Will melt your face right off your skull, And make your iPod only play Jethro Tull, And tell you knock-knock jokes while you're trying to sleep, And make you physically attracted to sheep, Steal your identity and your credit card, Buy you a warehouse full of pink leotards, Then cause a major rift in time and space, And leave a bunch of Twinkie wrappers all over the place! - “Virus Alert” by Weird Al Yankovic
The joke is that LiveOverflow thought it was an April fools joke due to various reasons. It turns out that the guy on LinkedIn was serious, his report was not an April fool's joke.
@@JohannaMueller57 Every request i've forwarded to health care equipment has fallen on deaf ears. Somehow these companies who charge a mint for products have no intentions of fixing life saving equipment running with admin/admin over http, then advocating for it to be put on a corporate WAN. As for leaving it's not some "if people start leaving they will fix problems" - It's more they'll replace you with people who don't know or don't care. The people who make products and install them are rarely the same company. Sad truth, but hey.
Thank you for your videos and hard work! Your channel covers a lot of technical details and professional knowledge that is really hard to find on the internet (in the approachable way) and which I deeply enjoy!
Ive seen Jean Pereira too many times on my linkedin feed and I just have to cringe every single time. I also love how he claims that he has learned everything himself and that he doesnt need any cybersecurity education 😂
Raymond Chen of Microsoft does an irregular blog series called "The other side of the airtight hatchway" meaning that a "security vulnerability" reported would be great if it could actually get you to the other side of the hatch (root/admin). I think in this case using sudo to run an app as root that isn't designed for that counts, since you have to already enter your credentials for sudo. And if you do that, you could just use sudo to run a malicious app directly, no need for hospital run at all.
@@hyronharrison8127 To be fair, that's the most common way it's done. We call it "social engineering." A lot of applications will actually refuse to run if they detect escalated privileges specifically to protect users from their own misguided misuse.
That's all very well, but there are a lot of cases where people do run apps as root, even though they shouldn't, because it's "easier". And in a case like this one, it's a problem to have even a privilege escalation to whatever user the software is run as. If I can become that user, I can modify patient data, even if I can't take over the machine.
So if I understood it correctly, that guy executed that program as root, then used root access to patch his custom code into the executable which opens up a TCP server. Using netcat he then connected to that server as user and executed privileged commands? This would work in every application which uses a non-compiled JIT language... Basically a really weird flex, probably to get some followers and sell his software?
not just JIT programs, it literally works on every single executable (its just a bit more complicated to patch binary code into a compiled program but you can still do it) basically this guy just claimed "sudo" was a privilege escalation technique lmao
Dude, changing a physical file is considered a vuln or even a 0-day? WTF. Yeah, but the vid you did on leeroy getting kinda fooled by JP made it a bit clearer to me. Big UP and many thanks for this enlightenment!
To be clear, he wasn't claiming that the ability to modify the file was the exploit; he was claiming that he could modify the app to perform a privilege escalation. However, in order to do so he would have to run the application as root, which is why it's not actually a vulnerability. This is why LiveOverflow also showed Mulllvad, which does have an executable that runs as root. Modifying that executable really could result in privilege escalation, but since it properly prevents modification by a non-root user, there is no vulnerability.
i really like how you've said in the beginning of the video "last time i sadly couldnt find a vulnerability. but this time i do a challenge so we can definitely find one!" and there's still not a real issue :D but still very informative bro! keep it up hacker boy! liebe grüße.
after working for US customer for 10+ years every time i see date like 06-04-2023 my brain refuses to accept such date format I just assume it can be both if I need to record a date somewhere I use 2023-06-04
11:46 so Privilege Escalation is more of a Privilege Declaration, on to or via a root daemon. It's not user becoming root, it’s user communicating through an already root system.
In a real attack, it could be a program, not a human user. So it's a virus that gets onto the target machine in a non-root way (like in a mail attachment), and then "escalates" itself by forcing the root daemon to... for example, install the command "run this virus as root" into the system's task scheduler, so that it's launched on every system restart.
These kind of open sources may be used in testing environments in companies. The most useful thing is to use them as 3rd party vendors for integration testing purposes. So it may be not viable for production but students and testing teams may find it useful.
@@UC1kVaZyvOs39Y it's been two month from your comment, but you hopefully see this. I know people that want to make business with that guy. Can you give me some more detailled information why to not make business with him? appreciate it
0daytoday is an ExploitDB clone and the admin tricks people into buying fake exploits. All of the user accounts are the same person, there are videos about this. Great video LO! Just wanted to warn people of this...
What>??? Was the original post a joke or not? I am a bit confused by the end bit... excerpt: "This code, was not prepared ahead of april fools day? Bingo! You know what else was not an april fools joke but looks like one? [...]" Very clever video
the original post was meant seriously, hence why liveOverflow was blocked, but the exploit shown came from malpractice from the guy that presented the exploit on the 0day site.
@@chri-k I think they meant other way around. For example, when you install steam on linux, and try to run it as root, it will immediately exit with an error message like "It's not safe to run steam as root, don't do that"
I know very little about security, stumbled across this randomly. But it seems strange to me that entering the password for a regular user is sufficient to install a root daemon. Shouldn't anything that runs as root require entering the root password?
Maybe I'm just stupid but why can the vpn install a certain part that runs with root privileges? You only entered your non root user password it seemed. Doesnt that mean we could just write our own installer that asks for user password but puts malicioua code under a root level part?
what you think is the "non root user password", gives the root permissions. Ever used Linux with sudo? When your user belongs to the sudo group you also enter YOUR user's password to execute a command as root.
the guy that posted the exploit used malpractice and ran the program as root to make it seem like he had a crazy exploit, but its just that: malpractice and a joke at best
@@okolol Maybe something like we have on Android or iOS where a VPN app would consist of a UI and a helper running as an unprivileged daemon, which I assume is able to interface with the operating system's network interface.
@@okololfrom what i understand (which is admittedly not much), you cant screw with other users' settings because there can be at most one concurrent login* so it's fine to let the app overwrite all the settings * ssh isnt real!!! /s
@@TheDuckPox I'm sure while you don't need root access in android, you do need special permission to configure the user vpn settings. and yes, it's per user basis, I've tried it. but I don't know much about ios nor macos.
@@pitust yea, why would you modify other user settings though? you will only need to modify the current user settings, and if you want to make it system wide, then just use root.
@@khill8645 well the xnu kernel is basically the mach kernel from Carnegie Mellon university, a BSD subsystem and a lot of custom code added to o it, so it's not related to unix in the strictest sense, however that BSD part was made by actually replacing every source file from the og unix source code release with reimplementations made by the Berkeley University developers that originally made BSD, so it's a compatible program, but it's not actually unix and of course it's not really the base of the xnu kernel, but a subsystem that it's used to provvide an interface for programs to run on and to have compatibility with existing unix/bsd software. So xnu it's actually it's own very wired beast.
If comic sans made it to the front of goverment buildingfs and coins and stuff i bet your font can get far as well! haha and no nothing is worse then comic sans
There isn't a vulnerability (that we know about) even if you install and run it as root. You would then need to be root to be able to rewrite the ASAR. "Elevating privileges" from root to root doesn't gain you anything.
Hi, please note that 0daydottoday is SCAM, please dont do advertisements for them cause naive ppl still get caught by their “5k for instagram takeover exploit”
When the author's comment said- "[This exploit] can change your blood group". I honestly believed this was an April Fool's joke for a second...
Will melt your face right off your skull,
And make your iPod only play Jethro Tull,
And tell you knock-knock jokes while you're trying to sleep,
And make you physically attracted to sheep,
Steal your identity and your credit card,
Buy you a warehouse full of pink leotards,
Then cause a major rift in time and space,
And leave a bunch of Twinkie wrappers all over the place!
- “Virus Alert” by Weird Al Yankovic
The sad thing here is that this isn't a joke. It's just Jean Pereira being an infosec fraud.
liveoverflow just made this so exciting!
He made a video about him on LiveUnderflow (in german)
The "it's not an April Fools joke" to "it is" to "it is not" was too good 😂
@@zorkman777 It was not. This guy does this regularly.
@@MartinHaunschmid So it was neither?
The joke is that LiveOverflow thought it was an April fools joke due to various reasons. It turns out that the guy on LinkedIn was serious, his report was not an April fool's joke.
Thank you for rekindling my disgust towards the LinkedIn community
As someone who installed critical infrastructure around the health care sector for a while here my heart was racing.
@@JohannaMueller57 Every request i've forwarded to health care equipment has fallen on deaf ears. Somehow these companies who charge a mint for products have no intentions of fixing life saving equipment running with admin/admin over http, then advocating for it to be put on a corporate WAN.
As for leaving it's not some "if people start leaving they will fix problems" - It's more they'll replace you with people who don't know or don't care. The people who make products and install them are rarely the same company.
Sad truth, but hey.
Thank you for your videos and hard work! Your channel covers a lot of technical details and professional knowledge that is really hard to find on the internet (in the approachable way) and which I deeply enjoy!
Ive seen Jean Pereira too many times on my linkedin feed and I just have to cringe every single time. I also love how he claims that he has learned everything himself and that he doesnt need any cybersecurity education 😂
The mic drop at 11:40 is amazing
Raymond Chen of Microsoft does an irregular blog series called "The other side of the airtight hatchway" meaning that a "security vulnerability" reported would be great if it could actually get you to the other side of the hatch (root/admin). I think in this case using sudo to run an app as root that isn't designed for that counts, since you have to already enter your credentials for sudo. And if you do that, you could just use sudo to run a malicious app directly, no need for hospital run at all.
Imagine my vuln writeup:
You have to beg them to misuse the application but THEN...
@@hyronharrison8127 To be fair, that's the most common way it's done. We call it "social engineering." A lot of applications will actually refuse to run if they detect escalated privileges specifically to protect users from their own misguided misuse.
That's all very well, but there are a lot of cases where people do run apps as root, even though they shouldn't, because it's "easier". And in a case like this one, it's a problem to have even a privilege escalation to whatever user the software is run as. If I can become that user, I can modify patient data, even if I can't take over the machine.
Even in a situation like this, I find you inspirational. Thanks for your videos and content
Bingo. Thanks for the video. Its amazing explain a lot about some hype that coming and go in cyber security.
"On Mac, like many other Linux-distros, ..." LMAO
Einfach nur danke für dieses Video!!
Awesome journey! I literately feel it like a real research! Love the video, thanks!
So if I understood it correctly, that guy executed that program as root, then used root access to patch his custom code into the executable which opens up a TCP server. Using netcat he then connected to that server as user and executed privileged commands? This would work in every application which uses a non-compiled JIT language... Basically a really weird flex, probably to get some followers and sell his software?
not just JIT programs, it literally works on every single executable (its just a bit more complicated to patch binary code into a compiled program but you can still do it)
basically this guy just claimed "sudo" was a privilege escalation technique lmao
liveoverflow also said that there are no privileged processes 11:03
He isn't wrong lol@@DFsdf3443d
First Name: Live
Last Name: Overflow
Reason for visit: Brain too big.
Hahahahahaha nice
The bingo middle finger got me ngl.
Really good Video.
Dude, changing a physical file is considered a vuln or even a 0-day? WTF.
Yeah, but the vid you did on leeroy getting kinda fooled by JP made it a bit clearer to me. Big UP and many thanks for this enlightenment!
Maybe?? If thr electron binary was run as root but the asar file was world writable itd make sense. But its not ...
To be clear, he wasn't claiming that the ability to modify the file was the exploit; he was claiming that he could modify the app to perform a privilege escalation. However, in order to do so he would have to run the application as root, which is why it's not actually a vulnerability. This is why LiveOverflow also showed Mulllvad, which does have an executable that runs as root. Modifying that executable really could result in privilege escalation, but since it properly prevents modification by a non-root user, there is no vulnerability.
Wait what...that was a great suspense 😂
4:07 "Now on mac, like many other linux distros," hmmm
Truly an informative, comprehensive and entertaining video + Bingo. One of my favorites, thanks for the great effort. Congratulations pal!
i really like how you've said in the beginning of the video "last time i sadly couldnt find a vulnerability. but this time i do a challenge so we can definitely find one!" and there's still not a real issue :D but still very informative bro! keep it up hacker boy! liebe grüße.
hätte gleich deutsch schreiben können merke ich gerade ahha
and that is why specifying d/m/y or m/d/y is important
after working for US customer for 10+ years every time i see date like 06-04-2023 my brain refuses to accept such date format
I just assume it can be both
if I need to record a date somewhere I use 2023-06-04
@@Z3rgatul that's totally, fine, either go big to small or small to big. But m/d/y is ludicrous, same goes for most imperial measurements.
Always yyyy-mm-dd
No matter how you write that date it was not April 1st
11:46 so Privilege Escalation is more of a Privilege Declaration, on to or via a root daemon.
It's not user becoming root, it’s user communicating through an already root system.
In a real attack, it could be a program, not a human user. So it's a virus that gets onto the target machine in a non-root way (like in a mail attachment), and then "escalates" itself by forcing the root daemon to... for example, install the command "run this virus as root" into the system's task scheduler, so that it's launched on every system restart.
These kind of open sources may be used in testing environments in companies.
The most useful thing is to use them as 3rd party vendors for integration testing purposes.
So it may be not viable for production but students and testing teams may find it useful.
> Replace executable with your own modified one.
> Run as root.
> Profit 1000 linkedin karma from reactionary dimwits.
So was the original guy just spreading misinformation?
@@UC1kVaZyvOs39Y it's been two month from your comment, but you hopefully see this. I know people that want to make business with that guy. Can you give me some more detailled information why to not make business with him? appreciate it
0daytoday is an ExploitDB clone and the admin tricks people into buying fake exploits. All of the user accounts are the same person, there are videos about this. Great video LO! Just wanted to warn people of this...
The mic drop at 11:44 😂😂
What>???
Was the original post a joke or not?
I am a bit confused by the end bit...
excerpt:
"This code, was not prepared ahead of april fools day?
Bingo!
You know what else was not an april fools joke but looks like one?
[...]"
Very clever video
the original post was meant seriously, hence why liveOverflow was blocked, but the exploit shown came from malpractice from the guy that presented the exploit on the 0day site.
Great one!🤣
Ayi Sabashhh
Why doesn't Michael Cera act in films? Passionate about hacking apps. Actually just found your channel, very cool content.
its the best joke to know i laughed very hard in a while
Watching this after movie Babylon so finally I get some drama genre 🙂
Please make one amazing hacking video playlists ❤❤❤
😂😂😂 Love youuu
🤔 ive seen some apps that check at the start if they are run as root and then stop execution
that’s done by software which by design allows arbitrary code to be executed ( package managers, for example )
@@chri-k I think they meant other way around. For example, when you install steam on linux, and try to run it as root, it will immediately exit with an error message like "It's not safe to run steam as root, don't do that"
@@hikkamorii yes, because steam also allows arbitrary code to be executed on your computer.
brilliant piece of media
I'm just a comment for the algorithm.
lol lol lol, loved it
I know very little about security, stumbled across this randomly. But it seems strange to me that entering the password for a regular user is sufficient to install a root daemon. Shouldn't anything that runs as root require entering the root password?
Your user is part of the sudo group, so entering your password is sufficient to grant root permissions.
I hope in the future you make more hardware hacking vids
You really look like Christopher Slater as Mr. Robot.
lol @ broadcasthost, love that [3:44]
i found you with the Minecraft stuff on your channel, is there any new minecraft stuff upcomming ?
😂😂 great video as always
it was nice Broooooo
I am confusion
Within 1 hour gang!! So excited to see the video past 3:56!!
Grifter gets called out: a video presentation
i think it would be fine to call out the fact that this person is obv. attempting to bullshit others. its not a nice thing to do.
ngl he had us in the first 20 mins :D
Maybe I'm just stupid but why can the vpn install a certain part that runs with root privileges? You only entered your non root user password it seemed. Doesnt that mean we could just write our own installer that asks for user password but puts malicioua code under a root level part?
what you think is the "non root user password", gives the root permissions. Ever used Linux with sudo? When your user belongs to the sudo group you also enter YOUR user's password to execute a command as root.
this is hilarious
Bingo!
Push!
You forgot the end cards :P
Tq
so cool xD
What is the name of this phenomenal 😅
why tho
I don't understand, are we expecting a sequel ?
the guy that posted the exploit used malpractice and ran the program as root to make it seem like he had a crazy exploit, but its just that: malpractice and a joke at best
I just got a linkedin request from this guy??????? like, what?
July Fools
Broo......App sec video or a Christopher Nolan movie ????
It seems that on macOS, you don't need root to make a VPN (for example, tailscale doesn't include a root daemon)
but how does it do it exactly?
I'm thinking maybe there's a way for you to configure the USER SPECIFIC network settings, so no root access required.
@@okolol Maybe something like we have on Android or iOS where a VPN app would consist of a UI and a helper running as an unprivileged daemon, which I assume is able to interface with the operating system's network interface.
@@okololfrom what i understand (which is admittedly not much), you cant screw with other users' settings because there can be at most one concurrent login* so it's fine to let the app overwrite all the settings
* ssh isnt real!!! /s
@@TheDuckPox I'm sure while you don't need root access in android, you do need special permission to configure the user vpn settings. and yes, it's per user basis, I've tried it. but I don't know much about ios nor macos.
@@pitust yea, why would you modify other user settings though? you will only need to modify the current user settings, and if you want to make it system wide, then just use root.
was it a joke or not ?
the hacker news bdarija
Brain too small LMAO
"on mac like any other linux distro" man have you forgotten that modern macos is based on the xnu kernel?
It seems perfectly cromulent, I don't think any of us have figured out a way to pronounce '*nix' yet
@@khill8645 well the xnu kernel is basically the mach kernel from Carnegie Mellon university, a BSD subsystem and a lot of custom code added to o it, so it's not related to unix in the strictest sense, however that BSD part was made by actually replacing every source file from the og unix source code release with reimplementations made by the Berkeley University developers that originally made BSD, so it's a compatible program, but it's not actually unix and of course it's not really the base of the xnu kernel, but a subsystem that it's used to provvide an interface for programs to run on and to have compatibility with existing unix/bsd software. So xnu it's actually it's own very wired beast.
🤓
@@piecaruso97 It isn't about 'custom code' or whatever, it's just about POSIX compliance.
that was fully intentional
This video isn’t funny the first time through. But it is the second time.
If comic sans made it to the front of goverment buildingfs and coins and stuff i bet your font can get far as well! haha and no nothing is worse then comic sans
what
After your video, he removes the post on linkedin lel
Android does it right, 3rd party VPN need no root.
The twist. Lmao hahahaha
9:24 "how [] can look like" -> downvote
Hey, i found the liveoverflow smp! And i made a mod for it!
zero day exploit 😂
I don’t get the Joke
Morawiecki na miniaturce
🤪
lol?
the software shouldnt allow the user to run it as root. making it a software issue not a user issue .
There isn't a vulnerability (that we know about) even if you install and run it as root. You would then need to be root to be able to rewrite the ASAR. "Elevating privileges" from root to root doesn't gain you anything.
I'm american, have never seen yyyy/dd/mm, we're notorious for going month then day.
Hi, please note that 0daydottoday is SCAM, please dont do advertisements for them cause naive ppl still get caught by their “5k for instagram takeover exploit”
what’s that?