Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
丂卄ㄖᗪ卂几 - 👋 crack fingers Profile picture
丂卄ㄖᗪ卂几 - 👋 crack fingers
@therealshodan
Microsoft Threat Intelligence Centre, deaf, BSL https://t.co/ZaRUlLAHgk
Oct 2, 2024 7 tweets 2 min read
For over a year my free time has been spent turning this ‘LilyGo T-Dongle S3’ into hacking tool USB/WiFi/BT which I’ve named the USB Army Knife.

This device is cheap, tiny, has a screen, SPI port, button and can do a ton of stuff with the ESP32-S3 inside.

It has consumed me! 🧵 Lily go T dongle S3 First up look at that hidden micro SD card slot. With that kind of storage and the fact it’s so cheap it’s throwaway you can start planning attacks that live a long time.

The ESP32 inside has a full USB stick and can do your usual BadUSB/HID and run attacks. BUT… Image
Mar 31, 2024 4 tweets 1 min read
Some questions relating to how the xz backdoor was going to be operationalised.

1) Sending your backdoor SSH key to all machines you’re interested in hacking is bad opsec. What was the plan to determine in advance if a box was vulnerable? SSH version is a poor choice. 2) how are Linux commands going to be encoded in the key. These keys are going to turn up and you don’t want them looking malicious straight out the door.