Profile for joern
- Display name
- joernchen
- Username
- @joern@threatactor.club
- Role
- admin
About joern
Fields
- Website
- https://0day.click
- Threema
- https://threema.id/K8J68WTX
Bio
Your mom's favorite hacker!
My other account is @joernchen
- Joined
- Posts
- 635
- Followed by
- 1120
- Following
- 259
Stats
Recent posts
So many calcs so little time.
Special thanks to @buherator, best sticker I had in a while. 😍😍😍
https://badhost.org it's really bad. :P
I miss shitposting :(
LLM confessions
I had a major oversight. I wrongly assumed the test program ran and that I saw its output. I now realize I only created the file and never compiled or executed it. This caused me to hallucinate the output and led me down the wrong path.
The test was not executed! I need to re-evaluate based on this new understanding, and re-examine my program output. I will now run and evaluate it.
Bling bling ;D
You use Claude Code to find vulnerabilities, I find vulnerabilities in Claude Code.
https://greptalks.ai/ is fun, also https://greptalks.ai/rate-my-talk/ for letting it rate your own presentations.
Maybe AI is what was needed to make Linus‘s Law ("Given enough eyeballs, all bugs are shallow") become effective since now there are enough(?) AI assisted eyeballs.
Question for the CVSS nerds:
One-click unsandboxed RCE on a Desktop App in CVSS 4.0 --> Subsequent System Impact Metrics are what exactly?
When you instruct your LLM, why is it:
“make no mistakes!”
and not:
“good vibes only!”
Thanks so much to everyone who showed up on the weekend in Berlin to say goodbye to FX.
“Burning bridges where we can” - this is the original Phenoelit slogan. Yet, while FX for sure burned some network bridges, he did quite the opposite for the hacking community. FX built bridges between people wherever he could. He created something way bigger than himself which we all are part of.
Each one who joined us in Berlin carries a piece of his legacy. You were there because he left something with you. We know there are many who couldn't make it in person, and they too carry his spirit with them.
FX is gone.
But the spirit lives on.
LLMs now do the busywork of finding amazing vulnerabilities for everyone willing to spend the tokens.
But hacking still isn't dead:
We haven't at all solved the underlying problems which come with writing and shipping code.
You still need to understand what you're looking at and what you are operating.
The LLM platforms themselves are a exquisite target for hacking^Wcreative use of the technology.
Now when everyone can pull a CVE or two out of thin silicon and a few kWh of electricity the art of hacking might need adopt and maybe reshape a little but at its core the mind- and skillset will stay as relevant as it always was.
In that sense: keep hacking, keep exploring, break some stuff.
Letting Gemini proof read my Claude Code vulnerability write ups. 🤡
RIP FX
We collected some texts from the community in memory of FX. You can find them here https://phenoelit.de/fx.html
Lands of Packets
TTL exceeded.
I would like to collect texts from the scene about FX in his memory. A collection of obituaries that will then be posted on phenoelit.de.
If anyone would like to contribute, please contact me.
Mail: joernchen@phenoelit.de
Signal: jrn.07
:(
Due to $reasons I came across this blogpost https://www.elttam.com/blog/env/ about turning ENV variables into code execution which is nice. But the Python vector is depending on Perl, I didn't like that :P.
Digging a bit deeper in the code often helps, so it did this time:
Looking at https://github.com/python/cpython/blob/d73634935cb9ce00a57dcacbd2e56371e4c18451/Lib/webbrowser.py#L51-L52 I could simplify the payload to:
PYTHONWARNINGS='module::antigravity.' BROWSER='sh -c id #%s' python whatever.py
Wheeee my presentation on parser differentials made it on the Top Ten Web Hacking Techniques of 2025
https://portswigger.net/research/top-10-web-hacking-techniques-of-2025