Public
Federated
Thread
replyReply to @[email protected]
They literally just use team viewer bro. Indians are retarded and want access to your machine so you give them team viewer into a vm and it's an 8 lane highway both ways. They just think they are dealing with some dumb boomer so they don't care. It's not even really hacking. They just open the door for you.
Sapphire Star
replyReply to @[email protected]
@matty@nicecrew.digital @Goalkeeper@nicecrew.digital @Myshkin@nicecrew.digital @niggy@poa.st you’re not dealing with gigabrain hackers here. One thing I learned really quick in Minecraft was the weakest link in any system is the retard who runs it and that there’s no real malware anymore, at least not that the guy pushing it understands
One person wrote actual bespoke minecraft malware ever that I can think of and it made front page news https://bukkit.org/threads/psa-malicious-plugins-nanoguard-anticheat-and-infinitedispenser.174108/page-2
Sapphire Star
replyReply to @[email protected]
@matty@nicecrew.digital @Goalkeeper@nicecrew.digital @Myshkin@nicecrew.digital @niggy@poa.st if you do want to do this from the software side instead of the meatware side, find vulnerabilities in teamviewer (I’m sure it’s Swiss cheese since it’s designed for fully consensual point to point RAT)
Phantasm
replyReply to @[email protected]
@sapphire@shortstacksran.ch @Goalkeeper@nicecrew.digital @Myshkin@nicecrew.digital @matty@nicecrew.digital @niggy@poa.st Honestly finding vulnerabilities is probably too much work. These callcenters are ran by incompetent people, systems running cracked versions of Windows (usually already EOL), cracked client software, outdated apps. To my knowledge most of these remote desktop solutions leak your IP. If they are a business, they likely don't have a NAT at the ISP level.
Just get their IP somehow and hammer the very likely vulnerable router, or target old client software with vulns when they are connected to you.
touch fluffy tail (Heroic) :verified:
replyReply to @[email protected]
@phnt@fluffytail.org @sapphire@shortstacksran.ch @Goalkeeper@nicecrew.digital @Myshkin@nicecrew.digital @matty@nicecrew.digital @niggy@poa.st these days, 0days are for spies
replyReply to @[email protected]
the real high-value stuff yeah. like web browser exploits were common everywhere a decade ago, now basically only governments use them.
"0 days" is very broad though, there's still tons of stuff out there full of very basic trivially exploitable bugs. I find vulnerabilities that are technically 0 days all the time, just mostly in random shitty software and appliances, instead of like google chrome.
generally the more black-box, there worse it is inside. often no-ones done the effort to look before.
Pawlicker 🐾😹
replyReply to @[email protected]
@niggy@poa.st @phnt@fluffytail.org @fluffy@fsebugoutzone.org @Goalkeeper@nicecrew.digital @Myshkin@nicecrew.digital @matty@nicecrew.digital @sapphire@shortstacksran.ch there's also the classic "make some retard open pdf.exe" which sometimes still works believe it or not
replyReply to @[email protected]
yeah the biggest initial access vector right now is infostealers. people see free_fortnite_vbucks.exe through google ads and download, it works. employees at massive companies.
many people overestimate how important 0-days really are. if you need to remotely hack a targeted politicians iphone then yeah, but for large organization networks you'll almost never need them.
