hakstuff
@hakstuff.bsky.social
The thing I struggle with most is knowing when to walk away from a security project. Everything new is fun, and everything I'm doing is boring! But also, the things I've forgotten about are fun to revisit. The ADHDer's lament...
August 14, 2025 at 8:47 PM
The thing I struggle with most is knowing when to walk away from a security project. Everything new is fun, and everything I'm doing is boring! But also, the things I've forgotten about are fun to revisit. The ADHDer's lament...
Cyberdelia Rave at DEFCON was by far the highlight of my Saturday night - amazing event!!!
August 10, 2025 at 9:39 AM
Cyberdelia Rave at DEFCON was by far the highlight of my Saturday night - amazing event!!!
TIL Red Bull rewards security researchers with trays of Red Bull for reporting vulnerabilities in their website/apps
May 25, 2025 at 6:47 AM
TIL Red Bull rewards security researchers with trays of Red Bull for reporting vulnerabilities in their website/apps
This is 100% the issue with paying people for interactions on Twitter. It just becomes a testing ground to see what pays the most, regardless of how it impacts users lol. What a trash social media experience it has become, very unfortunate.
May 23, 2025 at 9:33 PM
This is 100% the issue with paying people for interactions on Twitter. It just becomes a testing ground to see what pays the most, regardless of how it impacts users lol. What a trash social media experience it has become, very unfortunate.
LETS GOOOO. This stopped me from looking into the current Volkswagen Golf R - I feel like any enthusiast platform using a heavily touch-based systems for a majority of the car's controls is just a recipe for disaster.
guys, buttons are SOOOOOOOO back.
what other things are better in their older form?
what other things are better in their older form?
Rejoice! Carmakers Are Embracing Physical Buttons Again
Amazingly, reaction times using screens while driving are worse than being drunk or high—no wonder 90 percent of drivers hate using touchscreens in cars. Finally the auto industry is coming to its sen...
www.wired.com
May 23, 2025 at 9:32 PM
LETS GOOOO. This stopped me from looking into the current Volkswagen Golf R - I feel like any enthusiast platform using a heavily touch-based systems for a majority of the car's controls is just a recipe for disaster.
While hacking on my car's head unit, I ran into the weird issue of needing to extract the device's firmware over SSH.
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
May 23, 2025 at 6:51 PM
While hacking on my car's head unit, I ran into the weird issue of needing to extract the device's firmware over SSH.
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
But there's a golden rule: If you can run a command and see any form of output, that means you can dump the firmware! The rest is just making it less of a pain..
Reposted by hakstuff
I straddle Twitter and Bluesky and each information environment is frankly incomplete. But, miraculously, both is worse.
May 21, 2025 at 3:50 AM
I straddle Twitter and Bluesky and each information environment is frankly incomplete. But, miraculously, both is worse.
It's crazy to me that there are zero bsky search results for can-utils, and only one for candump 👀🚙 I guess automotive people haven't made the jump yet...
May 21, 2025 at 5:34 AM
It's crazy to me that there are zero bsky search results for can-utils, and only one for candump 👀🚙 I guess automotive people haven't made the jump yet...
My next plan is to dump the full firmware of this unit so I have a copy for static analysis. Unfortunately its huge, and the device doesn't have any USB ports right now!
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
May 20, 2025 at 4:56 PM
My next plan is to dump the full firmware of this unit so I have a copy for static analysis. Unfortunately its huge, and the device doesn't have any USB ports right now!
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
I could modify the packet filter configuration to unblock SSH and transfer it via SCP, but I don't want to modify the system yet
Got root on my head unit using the edge connector adapter board I made! The Bus Pirate 6 is pretty slick, even if I'm just using it as a basic UART interface/bridge here haha
May 20, 2025 at 2:17 PM
Got root on my head unit using the edge connector adapter board I made! The Bus Pirate 6 is pretty slick, even if I'm just using it as a basic UART interface/bridge here haha
Just received prototype assembly photos from PCBWay for the debug edge connector breakout board I made! Really excited to receive them soon 😄
April 18, 2025 at 6:21 PM
Just received prototype assembly photos from PCBWay for the debug edge connector breakout board I made! Really excited to receive them soon 😄
I NEED to be computing on a big ass cube
April 1, 2025 at 7:57 PM
I NEED to be computing on a big ass cube
If anyone ever wants a free pentest or research project done, just donate me one of these huge 90's NEC servers. They are so ridiculously rare, I've never even seen one for sale...
April 1, 2025 at 7:48 PM
If anyone ever wants a free pentest or research project done, just donate me one of these huge 90's NEC servers. They are so ridiculously rare, I've never even seen one for sale...
oh, and one less fun side to all of this: apparently the high speed edge connector socket i chose is subject to export restrictions, so it can't be mailed to China. not sure exactly why (it's just a socket!) so now i'm investigating and looking into alternative parts I could use
I couldn't find what I needed online, so I made it! 40-pin 1mm-pitch edge connector (PCIe x4 size, ish) broken out to a standard 40-pin 2.54mm-pitch header, that way you can easily attach UART/JTAG adapters, debuggers, etc.
March 27, 2025 at 7:21 PM
oh, and one less fun side to all of this: apparently the high speed edge connector socket i chose is subject to export restrictions, so it can't be mailed to China. not sure exactly why (it's just a socket!) so now i'm investigating and looking into alternative parts I could use
I couldn't find what I needed online, so I made it! 40-pin 1mm-pitch edge connector (PCIe x4 size, ish) broken out to a standard 40-pin 2.54mm-pitch header, that way you can easily attach UART/JTAG adapters, debuggers, etc.
March 27, 2025 at 7:01 PM
I couldn't find what I needed online, so I made it! 40-pin 1mm-pitch edge connector (PCIe x4 size, ish) broken out to a standard 40-pin 2.54mm-pitch header, that way you can easily attach UART/JTAG adapters, debuggers, etc.
Reposted by hakstuff
TS/SCI means the information must be transmitted over Text or Signal with Some Civilians Invited
March 25, 2025 at 2:53 AM
TS/SCI means the information must be transmitted over Text or Signal with Some Civilians Invited
Bus Pirate finally arrived! I'm excited to play with it, I've been itching to throw it at my current project
March 25, 2025 at 4:58 PM
Bus Pirate finally arrived! I'm excited to play with it, I've been itching to throw it at my current project
hardware-level talk tuah
March 21, 2025 at 2:15 PM
hardware-level talk tuah
Reposted by hakstuff
Bro you just coded cringe! You are going to lose control of instruction pointer!
March 20, 2025 at 10:32 PM
Bro you just coded cringe! You are going to lose control of instruction pointer!
I've never had a paper published before, but I've always admired published researchers. It would be cool to look into, but- at what point is professional research paper-worthy..? I feel like it's such a gray area when it comes to cybersecurity...
March 20, 2025 at 8:57 PM
I've never had a paper published before, but I've always admired published researchers. It would be cool to look into, but- at what point is professional research paper-worthy..? I feel like it's such a gray area when it comes to cybersecurity...
Reposted by hakstuff
ghidra is so good at syscalls
March 20, 2025 at 2:01 AM
ghidra is so good at syscalls
John from QNX in my walls, whispering to me:
Now is a great time to bring BlackBerry 10 OS devices back.
Fuck Apple and Fuck Google. We need BlackBerry back in action.
#BringBackBlackBerry
Fuck Apple and Fuck Google. We need BlackBerry back in action.
#BringBackBlackBerry
March 19, 2025 at 2:46 PM
John from QNX in my walls, whispering to me:
tbh most time-boxed security audits end up being vibe audits at the end of the day
don't forget to vibe security audit your vibe code
March 18, 2025 at 8:23 PM
tbh most time-boxed security audits end up being vibe audits at the end of the day
Reposted by hakstuff
We heard you needed some more time, so we wanted to let you cook.
We decided to push the Phrack 72 CFP deadline back until June 15th.
Stay tuned for upcoming Phrack events.
Print this flyer out and give it to someone IRL!!
We decided to push the Phrack 72 CFP deadline back until June 15th.
Stay tuned for upcoming Phrack events.
Print this flyer out and give it to someone IRL!!
March 17, 2025 at 1:58 PM
We heard you needed some more time, so we wanted to let you cook.
We decided to push the Phrack 72 CFP deadline back until June 15th.
Stay tuned for upcoming Phrack events.
Print this flyer out and give it to someone IRL!!
We decided to push the Phrack 72 CFP deadline back until June 15th.
Stay tuned for upcoming Phrack events.
Print this flyer out and give it to someone IRL!!