Add an exclamation point to the front of the image <3
Like this:
![](https://happy.quack)
Not this:
[](https://sad.quack)
Add an exclamation point to the front of the image <3
Like this:
![](https://happy.quack)
Not this:
[](https://sad.quack)
“Duck!”
“Ooh, where–”
lmao, what?
Not fishy at all! It’s like a lockpicking fan asking about locksport.
If you’re looking for examples, GitHub has a lot of CVE proof-of-concepts and there are lots of payload git repos across git hosts in general, but if you’re looking for a one-stop-shop “Steal all credentials,” or “Work on all OSes/architectures just by switching the compile target,” then you’ll have a harder time. (A do-one-thing-well approach is more maintainable after all.)
If you want to make something yourself that still tries to pull off the take-as-much-as-you-can, you should just search up how different apps store data and whether it’s easy to grab. Like, where browsers store their cookies, or the implications of X11’s security model (Linux-specific), or where Windows/Windows apps’ credentials and hashes are stored. Of course, there’s only much a payload can do without a vulnerability exploit to partner with (e.g. Is privilege escalated? Are we still in userland? is this just a run-of-the-mill Trojan?).
Apologies if my answer is too general.
obligatory navier-stokes equation
Grandiloquent/sesquipedalian. It’s what you get when you use everything in this thread ₍^ >ヮ<^₎ .ᐟ.ᐟ
/s
Specifically, it refers to a deep understanding.
[A critic] notes that [the coiner’s] first intensional definition is simply “to drink”, but that this is only a metaphor “much as English ‘I see’ often means the same as ‘I understand’”. (from Wikipedia)
When you claim to “grok” some knowledge or technique, you are asserting that you have not merely learned it in a detached instrumental way but that it has become part of you, part of your identity. For example, to say that you “know” Lisp is simply to assert that you can code in it if necessary – but to say you “grok” Lisp is to claim that you have deeply entered the world-view and spirit of the language, with the implication that it has transformed your view of programming. Contrast zen, which is a similar supernatural understanding experienced as a single brief flash. (The Jargon File; also quoted on Wikipedia)
In 2003, Bill Burr wrote “NIST Special Publication 800-63. Appendix A” – a security document that recommended passwords be changed every 90 days, and have irregular caps and special characters. When asked about it, and the resultant trends in people adding !@#$%^&*() to the end of their passwords, Burr said something enlightening:
Lmao
so yeah I hit the Bitwarden generate button and forget
Whoa, I didn’t know about this! My trustworthy beloved orange apps were sold to ZipoApps, a company that flips apps into ad revenue.
But has anything changed for the worse yet? I don’t see any odd commits in the history (e.g. Draw). I’ll probably just lock the F-Droid version of the Simple gear I can’t switch.
-1 accuracy point ( ◞ ﹏ ◟)
linux 4.5-rc5 had efivarfs fixed to prevent “rm -rf /” bricking uefi motherboards – so maybe someone can try it out? :]
Lots of good answers here but I’ll toss in my own “figure out what you need” experience from my first firewall funtime. (Disclaimer: I used nftables – it should be similar to ufw in terms of defaults though).
python -m http.server
– I unblocked port 8000 for personal use.I didn’t use WireShark back then, really. I think I just ran something like
sudo lsof -nP -iTCP -sTCP:LISTEN
which showed me a bunch of port traffic (mostly just harmless language servers).
You don’t have to dive to deep into all the “egress” and “ingress” and whatnot unless you’re doing something special. Or your software uses a weird port. (LocalSend lol)
Obligatory Linux comment (Lemmy moment):
Windows is used often for its compatibility and defaultness but Linux is interesting in the sense that everything is patchable, everything is tinkerable and configurable. The low resistance to tinkering makes lots of Linux users tinkerers – including tinkering via code.
I’m not saying wipe your hard drive or even dual-boot. Maybe an older computer or VM could help, depending on what you have. But just in the past week I’ve screwed around in low-to-medium-difficulty Linux projects that configured my lockscreen with C, that implemented mildly usable desktop GUIs with TypeScript, among others – just not-too-committal stuff that has a return value I literally see every time I lock my computer.
Windows equivalent projects can be harsher on the beginning-to-intermediate curve (back when I first tried out Linux Mint, I’d been struggling to make a bookmark inspector in Visual Studio – ended up Pythoning it instead) – not to say that Windows fun is by any means out-of-reach.
My friends Leetcoded and Codeforced quite a lot. Advent of Code is up there too, with the interesting caveat that Advent of Code also teaches you refactoring (due to the two-part nature of every problem).
However, when I was younger I had contempt for the whiteboard-problem-esque appearances of these, but everyone is different.
If you look hard enough there is always a project at medium difficulty – not way too hard, like a huge project you feel won’t give you returns – not way too easy, like some cowsay clone. Ever tried making a blog? You can host for free on most Git pages implementations (codeberg, github, gitlab…).
As for programming books, consider trying security books like Art of Exploitation – in the same strain, CTFs can use a decent amount of code, and they’re fun in terms of raw problem-solving. I started with the Bandit wargame, which does Linux problem solving from any machine that has SSH.
I’m not by any means a l33t hax3r but I found them pretty fun in my learning journey.
I… don’t have ADHD (relatively confident) but I’ve used both of your hacks before and they’ve measurably helped me.
The templating thing slung me over its shoulder and carried me through battlefields. Procrastinate 'til the last hour? Assignment must be in LaTeX? Don’t worry, everything is already formatted, just add the double-dollar-signs and equate!
Bored? Need to get this article done but it’ll be even more boring? Watch random dubbed animations or something while hitting the keys – low-pressure colors and music cushions the harder-thinking part. Somehow the perceived expenditure of I Need To Focus mutes itself!
(Footgun if the side-video is too interesting.)
First thing I’d ever seen on the darknet was this bad boy. (Not that it was a terribly efficient way to get an epub.)
Such a bottom-up book. Almost gave up back then, thinking I wouldn’t be able to handle assembly, but then what would the point of reading about the hacker mindset be?
Lmao it’s not Lemmy without Linux
noh8
Oh, you’re right. You just pass the -d
detach flag. I stand corrected!
According to tab autocomplete…
$ git
zsh: do you wish to see all 141 possibilities (141 lines)?
But what about the sub options?
$ git clone https://github.com/git/git
$ cd git/builtin
# looking through source, options seem to be declared by OPT
# except for if statements, OPT_END, bug checks, etc.
$ grep -R OPT_ | grep --invert-match --count -E \
"OPT_END|BUG_ON_OPT|if |PARSE_OPT|;$|struct|#define"
1517
Maybe 1500 or so?
edit: Indeed, maybe this number is too low. git show
has a huge amount of possibilities on its own, though some may be duplicates and rewords of others.
$ git show --
zsh: do you wish to see all 489 possibilities (163 lines)?
$ man git-show | col -b | grep -E "^ -" --count
98
An attempt at naively parsing the manpages gives a larger number.
$ man $(find /usr/share/man -name "git*") \
| col -b | grep -E "^ -" -c
1849
Numbers all over the place. I dunno.
Huh, TIL.
To be fair, git switch
was also derived from the features of git checkout
in >2.23, but like git restore
, the manual page warns that behavior may change, and neither are in my muscle memory (lmao).
I’ll probably keep using checkout since it takes less kb in my head. Besides, we still have to use checkout for checking out a previous commit, even if I learn the more ergonomically appropriate No deprecation here so…switch
and restore
.
edit: maybe I got that java 8 mindset
edit 2: Correction – git switch --detach
checks out previous commits. Git checkout may only be there for old scripts’ sake, since all of its features have been split off into those two new functions… so there’s nothing really keeping me from switch
.
oddly a duck is the last thing i expected to see