A one-way sandboxed iframe| Joshua.Hu | Joshua Rogers’ Scribbles
BMCs are back in the news again, with a vulnerability in Supermicros BMC being discovered that allows someone to install unsigned (read: malicious) firmware that persists across normal update paths. Since BMCs are—quite literally—backdoors on a server’s motherboard that allow remote control, this is a real problem. BMCs are the technical component of what’s commonly called a “remote management controller,” and implementations span vendors: Dell iDRAC, HPE iLO, Supermicro BMC, Leno...| Joshua.Hu | Joshua Rogers’ Scribbles
body is a small bash script that replaces a common two-shot command that I find myself running from time to time: head -n5000 file.txt | tail -n1. Basically, I want to view approximately the middle of a file, to see the middle contents. I realized that there must be a better way, and that’s why I made a small script that does what I want: it’s not head, it’s not tail, it’s body: for when you want to print (around) the middle of a file.| Joshua.Hu | Joshua Rogers’ Scribbles
In IT (and perhaps in life in general), if you’re ever doing the same thing more than once, you’re doing it wrong. Indeed; if you’re the head of application security at a browser company that uses Chromium and your role includes checking the official Google Chrome Release page every day or two in order to find out whether Google has patched some vulnerability in Chromium – so you can send a Slack message directing your browser’s developers to upgrade Chromium, to protect all of your...| Joshua.Hu | Joshua Rogers’ Scribbles
Regex is rarely a solution, but sometimes it can be helpful. One of the best bash aliases I started to use nearly 15 years ago is called ipgrep. It’s a simple alias for grep, to find IPv4 addresses.| Joshua.Hu | Joshua Rogers’ Scribbles
Tail Call Optimization (TCO) is a programming technique which allows a supportive engine to optimize functions which may call continuously call themselves. For example, take the following code:| Joshua.Hu | Joshua Rogers’ Scribbles
A Funny Idea| Joshua.Hu | Joshua Rogers’ Scribbles
Regular expressions are rarely the solution, but sometimes they can be helpful. I recently needed to create some regex which could be used to parse real domain names, and finding a definitive expression seemed to be difficult; especially one that wasn’t vulnerable to ReDoS.| Joshua.Hu | Joshua Rogers’ Scribbles
On every single keyboard I’ve used in my whole life, the tilde (`) character has been on the top left of the keyboard – until today. Apparently some Macbooks have a strange character called a silcrow (§) (or section key, or double-s key) where the tilde normally is, and there is no easy setting to change the mapping of this character in MacOS.| Joshua.Hu | Joshua Rogers’ Scribbles
MacOS Endpoint Management and MDM Systems| Joshua.Hu Joshua Rogers’ Scribbles
Joshua Rogers is an Australian technologist, penetration tester, hacker, security engineer, and security researcher. He studied at Swinburne University in Melbourne, and currently lives in Poland. He has gone under the name MegaManSec, mmsc, and Toil, and has run hacking websites such as bugabuse.net and internot.info.| Joshua.Hu Joshua Rogers’ Scribbles
Note: This post is complemented by a presentation I gave at KazHackStan 2025. The slides for that talk can be found here, or in pptx format here..| Joshua.Hu Joshua Rogers’ Scribbles
I recently compared various tools for identifying regular expressions which are vulnerable to Regular Expression Denial of Service (ReDoS), as I wanted to build a small worfflow which would flag vulnerable expressions for me.| Joshua.Hu Joshua Rogers’ Scribbles
a problem| Joshua.Hu Joshua Rogers’ Scribbles
I’m a big fan of minimizing the work required to perform a task correctly (without reducing quality), whether it be technical or otherwise. In today’s case, I’m talking about retrieving RSS/Atom feeds from Google’s Feedburner, and caching is seemingly not supported.| Joshua.Hu Joshua Rogers’ Scribbles
---| Joshua.Hu Joshua Rogers’ Scribbles
Over the past month or so, I’ve been investigating the BCM43602 chip, and its ability to: 1. work on freebsd using wifibox, 2. suspend with acpi’s s3/suspend-to-ram.| Joshua.Hu Joshua Rogers’ Scribbles
By default, FreeBSD uses the standard ntpd(8) daemon that is built with the FreeBSD world. This daemon only supports symmetric keys for encryption which must be configured per client/server duo, and thus cannot at-scale guarantee authenticity of the data received from the Network Time Protocol (NTP) server. Recent developments like RFC 8915/Network Time Security (NTS) have allowed for the automatic establishment of those keys over TLS. With a focus on both authenticity (so an attacker on-the-...| Joshua.Hu Joshua Rogers’ Scribbles
Unlike systemd-based Linux distributions, FreeBSD does not come with a switch to automatically turn on DNS-over-TLS (DoT) for the system resolver, and requires a bit of work to use an encrypted channel for domain resolution. In this post, we’ll look at how to set up DoT for FreeBSD using unbound(8), enable some hardening, and block all non-encrypted DNS traffic over port-53.| Joshua.Hu Joshua Rogers’ Scribbles