Skip to content

Instantly share code, notes, and snippets.

View derhuerst's full-sized avatar

Jannis R derhuerst

801 followers · 98 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active March 3, 2025 03:16
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@kj800x
kj800x / Hacking the LG Monitor's EDID.md
Last active February 23, 2025 17:57
Hacking the LG Monitor's EDID

preface: Posting these online since it sounds like these notes are somewhat interesting based on a few folks I've shared with. These are semi-rough notes that I basically wrote for myself in case I ever needed to revisit this fix, so keep that in mind.

I recently bought an LG ULTRAGEAR monitor secondhand off of a coworker. I really love it and it's been great so far, but I ran into some minor issues with it in Linux. It works great on both Mac and Windows, but on Linux it displays just a black panel until I use the second monitor to go in and reduce the refresh rate down to 60 Hz.

This has worked decent so far but there's some issues:

  • It doesn't work while linux is booting up. The motherboards boot sequence is visible just fine, but as soon as control is handed over to Linux and I'd normally see a splash screen while I'm waiting for my login window, I see nothing.
  • It doesn't work on the login screen. This would be fine if login consistently worked on my second screen, but I need to manually switch
@DavidBuchanan314
DavidBuchanan314 / widevine_fixup.py
Last active September 13, 2024 21:45
Patch aarch64 widevine blobs from ChromeOS to work on non-ChromeOS linux, including platforms with 16K page size like Apple Silicon / Asahi Linux
"""
MIT License
Copyright (c) 2023 David Buchanan
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
@Muspah
Muspah / Journey lookup without ref
Created February 10, 2023 10:53
https://mobile-riv.api.belgianrail.be/riv/v1.0/journey?trainFilter=S203061&originExtId=8833134&destExtId=8833001&date=2023-02-10&time=11%3A53%3A00&lang=nl
{
"Trip": [
{
"LegList": {
"Leg": [
{
"Destination": {
"Notes": {
@Muspah
Muspah / Departure board
Created February 10, 2023 10:51
https://mobile-riv.api.belgianrail.be/api/v1.0/dacs?query=DeparturesApp&UicCode=8833134&FromDate=2023-02-10%2011%3A51%3A23&Count=100
{
"count": 4,
"entries": [
{
"CommercialType": "S20",
"Destination1UicCode": "8833001",
"DestinationFr": "Heverlee Louvain",
"DestinationNl": "Heverlee Leuven",
@Muspah
Muspah / Journey details
Created February 10, 2023 10:50
https://mobile-riv.api.belgianrail.be/riv/v1.0/journey/detail?id=1%7C4695%7C3%7C80%7C10022023&lang=nl
{
"Directions": {
"Direction": [
{
"routeIdxFrom": 0,
"routeIdxTo": 12,
"value": "Lier & Antwerpen-Centraal"
}
@Muspah
Muspah / Journey planner
Created February 10, 2023 10:49
https://mobile-riv.api.belgianrail.be/riv/v1.0/journey?originExtId=8833001&destExtId=8821006&lang=nl&date=2023-02-10&time=11%3A48%3A51&searchForArrival=0&originWalk=1%2C%2C2000&originBike=0&originCar=0&destWalk=1%2C%2C2000&destBike=0&destCar=0&minChangeTime=0&products=116&economic=0&numF=6
{
"Trip": [
{
"LegList": {
"Leg": [
{
"Destination": {
"Notes": {
@rena2019
rena2019 / deutschlandticket.md
Last active February 12, 2025 22:42
DeutschlandTicket Anomalien

DeutschlandTicket Anomalien

Einige DeutschlandTickets sind anders als die anderen. Preislich soll es für 49EUR starten und für ganz Deutschland einen bestimmten Featureset mitbringen. Folgende Verkehrsverbunde wollen allerdings Zusatzoptionen anbieten:

Falls Ihr noch weitere kennt: einfach unten als Kommentar oder via Twitter ergaenzen

  • Dresdner Verkehrsbetriebe AG (DVB) @ Verkehrsverbund Oberelbe (VVO) bzw siehe PDF vom VVO
    • Deutschlandticket Plus Mitnahme (+10 EUR)
      Berechtigt zur Mitnahme im Verkehrsverbund Oberelbe (VVO) von einem Hund oder einem Fahrrad ohne zeitliche Einschränkung sowie einem weiteren Erwachsenen und bis zu vier Schülern bis zum 15. Geburtstag von Montag bis Freitag zwischen 18 und 4 Uhr sowie ganztags an Wochenenden und Feiertagen.
@weiland
weiland / readme.md
Created September 24, 2022 14:03
ScotRailFreeWiFi
@weiland
weiland / readme.md
Last active February 10, 2024 07:41
EurostarTrainsWifi