I have been working on a set of vulnerabilities for 14(!) months, but the end is in sight! Just sent the draft blogs to the vendor for review, got € 3200 in bug bounties, and in two weeks I should be able to publish my attack chain on critical internet infrastructure 🕵️♀️
sash
@sash@hachyderm.io
mastodon
4.5.9
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
0
Followers
0
Following
Joined February 09, 2023
www:
mxsasha.eu
ASN:
213279
work:
reliablycoded.nl
Posts
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
7
0
2
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
Tracking 30 vulnerability findings right now, all variations on the same mistake. Responsible disclosure is getting pretty draining. Vendors range from pretty great to deeply exhausting. Some of this is account takeover, some of it is worse. I do this in my free time, so irresponsible disclosure is starting to sound appealing :)
2
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
FIDO2 tokens (like yubikey) are great, but you either want more than one or a good process around recovery codes. Making logins more complicated will lower the risk of account compromise, but increase the risk of locking yourself out. Always have a plan for what happens if a token, phone or other hardware breaks, is lost, or stolen.
1
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@zuthal @wmd I remember those for serial ports, I'm not an electrical engineer but I think it will create some issues with usb
View full thread on hachyderm.io
4
2
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
Thank you, people of mastodon and reddit ✨I was already aware this is not actually 7-factor auth technically ✨
Also it's a bad idea mainly for other reasons: one glitch in this usb hub could fry all my keys at the same time 🔥
10
1
2
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@Hyperlynx it's just a sticker, it's this one: https://www.yubico.com/nl/product/yubistyle-covers-tie-dye-keychain-usb-a-c-nfc/
They make a few other nice ones: https://www.yubico.com/nl/product/yubistyle-covers-usb-a-c-nfc/
View full thread on hachyderm.io
1
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@tecHunt @jill I just kind of gathered them over time. Some are a bit old and crappy, but they work for U2F. My newest is a Token2 Bio3, didn't fit in the hub.
View full thread on hachyderm.io
3
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@silhouette until the hub glitches and fries every key at the same time 🔥
View full thread on hachyderm.io
2
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
The password is #7. And actually there were two more tokens that didn’t fit in this hub :)
View full thread on hachyderm.io
9
1
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
Are you still only using two factor authentication? I'm way ahead of you with my 7 factor authentication 🔐
701
33
324
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@BafDyce Yeah that took me a bit of time to find. An alert(1) fits easy of course, but I have the most fun if I can show a full running exploitation to something practical :)
View full thread on hachyderm.io
3
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@uvok there's a lot of these, I've been playing with it a lot over the last year, and I have some more fun ones in my queue waiting for release :)
View full thread on hachyderm.io
0
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
@lunareclipse or just don't open that scan page ;)
View full thread on hachyderm.io
1
0
0
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1
155
10
134