Discover gists

Vulnerability Report - BYD QIN PLUS DM-i - Dilink OS - Incorrect Access Control

Product: BYD QIN PLUS DM-i - Dilink OS

Vendor: https://www.byd.com/

Version: 3.0_13.1.7.2204050.1.

Vulnerability Type: Incorrect Access Control

Recommended Extentions:

uBlock Origin

https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

Settings

Make sure the following options are off:

Disable pre-fetching

Pwntools Cheatsheet

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

Headings (H1-H6)

font-family: Roboto,-apple-system,BlinkMacSystemFont,"Helvetica Neue","Segoe UI","Oxygen","Ubuntu","Cantarell","Open Sans",sans-serif;

Body

font-family: -apple-system,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";

Active StarUML on Window/MacOS/Linux

Step 1: Download and install StarUML Ver6 from main website https://staruml.io
Step 2: Download app.asar file from https://drive.google.com/file/d/1_sKvHVL6SebnYF73iZxSWD9l48Pddzvj/view?usp=sharing
Step 3: Copy app.asar file download in step 2 (Override app.asar file)
- Window: C:\Program Files\StarUML\resources
- MacOS: /Applications/StarUML.app/Contents/Resources/
- Linux: /opt/StartUML/resources
Step 4: Open StarUML app to use

uci set 'network.lan.ipv6=0'
uci set 'network.wan.ipv6=0'
uci set 'dhcp.lan.dhcpv6=disabled'

# Disable RA and DHCPv6 so no IPv6 IPs are handed out
uci -q delete dhcp.lan.dhcpv6
uci -q delete dhcp.lan.ra

# Disable the LAN delegation

Retrieving VMware Workstation VM encryption passwords saved in the the Windows Credential Manager

When creating an encrypted VM, VMware Workstation gives you the option to remember the password. It does this by storing the password in the Windows Credential Manager.

VMware does not provide a way to retrieve this stored password, but it can be accessed via the Win32 CredReadW API function.

There are a number of PowerShell projects including PowerShell Credential Manager which provide access to this API, but in testing I found they were unable to correctly display the VMware password.

This PowerShell example has been tested using Windows PowerShell (v5.1) and PowerShell (v7) using VMwa

	using System;
	using System.Collections.Generic;
	using Cysharp.Threading.Tasks;
	using Unity.Services.Authentication;
	using Unity.Services.Core;
	using Unity.Services.Multiplayer;
	using UnityEngine;
	using UnityUtils;

	public class SessionManager : Singleton<SessionManager> {

	// Author: SwiftUI-Lab (www.swiftui-lab.com)
	// Description: This code is part of the "Advanced SwiftUI Animations - Part 5"
	// Article: https://swiftui-lab.com/swiftui-animations-part5/

	import SwiftUI

	struct ContentView: View {
	var body: some View {
	DigitalRain()
	}