Show newer
℉ⅈℕℹℸℽ

Solr is vulnerable if you grab the right version from Docker Hub (8.8.0 works nicely). But - the Java executable in there is from within the last few years, and those all disallow remote code includes via JNDI... So by default it's not going to give you RCE - at least not with the method commonly cited.

Show thread
1
℉ⅈℕℹℸℽ

I learned some things.

Show thread
1
℉ⅈℕℹℸℽ

Mostly done with my range - Terraform and Ansible deploy it to AWS so you can play around with log4shell.

github.com/kc0bfv/log4j_range

1
℉ⅈℕℹℸℽ

youtu.be/jTM9-nudFBA

Great little short.

0
℉ⅈℕℹℸℽ

Rough morning for somebody.

0
℉ⅈℕℹℸℽ

I35 in Kansas miles 40-60 always fly past. In either direction you come out of hours of placid plains into comparably dazzling suburbia of Wichita. I can't help but look around almost in wonder, my mind soaking in the distraction. By the time I catch my bearings we're out the other side driving through the fields again.

0
℉ⅈℕℹℸℽ boosted
⚛️Revertron

How not to learn #Rust

dystroy.org/blog/how-not-to-le

1
℉ⅈℕℹℸℽ

This party monster massacred the other decor...

0
℉ⅈℕℹℸℽ boosted
𝕾𝖕𝖎𝖓𝖆𝖟𝖎𝖊
1
℉ⅈℕℹℸℽ

Thanks Reddit

1
℉ⅈℕℹℸℽ boosted
Kingu Platypus :verified_paw:
0
℉ⅈℕℹℸℽ

I spent way too long on Elastic given that their docs say it isn't exploitable due to mitigations... Oh well.

Show thread
0
℉ⅈℕℹℸℽ

Spent a few hours last night trying to get RCE on fresh ElasticSearch, Jetty, and Solr (not enough time on this one) installs. But no luck.

1
℉ⅈℕℹℸℽ boosted
Developer Memes

"Can you find the optimal route for the trolly?"

submitted by mstjepan

0
℉ⅈℕℹℸℽ

@lain carry moonbeams home in a jar

0
℉ⅈℕℹℸℽ

Morning leaving Colorado

0
℉ⅈℕℹℸℽ

Support this week, and your donation will pack double the punch with an automatic 2X match... eff.org/power-up

0
℉ⅈℕℹℸℽ

US Pol (Roe v Wade) 

Supreme court might eliminate RvW? Make it a law. That's the right way to do these things anyway. (I understand the complication around this, but if it's ever gonna happen this is the best time I've seen so far)

0
℉ⅈℕℹℸℽ boosted
Ken Fallon (PA7KEN, G5KEN)

CQ CQ CQ Want to learn CW. I do have a straight key and want to use it on Linux.

How can I physically connect it ? Do I just treat it as a switch and implement hardware debounce ? Or use a GPIO on a pi(w), or hacking a old mouse to replace right click, a ESPxx with a HID interface ?

Advice on this would be appreciated ?

1+
℉ⅈℕℹℸℽ

@ken_fallon this answer recommends the mouse hack because then it'll work easily with existing software.

ham.stackexchange.com/question

I was gonna recommend something like the Sega Genesis joypad driver, or DB9 joystick driver. I messed with that years ago and the electrical connections are simple and translate easily to the driver, and the driver was easy to modify to have the button behavior be different. I'm not sure that type of setup would work with whatever software you want to use though.

0
Show older
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy