Instance Logo

threatactor.club

Profile for joernchen :cute_dumpster_fire:. Username @joern, threatactor.club. Role: admin

About

Your mom's favorite hacker!

My other account is @joernchen

Joined on Nov, 2022. 289 posts. Followed by 901. Following 222.

Recent posts

joernchen :cute_dumpster_fire: . @joern,

So I messed up the gotosocial instance TLS certs this morning, I ran into the let’s encrypt rate limit for threatactor.club because I forgot to configure a path for the certificates on the persistent volume, and for each new deploy it would pull fresh certificates :facepalm:.

The trick to recover was to first set a path and then manually fetch an EC cert for threatactor.club and another DNS name with certbot. This would not count against the rate limit of threatactor.club as a second name is added (see https://letsencrypt.org/docs/rate-limits/ ). Then I put everything in place on the persistent volume and got the instance back up.

Open thread
joernchen :cute_dumpster_fire: . @joern,

So this threatactor.club is running #gotosocial on a shared VM with 256 MB RAM. I’ve tried something new and used fly.io to host it. Works like a charm so far, with all the rough edges gotosocial still has.

The setup is somewhat similar to what’s described by @mfa in https://madflex.de/setup-fedi-cress-space/. I might post the actual configuration later on.

Open thread
joernchen :cute_dumpster_fire: . @joern,

Short #introduction ahead:

I’m joern and I like to cause dumpster fires. I’m looking back to > 10 years of security consulting and since about three years I’m doing security research over at GitLab.

You can find an almost up to date list of some of the IT security related stuff I did in the past at https://0day.click/page/references/.

Fun fact: @fabs named his SAST tool joern after me :trollface:. Find it at https://joern.io

The exploit I’m most proud of is the one for CVE-2012-0809, a format string issue in sudo. You can find it here: https://gist.github.com/joernchen/618a8940894084102fe2

The most notable shell I popped was on on www.ccc.de, which was due to https://github.com/hukl/cccms/blob/220c6f7bdfc0da33d4284495d6954b2b89f224f6/config/initializers/session_store.rb#L9 :lolol:

Also I did a lot of Ruby on Rails hacking in the early 2010s and wrote about it in http://phrack.org/issues/69/12.html#article

Besides hacking and reading other people’s code I’m practicing Brazilian jiu-jitsu a lot in my spare time.

#introductions #security #infosec #hacking

Open thread