that made me want to leave. Ie get me to work more on the java side of the project and have me work with someone more senior who could sort of mentor me, i had been working semi solo on the js shit till then...
The problem is that my supposed mentor is selfish prick... he is the sort of guy who comes in real early, basically he goes to early morning prayer then come in at some ungodly hour and fuckoff home around 3pm
He does all his work early morning then spends the rest of the day with his headphones on stealthily watching youtube, amazon, watching cricket, reading about Palestine , how oppressed muslims are or building a website for some mosque.
I asked him to let me sit with him so that I could just learn how this or that part of the sys worked , he agreed then the very next day comes in and does all the work before i get in at 9 , i asked him how he did it and he tells me oh just read the code.
Its not as simple as that, out codebase is an old pile of non standard legacy dog shit. Nothing works as it should, i tried to go through documentation online for the various stuff we use , but invariably get stuck when i try the usual approach because it turns out the original devs had essentially done a lot of custom hacks and cowboy coding to get stuff working, they screwed around with some of the framework jars & edited libraries to get stuff to work, resulting in some really weird OSGI errors.
My point is that i cant really just "read the code" or google ...
I gotta know a bit more what was actually modified and a lot of this knowledge isn't fucking documented, theres a lot of " ohhh that weird bug yeah yeah that happens cuz x did this hack some years ago to fix this issue and we kinda built on it, yeah we weren't supposed to do that but heyyy what u gonna do, just do this or that instead"
I was asked to set up a web service to export something, since thats his area of expertise and he is suppose to be teaching me the ropes, i asked him to explain where i should start and what would the general workflow be, his response is to tell me to just copy the IMPORT service and rename it to export then "just do it um change it or something" very helpful indeed (building enterprise application here nothing complex at all!!)
He sits right next to me so i can see how much works he actually does, i know when he just idly sitting there so thats when i ask him questions, he always has his earphones on so each time i gotta find a way to get his attention with a poke or a wave, he will give a heavy sigh and a weary look as he removes his headphones, listen to my question then give me the shortest answer possible before IMMEDIATELY turning away and putting his headphones on as fast as possible regardless of whether I actually understood or even heard what he said. If i ask another question ( am talking like an immediate follow up question for a clarification or something) he will
Do the whole sigh + tired look routing to make me know yeah you are disturbing me. ( god was so happy the day he accidentally sat on and broke them)
Yesterday i caught a glance at his screen as i was sitting down and i think he and another dev were talking about me
That am slow with my work and take forever to get into gear.
Starting to have doubts about my own ability n wether am really cut out to be a developer. I know i can work hard but its impossible to do so when you have no clue where to start and unable to look it up since all the custom hacks doesn't really allow any frame of reference.
Feels like am being handicapped and mocked, yesterday i just picked up my gear n left the office.
I never talk ill about my colleagues, whenever i have a 121 with my mgr i always all is fine, x n y are really helpful etc
I tried to indirectly tell my other colleague about this guy, he told me that guy had kinda mentally checked out of this job and was just going through on auto pilot and just laughed it off (they have been working together for almost a decade and a buddies) my other colleague is pretty nice but he usually swamped with work so i feel bad to trouble him.
Am really Fed up with it all7 -
You build a system to integrate into an API to save the client hours of data-entry per day and reducing the number of fields needed to be filled manually by 75% and querying for the rest of the data and filling in the blanks. It took weeks of building and researching and bug fixing and when you're finally done the client looks at you unimpressed.
The same client gets a small piece of js that gets users location(by ip address) and uses it to customize a hello message on the home page and they think 'yer a wizard, Harry!' and jump for joy over the "cool factor" of this simple hack. -
TL:DR
Why do so shitty "API"s exist that are even harder to write than proper ones? D:
Trying to hack my venilation at home.
This API is so horrible D:
The API is only based on POST requests no matter if you want to write values or get values and the response only contains XML with cryptic values like:
<?xml version="1.0" encoding="UTF-8"?>
<PARAMETER>
<LANG>de</LANG>
<ID>v01306</ID>
<VA>00011100000000000000000010000001</VA>
<ID>v00024</ID>
<VA>0</VA>
<ID>v00033</ID>
<VA>2</VA>
<ID>v00037</ID>
<VA>0</VA>
Also there are multiple API routes like
POST /data/werte1.xml
POST /data/werte2.xml
POST /data/werte3.xml
POST /data/werte4.xml
And actually the real API route is only given in the request body and not in the path.
Why is this so shitty? D:<
Btw in terms of security this is also top notch. It just globally saves if one computer sends the login password.
I mean why even ask for a password then? D:
That made me end up with a cronjob to send a login request so I don't have to login on any device.
PS:
You see, great piece of German engineering.3 -
You ever can't figure out how to do something elegantly during the day, end up with a weird hack. But then when you are home and are lying on the couch browsing memes the perfect solution pops into your head?
Companies should give us thinking couches where you can slack off waiting for the idea.4 -
Common misconception is that low efficiency technologies (react native, in this case) are completely useless. That is not true at all. Im building a smart home, and yes i want a mobile app, but 90% is just requests to endpoints, so its way simpler to just copy paste some buttons inside a js file than do it properly with native. Would i use it in prod? Fuck no. Would i hack together a bunch of buttons? Fuck yes.8
-
Widget "hack" in secondary.
When I was around 13 or 14 I was enrolled at a public school in the UK. In an effort to try be eco friendly, the students and a IT technicain teamed up to try and create a widget that would track the consumption of printer credit used by all users (staff and students).
At first, I was just playing around with the homepage source code but eventually noticed the widget had separate code within the page.
Because all of the computers were interconnected, I grabbed the source code of the home page and put it into a notepad editor.
I used the intranet to look up staff names and student login usernames. I replaced my user ID with several staff members.
Boom, I could see how much paper they had used, how much they owed the library etc. May not be as impressive as others exploits but some staff were in debt by hundreds and never paid back a penny.
Hope you liked my story.2 -
Years ago I was working in local cinema as a student job from time to time and used to sleep after shifts at my uncle's. Uncle did not had internet but there were so many wlans all around. Since I had nothing to do for hours after shift, I downloaded Backtrack linux at home, made live dvd of it and saved a two articles of "how to hack wifi" to text files.
It took me 4 hours to break WEP, since I was total lame, and it was the only one WEP around. They also had mac restrictions set to router, so I changed my mac address to one of their devices, logged in to router and added our mac address. For my uncle it was complete magic but since he is total geek to linux he liked it.
Fast forward weeks later. When I came to my uncle's house he was downloading like ton of linux distributions. Literally each one. Gigabytes of data. I told him not to do so because sooner or later neighbour will notice, but he did not care. Guess what, he notices, probably slow internet and (maybe) bigger bills, I do not know, but owner just changed protocol to WPA2, not changing password. So the story continued for almost 2 years. Felt a bit sorry for neighbour but did not expect such an outcome. I just wanted to watch youtube videos and scroll social networks, keeping low profile so no one notice.1 -
people with 8+ years of work from office experience, is 9-6 the only truth of work life? today in sprint planning, our manager suggested assigning 81 hours of tickets in a 2 week sprint and when a lot of us had 60-65 hours of work he was like "ehh it seems less . junior mgr , look into the softwares and create more tickets"
2 week sprint is 9 days +1 day for sprint planning + 2 sat Sunday 🥲 . additionally it takes me arohnd 2 hours to reach home so i try to get out by 5 pm and everyone starts staring at me. as am a bad example, i will probably be hearing from my manager in future about this.
need some tips on handling a stable work-office life. i am a covid graduate so i have seen a great wlb in work from home but its a true reality that for mext 30 years , the chances to work from home for more than 5 cumulative years is next to 0. so need a permanent office hack.
i don't think buttering boss's ass is a reliable solution . i just wanna be back at home by 7, do some workout, roam in car/watch series/work on hobby project (aka relaxing) eat and die on my bed for next day's horrific life11 -
So just babbling my shit down here.
(Tldr : i am a crazy guy who followed my half slept brain, went onto a stage , gave some kind of motivating , stammering talk to a large group of professional strangers, enjoyed that day with a red embarrassed face and just got my first pic of me speaking on stage and that is so awesome !)
Last Saturday i went to a gdg meetup and i embarrassed the hell out of me.
I went there with just 2 hours of sleep from the previous night.
After a few talks there comes a guy who is taking some time to install is setup and the host calls for lightning round session ( ie he asks if anyone from the audience would like to share something about their product or something).
I am a fucking nutt guy. I can explain something to you nicely in a hacky way as long as i have done enough work on that and you speak my native language.
But giving a talk on English stage, hell no! I stammer, mix hindi with English and start speaking werd shit.. And that's what happened.
I don't know what went into me but as some guy went to the stage and talked for 2 mins, i was like yeah i want to do that too. So in next turn when he asked for a show of hands, i raised mine and fucking went to stage!
I forgot that if you go on stage you should have something to talk to . But the moment i was on stage, i was like... "Nope, we will do this differently".
I had been working on a video ads module from the last week which could be easily explained in 2 mins. But i felt like giving a non techy talk instead.
It went something like this: i introduced myself with my experience details ( who gives experience details on stage !?!) Then host said to speak loudly and i went like "Bharat mata ki jai!"( Victory to mother india (wtf!?😆) .
Then started talking about how the developers feel disheartened when searching on internet where the resources are scattered . And the solution i told them was :"don't be disheartened. You will eventually find it (like wow dude wtf, as if they didn't knew that) . Look on the youtube and other resources " and then went full on explaining/marketing about some online tutor who gives advice/consultancy via a subscription based payment ( tbf that guy really helped solve a lot of my doubts, he has written books on Android dev and is the top so answerer for Android).
Then i went on sharing my thoughts live on that fuckin stage ! ( Live because i usually post my thoughts here on devrant before discussing them out with real people, you guys are my safe space) but there i discussed my thoughts on libraries!
I have this believe that Android devs these days are having lesser knowledge of the system because we have all the libraries and templates available to us. But when we have to customize stuff, we need to go deep into docs and source classes and find ourselves in trouble there. So i kind of said this out loud and that we should try to read more the code and implement stuff ourselves instead of using the library 😅🙈)
I was feeling so fucking embarrassing after that all stuff! It was so full of stammering , broken English and worst attempt at motivation. At that time i was regretting this and about to burst cry and run away, but somehow i gathered my self, got my mood back to the event games and talks, later went to the organizers and apologized(and they were very nice and didn't cared about it), and overall enjoyed my weirdest day!
When i came home, my mom gave me a little more confidence about it. Now i think i shouldn't be that much instinctive. Next day i went hack to work and everything got normal.
But Yesterday i found a link to the public repository of the photos. Ohh fuck, someone had took my image! and that was too in full hd!!! 🙈🙈🙈😅😆😆 Oh mann I can't stop looking at that cool stage speaker image, i love it ! I, the shy-est and the most uncool awkward person , present on the stage with a mike, oof , i think i lived my dream !
I hope i could get enough confidence and speaking skills to take a real stage talk next time ( and maybe enough interesting talks and confidence to talk with girls of our office, ¯\_(ツ)_/¯ )5 -
Home hack
Made a stylus with Reynolds butterflow and ear bud.
Just have to slightly moisten the ear bud.
And have to maintain contact with the silver part of the nib cover.
4 -
Insufficient food which caused many of us to go out to find some. Unfortunately most shops are closed on weekends and I ended up went home and continued my hack at home.
-
A few friends and I on our way home from a hackathon:
Lady at the door of the airplane:
*sees our hack the north lanyards*
Lady: "Oh where are we coming from? Hack the North? That means if we have any wifi problems onboard you can help us out right?
Us: ... suuureee2 -
Early on in my freelancing career I learned something important. Even with seemingly tame nerdy stuff, sh*t can get real, real quick. This story describes the very start of my career in web development and hopefully will serve as a warning to newbies out there.
A young teen, I had just learned some basics of wordpress, I was confident I could hack together something that worked and looked okay with minimal effort and knowledge. One day I was approached by a guy who wanted a job board board site. Knowing there were already clones out there I figured this would be an easy gig, man was I wrong.
In addition to the fact I didn't know about contracts or the scope creep from hell, I had somehow gotten myself involved with a criminal business front.
These guys operated a scam business to rip off investors. Me and my designer buddy were used to make the business look legit. What they would do is hold job fairs where people are supposed to pay to rent a booth, but instead they would give everyone a booth for free and then lie about what all businesses were coming. They would then show this info, along with the website and marketing materials to investors. They would take the money from the investors and launder it for drugs.
The real story starts the day of one of the worst hangovers I had ever had. I was at a random friends house sleeping for most of the day.
Apparently one of the guys who was operating the scam business was about to strike a deal with one of the investors when something on the website didn't work (it was working as designed). This guy, Manny we'll call him, had been blowing up my phone all morning. I check my voicemails and there are threats on my life; saying I will be sleeping with the fishes, or if they ever find me, they'll fuck me up. Needless to say this really freaked me out, either way I decided to head back to my dorm.
When I come back home, my designer buddy tells me that some guys were in the house looking for stuff. Apparently this guy hired two nerds to "break into my computer and steal the website", fortunately they didn't know what they were doing.
After a while I got another call, Manny wanted to sit down and "talk things out". Being naive I accepted and we met up. The two nerds were there with one of his body guards. He said he wanted to have those two nerds take over the project. While this was going on, his bodyguard flashed his gun at me several times making eye contact. I agreed to, but I still wanted to get paid. I asked about getting paid and he said we never signed a contract and that he owned the host and domain. I was pretty much screwed.
This is where the story should end, but I wasn't a very smart guy back then. I gave up the site but I created a back door into it. Every week or so, they would get "hacked". Because the two nerds didn't know what to do, they ended up coming back to me for help. This is when I finally got paid. Totally not worth it. -
fuck.. FUCK FUCK FUCK!!!
I'mma fakin EXPLODE!
It was supposed to be a week, maybe two weeks long gig MAX. Now I'm on my 3rd (or 4th) week and still got plenty on my plate. I'm freaking STRESSED. Yelling at people for no reason, just because they interrupt my train of thought, raise a hand, walk by, breathe, stay quiet or simply are.
FUCK!
Pressure from all the fronts, and no time to rest. Sleeping 3-5 hours, falling asleep with this nonsense and breaking the day with it too.
And now I'm fucking FINALLY CLOSE, I can see the light at the end of the tunne<<<<<TTTOOOOOOOOOOOOOTTTTT>>>>>>>
All that was left was to finish up configuring a firewall and set up alerting. I got storage sorted out, customized a CSI provider to make it work across the cluster, raised, idk, a gazillion issues in GH in various repositories I depend on, practically debugged their issues and reported them.
Today I'm on firewall. Liason with the client is pressured by the client bcz I'm already overdue. He propagates that pressure on to me. I have work. I have family, I have this side gig. I have people nagging me to rest. I have other commitments (you know.. eating (I practically finish my meal in under 3 minutes; incl. the 2min in the µ-wave), shitting (I plan it ahead so I could google issues on my phone while there), etc.)
A fucking firewall was left... I configured it as it should be, and... the cluster stopped...clustering. inter-node comms stopped. `lsof` shows that for some reason nodes are accessing LAN IPs through their WAN NIC (go figure!!!) -- that's why they don't work!!
Sooo.. my colleagues suggest me to make it faster/quicker and more secure -- disable public IPs and use a private LB. I spent this whole day trying to implement it. I set up bastion hosts, managed to hack private SSH key into them upon setup, FINALLY managed to make ssh work and the user_data script to trigger, only to find out that...
~]# ping 1.1.1.1
ping: connect: Network is unreachable
~]#
... there's no nat.
THERE"S NO FUCKING NAT!!!
HOW CAN THERE BE NO NAT!?!?!????? MY HOME LAPTOP HAS A NAT, MY PHONE HAS A NAT, EVEN MY CAT HAS A MOTHER HUGGING NAT, AND THIS FUCKING INFRA HAS NO FUCKING NAT???????????????????????
ALready under loads of pressure, and the whole day is wasted. And now I'll be spending time to fucking UNDO everything I did today. Not try something new. But UNDO. And hour or more for just that...
I don't usually drink, but recently that bottom shelf bottle of Captain Morgan that smells and tastes like a bottle of medical spirit starts to feel very tempting.
Soo.. how's your day2 -
Rant and opinions wanted. Its a long one.
I have been working on a project for a month and a half. For the first week I was requesting designs that I got about 2 of out of 15. For the next week and a half the designer was on holiday so I couldn't do anything but delivered a few more designs once he got back.
This takes us 2 weeks in already. I have other things to do as well so at the same time I work on support tickets and some bespoke development coming in.
I get given 2 or 3 more designs and can't get anything else out of the designer after waiting a week so I have to design everything myself as I go and build it. Something I have never done before.
We are now 3 and a half weeks in. My boss randomly tells my pm it needs to be demo ready the next day. I work furiously to hack something together. It works but key functionality is missing.
I move house and work from home for a week and a half. I do my best but the project is full of bugs and the CSS is horrible because I didn't know what I was making at any stage. It is therefore CSS rules repeated in IDs everywhere.
My colleagues join me on the project because my boss has decided to try and sell it tomorrow.
They run through it and find all the bugs left from me working furiously to get things done quickly. Things like no search pagination and missing validation.
My boss is now pisses at me because the project is not finished, my colleagues are now all working on it. Throughout it all he knew the designer was not delivering me anything and that I was struggling.
Am I in the wrong for writing shit code that came about because I was coding with no idea of what the finished project should look like? Is he in the wrong for dumping this on me and just letting me get on with it even though he knew there were no designs?
Btw I am just finishing a 1 year internship and before this have never done web dev before.
Discuss.7 -
Stayed for the hack-a-ton last night. Had so much fun! And everybody actually came up with a working product in a couple of hours. Amazing :).
Too bad the initiator of the whole thing went home early. Doesn't really show interest. -
Need some advise from all you clever devs out there.
When I finished uni I worked for a year at a good company but ultimately I was bored by the topic.
I got a new job at a place that was run by a Hitler wannabee that didn't want to do anything properly including writing tests and any time I improved an area or wrote a test would take me aside to have a go so I quit after 3 months.
Getti g a new job was not that hard but being at companies for short stints was a big issue.
My new job I've been here 3 months again but the code base is a shit hole, no standardisation, no one knows anything about industry standards, no tests again, pull requests that are in name only as clearly broken areas that you comment on get ignored so you might as well not bother, fake agile where all user stories are not user stories and we just lie every sprint about what we finished, no estimates and so forth, and a code base that is such a piece of shit that to add a new feature you have to hack every time. The project only started a few months back.
For instance we were implementing permissions and roles. My team lead does the table design. I spent 4 hours trying to convince him it was not fit for purpose and now we have spent a month on this area and we can't even enforce the permissions on the backend so basically they don't exist. This is the tip of the iceberg as this shit happens constantly and the worst thing is even though I say there is a problem we just ignore it so the app will always be insecure.
None of the team knows angular or wants to learn but all our apps use angular..
These are just examples, there is a lot more problems right from agile being run by people that don't understand agile to sending database entities instead of view models to client apps, but not all as some use view models so we just duplicate all the api controllers.
Our angular apps are a huge mess now because I have to keep hacking them since the backend is wrong.
We have a huge architectural problem that will set us back 1 month as we won't be able to actually access functionality and we need to release in 3 months, their solution even understanding my point fully is to ignore it. Legit.
The worst thing is that although my team is not dumb, if you try to explain this stuff to them they either just don't understand what you are saying or don't care.
With all that said I don't think they are even aware of these issues somehow so I dont think it's on purpose, and I do like the people and company, but I have reached the point that I don't give a shit anymore if something is wrong as its just so much easier to stay silent and makes no difference anyway.
I get paid very well, it's close to home and I actually learn a lot since their skill level is so low I have to pick up the slack and do all kinds of things I've never done much of like release management or database optimisation and I like that.
Would you leave and get a new job? -
I took a career transition last year and I'm starting to question my decision. I'm stuck.
I've only learned to hack shit together in my past jobs (except one freelance project where I pretty much learned most of what I now properly know), exposing me to bad practices. To make it worse, I lack fundamentals and basics so can't even write JavaScript beyond for loops without documentations.
Lately I've been pushed to take charge in structuring a project from scratch. I failed at understanding what exactly Webpack does mainly because it required knowledge of web modules which I still find elusive. I make time to learn basics in the evening or weekends but most of the time I'm taking home the internship work project that I, again, just need to hack shit together, depleting my energy by the end of day.
Now I'm at the stage where I need money, for which I'm thinking of applying for waitressing or entry-level marketing jobs. I'm shit scared that I'll never break into the industry and will just end up living day by day feeling unfulfilled.
I'm so tired of trying.2 -
1. Those who can't hack it in this industry to accept it, move on, and learn something else
2. New internet scripting language that's not Javascript or based on the same
3. A job near home3 -
Expert Crypto Recovery Services -Trusted Partner in Crypto Recovery″Digital Hack Recovery″
The screen dimmed as I stared blankly at the zero balance in my wallet. That night, I wasn’t just broke, I was shattered. I had invested every ounce of my savings and trust into a foreign crypto platform promising unparalleled returns. They appeared very legitimate, but overnight, the facade crumbled, and so did my finances. The following days were a blur. Their website had vanished, emails bounced, and the contact numbers were disconnected. Anger surged, followed by a chilling realization: I had been scammed. My savings, the money I had worked for tirelessly as a graphic designer over eight years, was gone. My closest friend urged me to move on and learn from it, but how could I? Every dime represented long nights, missed vacations, and a promise to myself to buy my parents a home someday. That dream now felt cruelly snatched away.I remember sitting in my tiny Berlin apartment, the walls closing in on me, scrolling aimlessly through forums for stories of others like me. That’s when I found someone mentioned a recovery service that had helped them reclaim their stolen assets. At first, I was skeptical. After all, hadn’t I already been duped? My curiosity battled with doubt for days until I decided to reach out.That’s when I found Digital Hack Recovery. Their approach struck a different chord. It was direct, transparent, and very professional. They didn’t promise miracles, but they gave me a roadmap: "We will fight for your case, but we need your trust and cooperation." I provided them with every detail transaction IDs, and even the tiniest breadcrumbs of communication with the scammers. At one point, it felt like reliving a nightmare, but their calm reassurances kept me grounded.On Friday morning, just three days after working with the team, while sipping my habitual coffee, I received the long-awaited email: “Funds Recovered, Next Steps.” My heart raced as I checked the email, and boom a deposit notification popped up. I quickly checked my wallet, and the funds were all available.Today, I’m rebuilding. My parent’s house is still a dream, but not an impossible one anymore. This experience has taught me the value of persistence and the power of people who truly care. Would I recommend Digital Hack Recovery? Absolutely, with all my heart. If you’re standing at the edge of hopelessness, take that leap of faith. It was the best decision I ever made. Contact Digital Hack Recovery via⁚
WhatsApp +1(915)2151930
Website; https : // digital hack recovery . com
Email; digital hack recovery @ techie . com
1
Top Tags
Weekly Rant
View