Threads for msf

  1. 0

    Hehe, a bit late to the party… maybe chinese gov/mil finds this interesting to find 0days for solaris..

    I don’t see much use for this besides code archeology

    1. 5

      Code archeology is the only use.

      For 0days, the OpenSolaris code would be rather closer to current Solaris 11 releases. But what Sun had opened, Oracle closed again hence the existence of illumos which is useful if you want something to actually run.

      1. 4

        SunOS and Solaris are different enough that there isn’t much that will transport between them.

        It’s an historical artifact of the field, so code archaeology is, indeed, the interest.

      1. 1

        i just moved my ethereum tesnet node running beku and lighthouse to mainnet, running geth and lighthouse so that see the merge happening in my own logs!

        also to prepare for ETHBERLIN and do decentralized blockchain as one must, using my own node :-)

        1. 1


          It’s higher level , but lower than that is a non problem

          1. 13

            this is THE kingpin from the L0pht group back in the 90s. This group was instrumental and inspired a whole new generation of hackers.

            This gentleman is a true hacker.

            I unfortunately don’t have the eloquence to express how much human beings like himself inspired me and shaped the way I practice my art.

            Kingpin, I thank you for what you are!

            fwiw, this recording ( shows a bit of what they were up to back in the day ..

            1. 4

              he still holds embedded / hardware hacking trainings if you have 3-4k USD burning a hole in your pocket.

            1. 4

              the level of complexity and sheer brute force work required to pull this off is out of my comprehension. I’m from the age of NOP slides and simple buffer overflows with shellcode at the end of the NOP slide.. or at most a ret2lib attack..

              this is just a whole two orders of magnitude away from that..

              1. 6

                The DLS is still a learning barrier.

                The other barrier is that it is still quite niche and full of nuanced bugs. For example, the declarative execution of container services using podman is fully documented but multiple times for me generated in broken services that failed to run.. And this happened within a single nixOS release (not during a transition of major releases).

                It is a major effort to re-codify development environments for a completely new development “closure” DSL.