Pinned
Sick.Codes
7,747 posts
Sick.Codes
@sickcodes
Security researcher π¦πΊ Good-faith hacking π€‘ Weaponizing source code 𧬠github.com/sickcodes
Joined June 2020
- 35 year old Chinese man arrested in Bangkok, driving around populated areas with a SMS blaster with a 3km radio sending 1,000,000 phishing SMS per hour. "Phone users within range received a message stating: βYour 9,268 points are about to expire! Hurry up and redeem your gift
- Replying to @kwiensFor anyone who wants the technicals: - This took months - CPU is NXP imx6 - OS is Wind River Linux 8 - Model John Deere 4240 - The weird graphical artifacts are just Yocto/QT quirks n 3D transparency stuff - John Deereβs X window display server is g6wm - Everything runs as root
- Finally added the rest of the gang to Docker-OSX macOS VM's on Linux & Windows (WSL2 btw)! Full house of VM's for security research: - Monterey - Big Sur - Catalina - Mojave - High Sierra github.com/sickcodes/Dock⦠Discord discord.gg/sickchat Telegram t.me/sickcodeschat
- βAt the @DefCon security conference in Las Vegas on Saturday, the hacker known as Sick Codes [presented] a new jailbreak for John Deere & Co tractorsβ Epic stuff, thank you @lilyhnewman π₯° & @WIRED #defcon #DEFCON30 @JohnDeere
- Replying to @sickcodesWith epic just-in-time help by NZ based doom modder @Skelegant. She helped get this run using DeHacked Doom, since gzdoom was a mission. Together, we teamed up to make this happen. She is amazingly talented.
- Ok, so don't be alarmed but this is an iPhone connected remotely to a Docker container of macOS VM running on Linux using @pimskeks's usbfluxd... Yes, I'm adding it to Docker-OSX... not sure how to feel, but this is too powerful... Can literally install apps OTA worldwide...
- [RELEASE] Leaky John Deere APIβs: Serious PII & Food Supply Chain Vulnerabilities Discovered In John Deere Website Vendor's VDP: 1. I was the only researcher in the program 2. The program was created that day 3. No bounties 4. Non-disclosure No thanks!
- Thicc $10,000 bounty from @Microsoft/@msftsecresponse π And thx @Hacker0x01 for facilitating the transfer of funds π
- [RELEASE] How we hacked John Deere, Case Industrial and simulated an attack on the GLOBAL food supply chain. #cantstopthesignal If you missed it, not to worry, it will be on YouTube (forever!). Thank you π @defcon #defcon29
- Replying to @malwrhunterteamSomeone in congress will think this is real π
- Apple was supposed to be in our @DEFCON talk. We sent them the vulnerability 4 months ago. They contacted us before the talk assuring us that we wouldnβt mention them, and we said, βsure because itβs not fixed yet.β The vulnerability was discovered using a virtualized MacOS
- This tool is hilarious π you can dupe any printed circuit board you want! (not stealing this board, just testing) Generates gerber files from images which you can literally upload straight to PCB printer for a few bucks Amazing reverse engineering tool imagetogerber.wordpress.com
