Good vs. Evil

  • The FTB Forum is now read-only, and is here as an archive. To participate in our community discussions, please join our Discord! https://ftb.team/discord
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
66 when typing php code directly inside a terminal it works. When I try and execute a file, it does not :(.

edit: found the bug. I did a stupid and php doesn't want to show errors despite my script starting with
Code: 
error_reporting( E_ALL );
ini_set('display_errors', 1);
>_>
 
Last edited:
duckfan77

duckfan77

Popular Member
Mar 18, 2013
80
683
118
65 That's the point. Don't let IOT devices touch your main network. Also, there almost certainly are bugs in VLC, all software of sufficient complexity has bugs.
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
duckfan77 said:
65 That's the point. Don't let IOT devices touch your main network. Also, there almost certainly are bugs in VLC, all software of sufficient complexity has bugs.
Click to expand...
65 also, there is a password on the telnet (a custom one) and I can also change the port. I'm also pretty sure I can have it run as a user with very little rights and even if there are bugs that would allow it. How many people are setting something like that up?

If you want to exploit it you first need to break into the network of someone who uses it and then break the custom password set. Sure, its possible but I think a hacker finds it more useful to look at other attack vectors than VLC and especially an VLC instance running as a daemon listening to telnet.

edit: I may also be able to throw something like firejail over it.
 
Last edited:
triggerfinger12

triggerfinger12

Well-Known Member
Apr 17, 2017
255
457
89
Rock
6b8ada296e02dcf722cda89c7e112d18ca863795c593d9cf61cb3ddd7d20762b.jpg
 
  • Like
Reactions: GamerwithnoGame
duckfan77

duckfan77

Popular Member
Mar 18, 2013
80
683
118
67 I'm going with you're safe, I was just trying to point out that you need to make sure that you think about what you're doing with network accessible devices.
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
67 so...youtube recommended this out of the sudden
its what? A bagpipe together with a keyboard, an electric guitar and drums? Somehow it works though so you don't see me complain :p
 
GamerwithnoGame

GamerwithnoGame

Over-Achiever
Jan 29, 2015
2,808
1,507
224
70. I went from a 3 hour practical pretty much straight to a 1 hour vice-chancellor's talk. Today has been... busy.
 
You must log in or register to reply here.
Top Bottom