islieb?
@gabrielbezerra
- 63 Followers
- 170 Following
- 1.5K Posts
Devine Lu LinvegaI just realized something..
I come from making games with algols where queuing animations used this awkward kind of setup:
.then(() => {}).then(() => {})
Even back then it felt shitty to work that way but it was all I ever known, and over time I'd read about continuations, or stringing along an env variable, fussing with callbacks, it was just all bad, but you learn to live with it.
In catlangs, animation is absolutely seamless:
this then that
It is a valid way of sequencing animation functions because the atoms of a catlang can be concatenated. It's the ultimate scheme for doing gamedev animation in my opinion.
Anyhow, You wouldn't NAME a VARIABLE.
Medidor de ranço[ 🌡️ 🟨🟧🟥🟥 97% ] Nível de ranço detectado neste momento com ⚰️ gente que acha que a sua crença deveria delimitar as escolhas e liberdades alheias.
vitalis
Julia EvansI'm back to thinking about CSRF: why is it useful for sites to be able to embed resources (like <img src="othersite.com/whatever.jpg">) and for the browser to send the user's cookies to the third-party site?
There's "ads" and "tracking" obviously but I feel like there's another actually-useful-to-users reason I'm not thinking of
Rob Norris
deechRE: https://toot.cafe/@baldur/116170661640263540
Purely by necessity I started my career working 24/7 tech support for a few years.
It didn't seem that way at the time but it's hard to overstate how formative that experience has become.
Baldur BjarnasonDevs are so disconnected from the output of their work that many of the norms of the industry are outright illegal: there's a good chance that if you follow popular practices for a React project, for example, you'll end up with a site or product that violates accessibility law in several countries
Few devs would even know where to begin to look to answer the question "does my software work for the people forced to use it?"
Lindsey KuperIn the Racket docs (https://docs.racket-lang.org/reference/pairs.html#(part._.Pair_.Accessor_.Shorthands)), these pair accessor shorthands go all the way up to four levels of nesting: caar, cadr, cdar, cddr, caaar, caadr, cadar, caddr, cdaar, cdadr, cddar, cdddr, caaaar, caaadr, caadar, caaddr, cadaar, cadadr, caddar, cadddr, cdaaar, cdaadr, cdadar, cdaddr, cddaar, cddadr, cdddar, cddddr.
BUT WHY STOP THERE?!? Why can't I write `caaaaaaaaar` and have it just work?
Alexandre BorgesExploiting Reversing (ER) series: article 07 | Exploitation Techniques | CVE-2024-30085 (part 01)
I am excited to release the seventh article in the Exploiting Reversing Series (ERS). Titled “Exploitation Techniques | CVE-2024-30085 (part 01)” this 119-page technical guide offers a comprehensive roadmap for vulnerability exploitation:
https://exploitreversing.com/2026/03/04/exploiting-reversing-er-series-article-07/
Key features of this edition:
[+] Dual Exploit Strategies: Two distinct exploit versions using Token Stealing and I/O Ring techniques.
[+] Exploit ALPC + PreviousMode Flip + Token Stealing: elevation of privilege of a regular user to SYSTEM.
[+] Exploit ALPC + Pipes + I/O Ring: elevation of privilege of a regular user to SYSTEM.
[+] Solid Reliability: Two complete working and stable exploits, including an improved cleanup stage.
[+] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability.
The article guides you through the two distinct techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow vulnerability.
I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!
Enjoy your reading and have an excellent day.
#exploit #vulnerability #cve #exploitation #infosec #informationsecurity #windows
