5326
Tech tricks, news, hacking tutorials and dark web guides. Group: @GEEKkernel
This is funny! It's like "Now I got you" moment for the Bitcoiners.
Silicon Valley bank filed for bankruptcy protection today.
Hey ,I'm recruiting good hackers.
Good opportunity. Inbox me @aelpa
Need only two ,good hackers.
friendly_/bypassing-cloudflares-waf-b1b83a50fb2f?source=social.tw" rel="nofollow">https://medium.com/@friendly_/bypassing-cloudflares-waf-b1b83a50fb2f?source=social.tw
Читать полностью…
https://github.com/DeFiFoFum/ApetasticERC20Factory/blob/main/contracts/ApetasticERC20Factory.sol
Read this smart contract code and try to understand.
https://eip2535diamonds.substack.com/p/understanding-delegatecall-and-how?s=r
Helpful article about delegatecall in solidity.
The Dedaub team has disclosed a Critical vulnerability to the Uniswap team!
Funds are safe - Uniswap addressed the issue and redeployed the Universal Router smart contracts on all its chains 👏
The vulnerability allows re-entertrancy to drain the user's funds, mid-tx.
#Uniswap recently introduced the Universal Router. It unifies ERC20 and NFT swapping into a single swap router. Users can perform heterogenous actions, e.g., swapping multiple tokens and NFTs in one tx.
This router embeds a scripting language for all sorts of token actions.
Such commands could include transfers to third party (potentially untrusted) recipients. In a correct implementation, such a transfer should send to the recipient only what the call parameters specify.
And nothing more.
However, if third-party code is invoked at any point in the transfer (which manifests itself due to composition of protocols), the code can reenter the UniversalRouter and claim any tokens temporarily in the contract.
·
One part of the PoC was implemented below.
The attacker also needs to implement code to reenter the router (calling execute) and sweep all token amounts.
The router may contain funds mid-transaction due to other actions and transfers in a complex swap...
Image
E.g.,
1) transfer an NFT
2) transfer the remaining funds.
The receipient of the NFT can easily reenter UniversalRouter (between steps 1 & 2) by calling transfer or sweep inside its onERC721Received handler and drain the entire amount!
We advised the Uniswap team to add a reentrancy lock to the core execution of the new router, and redeploy.
This modification was swiftly implemented, fixing the issue before the router gaining mass adoption: https://library.dedaub.com/contracts/Ethereum/0xef1c6e67703c7bd7107eed8303fbe6ec2554bf6b/source?line=2787
Dedaub
@dedaub
·
Jan 2
We thank the @Uniswap
team for awarding a bug bounty.
Further reading:
media.dedaub.com
Uniswap Bug Bounty
By the Dedaub team
source : Dedaub
መገናኛ ቀናችን ቅዳሜ ይሁን ወይስ እሁድ?
1. ቅዳሜ (1 / 5) – 20.00%
nige24
2. እሁድ (4 / 5) – 80.00%
Selam, usra4ever, Anonyguy, Birtukahn Jesus
Last updated: 2023-01-04 09:45:39 EET
Summary: Jabber/ XMPP Is a secure messaging protocol
with many advantages in addition to many features
in the cryptography domain. Although it's not as
popular, it's still being actively maintained and utilized.
Cryptography: It uses End-to-End signing to ensure that both parties receive
the validated message sent/ recv. to ensure it hasn't been compromised
through various interception techniques such as over-the-wire packet interception
or other attacks such as SSL stripping, etc. A massive feature is OTR (Off-the-Record)
protocol. It's data is hashed with a combination of encryption such as the Diffie-Hellman
and SHA-1 hash. In addition, it requires both parties to utilize at once instead of the basic
XMPP/ Jabber client. Highly advised in sensitive situations.
Resources:
- (1) https://www.jabber.de/was-ist-jabber/ -- "What is Jabber/ XMPP"
- (2) https://xmpp.org/getting-started/ -- "How to setup Jabber/ XMPP"
- (3) https://wiki.xmpp.org/web/OTR#:~:text=Off%2Dthe%2DRecord%20Messaging%2C,the%20SHA%2D1%20hash%20function.
Notes:
- There isn't just one server to utilize. There are plenty out there. Lastly, it's
not up to the server but to you to secure your communications as the client.
If you need assistance, feel free to tag or PM me.
author:cosmo
🚨 Grayscale and parent company Digital Currency Group, which owns 633,000 BTC, seem to be in big trouble: - The discount of GBTC to Grayscale Bitcoin Trust net asset value hits a record 42.7%. - It is reported that the Digital Currency Group must begin to liquidate part of the fund in 633,000 BTC in order to restore the situation. Grayscale declined to provide proof of reserves, citing "security concerns" and also indicated that all funds are held by Coinbase. - Removed page with team members on Digital Currency Group website (archived). - Grayscale's problems began during the collapse of Luna and Three Arrows Capital, and FTX finished them off (the relationship of Grayscale and DCG with other companies in the picture below). All Grayscale coins belong to them, not to clients. The role of the company was to provide 1 share of GBTC with storage of 1 BTC.
Source:Daniil
origins.
Even cryptocurrencies with stronger privacy assurances, however, aren’t automatically safe from government seizures. Some of the $3.6 billion recovered in March, for instance, was in the form of monero, a cryptocurrency designed to obfuscate the trails of funds within its blockchain by mixing up the payments of multiple users. Using techniques that still aren’t clear, the IRS was able to recover the monero funds anyway.
Zhong is scheduled to be sentenced on February 22, 2023.
Source: Arstechnica
Source URL: https://arstechnica.com/information-tech...silk-road/
New opera mini trick for mtn-Sa
1:Tick: ☑️Remove Port
2:back Query:apps.mtnplay.mobi
3:Proxy type:(Real Host or Dual real host)
4:Proxy server:mtnplay.mobi
5:Username:D-k free net
Password:1234567890
6:Child protection:www.nextwap.net
Enjoy free browsing
On April 21, 2023, Adidas launched a new line of NFTs called "Into the Metaverse." The NFTs were sold on the Ethereum blockchain and were priced at 0.2 ETH each. Within minutes of the launch, the NFTs were sold out. However, it soon became clear that something was wrong. A single user had managed to purchase 165 times more NFTs than allowed.
The user had found an exploit in the smart contract which allowed them to scoop up NFTs at a much lower price than everyone else. The smart contract used in the auction had a block of code that checked the wallet to see if they had purchased any tokens before. The exploiter realized that they could create a new wallet for each purchase, and the smart contract would not be able to detect it.
As a result of the exploit, the user was able to purchase NFTs worth over $3 million for just $300. Adidas has since apologized for the exploit and has promised to refund the user's money. However, the incident has raised concerns about the security of NFTs and the need for better regulation in the NFT space.
Here are some of the key takeaways from the Adidas NFT exploitation:
NFTs are still a new technology and there are security risks associated with them.
It is important to do your research before buying an NFT and to make sure that you are buying from a reputable source.
If you are considering buying an NFT, it is important to understand the risks involved and to take steps to mitigate those risks.
https://www.youtube.com/watch?v=Xvx4fN5bv-Q
awesome hands-on reentrancy exercise.
"I'm so tired bros: I'm 22 and I have $160k to my name. I grew up pretty poor and did a gamble on crypto a few years ago. The only problem is that everything has skyrocketed in price. I'm spending $1500 a month on rent. I'm graduating with an English degree in August. I don't want to work. I wish I had ambition early on and had gone the comp sci route. I don't know what to do anymore. I live in the USA and I don't know if there is any place worth living here. Should I just move abroad and teach English? I guess I could learn coding on the side or something. I'm very depressed and have self esteem issues. I've been thinking about ending it all for a while now, but I guess I may as well give life a shot. I've only ever had retail experience and I thought about being a wagie for Starbucks or Costco, but then reality set in and I realized yet again that I would rather die than work at those places. My ultimate goal is to just work from home if I have to work. That's all I need. I wish I would've just dropped out of school and I've still debated it. Growing up poor really does fuck you up, boys. I've thought about getting a therapist and psychiatrist, but I don't wanna waste thousands of money on what could be used towards my future home. Does anyone have any advice? I mean I do acknowledge that $160k is a good chunk of change, and I guess plenty of other people have gotten worthless degrees too. I wanna get back into exercising and eating healthy because I feel like that'd be a mood booster. I kind of just wish I had never been born a lot because all life is, is a boring rat race. I want a nice home, but it just takes so much god damn money. And healthcare is absurdly expensive in the US. Should I just get my passport and leave? Are they really gonna take a 22 yr old with no meaningful skills?"
From 4chan
https://insiderpaper.com/us-offers-10-million-for-mastermind-of-2019-kenya-hotel-siege/
Читать полностью…
https://dev.to/rushanksavant/delegate-call-order-of-variables-4k3
Interesting.
https://chat.openai.com/
It's the cool gift that 2021 have gave us ,when we were about to leave the year behind.
2021, rest in the almighty peace.
chatgpt helps on explaining questions on simple terms with examples.
it should help on your learning curve!
This poll is closed.
Which web3 project's vulnerable code was this?...
1. Cosmos (0 / 1) – 0.00%
2. Bored Ape (0 / 1) – 0.00%
3. Reimagined Finance (0 / 1) – 0.00%
4. Olympus DAO (1 / 1) – 100.00%
Retro099
Last updated: 2023-01-04 10:01:58 EET
Hello is there anyone has writerbay, writershark account?
Or any other writer accounts?
Please inbox me @intelon
update any Chromium browsers (Chrome, Brave, etc) NOW https://www.forbes.com/sites/daveywinder/2022/03/26/google-confirms-emergency-security-update-for-32-billion-chrome-users-attacks-underway
Old but important info
Fresh FTX app update available, don't update. get far away from it.
most likely has a purpose to steal your private keys.
Federal prosecutors have recovered $3.36 billion in bitcoin that was stolen a decade ago from Silk Road, the dark web bazaar responsible for distributing massive quantities of illegal drugs and other illicit goods and services to people worldwide.
Last November, federal agents executing a search warrant on a then-defendant’s Gainesville, Georgia, house seized a little more than 50,491 bitcoin that was stashed in an underground floor safe and on a “single-board computer” that was submerged under blankets in a popcorn tin stored in a bathroom closet, the Justice Department said on Monday. During the same search, agents recovered $661,900 in cash, 25 Casascius coins (physical bitcoin) with an approximate value of 174 bitcoin, 11.1160005300044 additional bitcoin, and four one-ounce silver-colored bars, three one-ounce gold-colored bars, four 10-ounce silver-colored bars, and one gold-colored coin.
A $3.3 billion mystery
At the time, the haul was the biggest cryptocurrency seizure in US Justice Department history and today remains the department’s second-largest financial seizure ever, behind a $3.6 billion seizure prosecutors made earlier this year from a married couple charged with money laundering.
The $3.36 billion belonged to James Zhong, 32, of Gainesville and Athens, Georgia. On Friday, Zhong pled guilty to one count of wire fraud, an offense that carries a maximum sentence of 20 years in prison.
“James Zhong committed wire fraud over a decade ago when he stole approximately 50,000 bitcoin from Silk Road,” Damian Williams, US Attorney for the Southern District of New York, said in Monday’s release. “For almost 10 years, the whereabouts of this massive chunk of missing bitcoin had ballooned into an over $3.3 billion mystery. Thanks to state-of-the-art cryptocurrency tracing and good old-fashioned police work, law enforcement located and recovered this impressive cache of crime proceeds.”
Prosecutors said Zhong executed a sophisticated scheme to defraud Silk Road of what was about $650,000 worth of bitcoin, based on the value of the cryptocurrency when the fraud took place in September 2012. To execute the plan, prosecutors said Zhong created about nine Silk Road accounts and funded them with an initial deposit of 200 to 2,000 bitcoin. Zhong then triggered 140 transactions in rapid succession to trick the Silk Road withdrawal-processing system into releasing about 50,000 bitcoin into the accounts.
“As an example, on September 19, 2012, Zhong deposited 500 bitcoin into a Silk Road wallet,” prosecutors said. “Less than five seconds after making the initial deposit, Zhong executed five withdrawals of 500 bitcoin in rapid succession—i.e., within the same second—resulting in a net gain of 2,000 bitcoin.”
One of Zhong’s other fraud accounts made a single deposit and more than 50 withdrawals before the account ceased its activity. Within a few days of the transactions, Zhong moved the bitcoin out of Silk Road and consolidated them into two high-value amounts.
When bitcoin performed a hard fork coin split in August 2017, Zhong’s 50,000 bitcoin windfall received a matching number of bitcoin cash coins. Zhong used an overseas exchange to convert the bitcoin cash to about 3,500 bitcoin, bringing his total take to roughly 53,500 bitcoin.
Starting earlier this year, Zhong started voluntarily surrendering a little more than 1,004 bitcoin to federal authorities.
Silk Road operated from 2011 to 2013 and was used to trade illicit goods around the world. The platform’s founder, Ross Ulbricht, was sentenced to life in prison in 2015.
IRS Criminal Investigation Special Agent in Charge Tyler Hatcher said that once Zhong completed the heist, “he attempted to hide his spoils through a series of complex transactions which he hoped would be enhanced as he hid behind the mystery of the ‘darknet.’” In reality, the bitcoin blockchain provides a history of every single transaction, which forensic investigators can use to trace stolen coins even when they pass through tumblers and other tools designed to obscure their
Want to buy Hacked paypal account with 787Eur or 977USD by Only 200usd?
Then inbox me @zainpro
