Mastodawn

Ac1d D4ddy

@ac1d_d4ddy

1 Followers

31 Following

9 Posts

Y'all know who it is (maybe not)

Ac1d D4ddy Apr 9, 2024

Show thread

chebuya Apr 9, 2024

@ac1d_d4ddy @campuscodi
Hey I am the author of this exploit :3. The get_files() function is the pre-auth path traversal, yes

The SQLi is used to login to the web panel and collect the filesystem paths for decryption keys (they are shown in the web panel). Technically, these would be accessible if you could guess the filename since they are stored in the webroot, but bypassing them and collecting the filenames is possible so why not

Ac1d D4ddy Apr 8, 2024

You need to learn how to build stuff before you learn how to break it.

Ac1d D4ddy Apr 7, 2024

HauntedDoctor Feb 28, 2023

Not sure who needs to hear this today, but remember, your local public library benefits from being used! Usage statistics are how librarians argue for funding! By using this shared service more, you are making it BETTER for everyone else!

It's the glory of the commons, not the tragedy of the commons. Go to the library!!!

Ac1d D4ddy Mar 28, 2024

What's good gang?