Skip to content

We Should Immediately Nationalize SpaceX and Starlink

Technology
496 196 1.8k
  • On PH today – would love support

    Technology technology
    1
    2
    0 Stimmen
    1 Beiträge
    11 Aufrufe
    Niemand hat geantwortet
  • Twitter opens up to Community Notes written by AI bots

    Technology technology
    9
    1
    44 Stimmen
    9 Beiträge
    55 Aufrufe
    G
    Stop fucking using twitter. Stop posting about it, stop posting things that link to it. Delete your account like you should have already.
  • 947 Stimmen
    85 Beiträge
    446 Aufrufe
    L
    Yeah this thread ended up being more hostile to regular Americans than I intended but US culture and US global hegemony are the things that attract and amplify the shitty people from around the world. USA is the final boss of capitalist imperialism and the people have completely lost control over the reins. It's now a matter of when they actually say enough is enough, be it now or after Fascism runs its course and hurts millions of others around the world as well.
  • Is Google about to destroy the web?

    Technology technology
    86
    1
    240 Stimmen
    86 Beiträge
    391 Aufrufe
    B
    I hate google enough to pay 5$/mo for Kagi - it puts a smile on my face everytime I go to search and know that I'm not supporting google
  • 324 Stimmen
    18 Beiträge
    93 Aufrufe
    D
    Do you think a plumber dreams about being a plumber?
  • Looking elsewhere

    Technology technology
    3
    1
    7 Stimmen
    3 Beiträge
    23 Aufrufe
    J
    That's a valid point! I've been searching for places to hangout for a while, sometimes called "campfires". Found a cool Discord with generous front-end folks (that's a broad spectrum!), on frontend.horse.
  • 1 Stimmen
    8 Beiträge
    40 Aufrufe
    L
    I think the principle could be applied to scan outside of the machine. It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack. There's no reason it can't make requests to 10.10.10.1:{port} as well. Of course you'd need to guess the netmask of the network address range first, but this isn't that hard. In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range. If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers. From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on. I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.
  • 0 Stimmen
    2 Beiträge
    16 Aufrufe
    A
    How about right now? How's that going?