This is part of a blog post I wrote: https://debugging.works/blog/tpm-explained/
- I use it on Arch Linux (systemd 257.3-1)
- Install dependency:
yay tpm2-tools(5.7-1)
hackermondev
/ research.md
Last active
July 19, 2025 14:13
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.
3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.
I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:
By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k
mxgrn
/ context_base.ex
Last active
May 16, 2024 09:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # It's only a POC for now | |
| defmodule ContextBase do | |
| @moduledoc """ | |
| Abstracts away common schema functions, such as list, get, create, update, delete, etc. | |
| Assumes that the schema module has a `changeset` function. | |
| Usage: | |
| defmodule MyContext do | |
| use ContextBase, repo: MyApp.Repo, schema: MyApp.MySchema | |
| end |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Colors | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| NO_COLOR='\033[0m' | |
| BLUE='\033[0;34m' | |
| YELLOW='\033[0;33m' | |
| NO_COLOR='\033[0m' |
yzdbg
/ auto-dr.md
Last active
November 3, 2023 17:11
Each day at our company, developers are required to document their activities, painstakingly jotting down their daily work and future plans. A monotonous chore that I just really dislike.
So now, there's a scribe for that :
Snawoot
/ poor_mans_gtm.md
Last active
April 6, 2025 12:02
Sometimes we need to add redundancy to some service or server which happen to be a public-facing entry point of our infrastructure. For example, imagine we want to add a high availability pair for a load balancer which sits on the edge of network and forwards traffic to alive backend servers.
┌─────────────┐
│ │
┌─────►│ Backend 1 │
│ │ │
│ └─────────────┘
mishailovic
/ gist:31e006b5e59d88d032ddd6a2da08ef9a
Created
September 15, 2021 19:41
Expose your localhost if you are running your server behind NAT.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| What you will need: Server behind NAT (Server A), Server with static ip e.g. VPS for hosting Wireguard (Server B). | |
| 1) On your server B paste this commands in terminal: curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh && chmod +x wireguard-install.sh && ./wireguard-install.sh | |
| 2) Create new client and save his ip. Mine will be 10.66.66.123 | |
| 3) Download this config to server A and connect to your server B with wireguard. | |
| 4) Depending on your client ip which we configured in step 2 type this commands in server B terminal (this time I wanted my Minecraft server exposed, so I chose 25565 port, yours can depends): | |
| sudo iptables -P FORWARD DROP | |
| sudo iptables -A FORWARD -i wg0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
| sudo iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT |
onlurking
/ programming-as-theory-building.md
Last active
July 15, 2025 09:42
Programming as Theory Building - Peter Naur
Peter Naur's classic 1985 essay "Programming as Theory Building" argues that a program is not its source code. A program is a shared mental construct (he uses the word theory) that lives in the minds of the people who work on it. If you lose the people, you lose the program. The code is merely a written representation of the program, and it's lossy, so you can't reconstruct
JoeyBurzynski
/ 55-bytes-of-css.md
Last active
July 17, 2025 10:31
58 bytes of css to look great nearly everywhere
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static byte[] readUri(Context context, Uri uri) throws IOException { | |
| ParcelFileDescriptor pdf = context.getContentResolver().openFileDescriptor(uri, "r"); | |
| assert pdf != null; | |
| assert pdf.getStatSize() <= Integer.MAX_VALUE; | |
| byte[] data = new byte[(int) pdf.getStatSize()]; | |
| FileDescriptor fd = pdf.getFileDescriptor(); | |
| FileInputStream fileStream = new FileInputStream(fd); | |
| fileStream.read(data); |
NewerOlder