Lol, I was picking up medication at the chemist and they asked me "what is your relationship with them" after I showed ID... because I don't look as old as I am, apparently.
Winning.
Notices by Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange), page 3
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Saturday, 22-Feb-2025 00:57:19 JST 
Ryan Castellucci :nonbinary_flag:
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Saturday, 22-Feb-2025 00:44:40 JST
Ryan Castellucci :nonbinary_flag:
@c0dec0dec0de @enkiusz I think that detail was only in the book
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 21:22:17 JST
Ryan Castellucci :nonbinary_flag:
@arrjay @drsbaitso @saraislet Vegan cheese, Canadian bacon, pineapple, and mandarin oranges, yum.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 21:20:22 JST
Ryan Castellucci :nonbinary_flag:
@c0dec0dec0de @enkiusz Nedry was recording that conversation so he could blackmail the guy.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 21:12:46 JST
Ryan Castellucci :nonbinary_flag:
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 21:08:40 JST
Ryan Castellucci :nonbinary_flag:
The United States SS must have their hands full with all those time travelers who keep showing up.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 21:04:20 JST
Ryan Castellucci :nonbinary_flag:
@mkj nope
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 18:10:23 JST
Ryan Castellucci :nonbinary_flag:
Apparently the serial console password on basically all EnGenius devices that I have firmware dumps for is "hom18".
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:43:11 JST
Ryan Castellucci :nonbinary_flag:
Anyway, I like EnGenius's products and will probably buy more of them in the future.
I haven't found any vulns that can be exploited without either physical access, admin access, or non-default configuration, and I like being able to get a root shell on my equipment.
Anyone have Mikrotik 0-day?
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:40:04 JST
Ryan Castellucci :nonbinary_flag:
This is from a bundle of code I got when I repeatedly complained to their legal department about GPL compliance.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:38:25 JST
Ryan Castellucci :nonbinary_flag:
el oh el
ryanc@airtop3:~/code/GPL_EAP1300$ fgrep -lr 'TRADESECRET INFORMATION OF SENAO' | wc -l
74 -
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:30:51 JST
Ryan Castellucci :nonbinary_flag:
The funniest thing is that these access points have a patch to dropbear (an embedded SSH server, which is disabled by default) that ALWAYS enables blank passwords for the root account, though it'll drop you into a config tool, not a shell.
The default root password is, of course, blank...
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:18:28 JST
Ryan Castellucci :nonbinary_flag:
The first backdoor password I found was "hom18" which drops you right into a root shell.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:15:42 JST
Ryan Castellucci :nonbinary_flag:
@arichtman
/ # ifconfig $(id)
It also has commands like ifconfig:
ifconfig: bad address 'gid=0(root)' -
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:14:09 JST
Ryan Castellucci :nonbinary_flag:
Oh, neat, I found a second backdoor account on the EnGenius serial console that wasn't picked up by strings because it's too short.
Password "pe" (the serial console doesn't ask for a username) drops you into a manufacturer test tool. You can get a root shell from there with "cmd sh".
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 17:00:57 JST
Ryan Castellucci :nonbinary_flag:
@drsbaitso @saraislet They can do amazing things vegan cheese these days.
-
Embed this notice
Fullmetal Manager 🌈💖🔥 (saraislet@infosec.exchange)'s status on Friday, 21-Feb-2025 16:58:54 JST 
Fullmetal Manager 🌈💖🔥
IT DOESN'T COUNT AS A TWO PIZZA TEAM OF IT'S TWO TEAMS EATING TWO PIZZAS AND HALF OF THEM DON'T EAT PIZZA
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 04:33:09 JST
Ryan Castellucci :nonbinary_flag:
@astraluma a good approximation for "simple" is "could a form submit this?"
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Friday, 21-Feb-2025 04:31:53 JST
Ryan Castellucci :nonbinary_flag:
@astraluma "simple" requests do not require a CORS preflight
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Thursday, 20-Feb-2025 15:54:37 JST
Ryan Castellucci :nonbinary_flag:
All GNU social JP content and data are available under the