hank9999

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

So, I want to have a GPS Receiver driving a PPS (pulse-per-second) signal to the NTP server for a highly accurate time reference service.

Introduction

There are at least a couple of ways to propagate the PPS signal to the ntpd (NTP daemon) service, plus some variants in each case. However, the GPS device must be seen as a device that sources two different types of data:

the absolute date and time, and
the 1Hz clock signal (PPS).

The first one provides the complete information (incl. date and time) about when now is, but with poor accuracy because data is sent over the serial port and then encoded using a specific protocol such as NMEA (National Marine Electronics Association). PPS provides instead a very accurate clock but without any reference to absolute time.

Exporting your 2FA tokens from Authy to transfer them into another 2FA application

IMPORTANT - Update regarding deprecation of Authy desktop apps

Past August 2024, Authy stopped supported the desktop version of their apps:
See Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August for details.

And indeed, after a while, Authy changed something in their backend which now prevents the old desktop app from logging in. If you are already logged in, then you are in luck, and you can follow the instructions below to export your tokens.

If you are not logged in anymore, but can find a backup of the necessary files, then restore those files, and re-install Authy 2.2.3 following the instructions below, and it should work as expected.

Github : Signing commits using GPG (Ubuntu/Mac) 🔐

Do you have an Github account ? If not create one.
Install required tools
Latest Git Client
gpg tools

# Ubuntu
sudo apt-get install gpa seahorse
# MacOS with https://brew.sh/

	from itertools import permutations
	from typing import Optional

	def add(n1, n2):
	return n1+n2

	def sub(n1, n2):
	return n1-n2

	def mul(n1, n2):

-#!/usr/bin/env python3
-import sys
-PAGE, OOB= 2048, 64
-BLOCK = PAGE + OOB
-orig_dump = open(sys.argv[1], 'rb').read()
-out_dump = open(sys.argv[2], 'wb')
-nblocks = int(len(orig_dump) / BLOCK)
-for i in range(nblocks):

	To build a A12+ (AOSP/LOS based) on Ubuntu 22.04+ (or distros based on it), there are four main steps:
	(This guide is applicable for recoveries as well (TWRP, OFRP...))
	Working on Android 12 and upper

	#################################################################
	# Step 1: Setup your environment #
	#################################################################

	**Setup Linux to build Android**

	--list input devices
	ffmpeg -list_devices true -f dshow -i dummy

	--to record microphone to mp3
	ffmpeg -f dshow -i audio="Microphone (Logitech USB Headset H340)" -c:a libmp3lame -ar 44100 -b:a 320k -ac 1 output1.mp3

	--send mic to rtp multicast g.711
	ffmpeg -f dshow -i audio="Microphone (Logitech USB Headset H340)" -ac 1 -ar 8000 -ab 64 -acodec pcm_mulaw -f rtp rtp://239.0.0.1:5656

	--play received audio