Don’t worry gang! Since I don’t know anything about computers let’s go and learn something! Oh look I have an iPhone and a MAC in the lab 🥼
To show you I mean business - not only the art of war but the ducking executive version! I will go out a suit on… I digress!!! Ok so we have a Mac and an iPhone - running ios14.8
God I can’t type 😂 ok so we have Mac and an iPhone - let’s plug the phone into my MaC 💻 also look cool Aston Martin fun! (Plays dramatic music)
Now someone said I wasn’t cool without a snap back! I’m old and only have a flat cap to hand so here we go! Cool Yorkshire vibes!
Anyway stupid selfies aside let’s go hax hax hax - ok first thing we do it asks…. Do I trust this computer!!??
Ok so I’ve said TRUST and then I entered a PIN (password) (I need to get my google on for this really so bear with my shit terminology). So now my device is trusted by me…. It’s now linked to my Apple ID which is on my Mac and iPhone - great
So now I trusted my device, entered the PiN I can now execute trusted actions….
RCE! I just airdropped myself from a trusted device to a trusted device and oh my fucking god! Will no one think of the children!
So ok Dan humour mode dialling down now….. tweeps what am I missing here?
And look the guy might be a nice chap, and I don’t joke for clout- I’m honestly trying to understand is there any issue here? We aren’t breaking a trust boundary…. Is there something I’m missing? This is TRUST to TRUST not untrust, I’m reading GitHub and…
So the chain here is send an airdrop to a site that uses websockets initiated from an authenticated trusted device….
You gotta ask why I am even looking at this…. Because this show Intel works…. We get information and we have to validate if it’s real or not… if it’s something to act on or not…. And in this case is this a threat or a ruse to distract us all 😂😂😂
So this is like me running sudo when I know the password….. what am I missing here?
I just ‘hacked’ my trusted device from a trusted device abusing the feature ‘AirDrop’ - very dangerous hax !
More clicks = more hax 😂😂😂

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with MrR3b00t | hacking human minds!

MrR3b00t | hacking human minds! Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @UK_Daniel_Card

13 Oct
Ok I’m going to disclose something soon…. 8 days time… just wait! Follow me and on 8 days we shall unveil the thing…..
*now has to find something to disclose* or maybe I can just babble on about how wrong *insert megacorp* is and how no one is safe….
Oh errr do I need to tag people? Maybe a vendor and some high profile accounts for clout! Am I doing this right?
Read 5 tweets
13 Oct
I’m not perfect, I’m not amazing, I don’t want to pretend to be….. also lulz 😂 standing on ur own pedestal telling other people how to behave is lulz
Do whatever the fuck you want! In the end the only person that has to live with urself is u!
It does get on my beak when people tweet out telling everyone how to be and how they should think and act and whatever the fuck they think is good
Read 4 tweets
12 Oct
Oooh i have downgrade button on my account now….
Its in exsctly or what apears to be the old like location so errr thats stupid 😂
My downgrade option has gone 😂😂😂
Read 4 tweets
12 Oct
everyone understands IOS architecture right?
now can you all understand this bit?
and this? easy isn't it!
Read 6 tweets
11 Oct
I’m going to get RCE this evening …. Big reveal ! So 1337 much hax! 😂 #windows11 @pry0cc inspired me! We are going to hack the planet! #sarcasm #lulz
Watch this space! You are vulnerable to this!
Ok @pry0cc I’ve deployed the c2 infra to my mobile device! So hax much 1337 Image
Read 15 tweets
11 Oct
What does good enough security look like? I get asked this by customers….. honestly I can’t answer it other than with some pithy statement about risk appetite and tollerance 😂
I’ve put stuxnet.co.uk together with a weak posture but stronger than quite a lot of sites…. Go have a look and see… is this good enuff? It has loads of flaws for sure….
Another question…. How comes I’ve put together a site with above average strength by taking the piss…. Like don’t get me wrong I built that live - I’ve not tested it from a security pov 😂
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(