Marcus HutchinsVerifizierter Account

Been doing bonus content for subscribers but every platform keeps adding its own subscription model and it's become so convoluted. It'd be nice to centralize on my website but don't want to be responsible for user data. Considering transitioning to a sponsor driven model instead.

The comments on my patch analysis video has motivated me to do more. Recorded about 1.5hrs of reversing then cut it down to a 7min video. Was sure it wouldn't work and I'd skip too much for it to be helpful, but apparently not. Will try do slightly longer next time tho.

"Elon knew twitter would implement a poison pill, it's all part of his plan" *checks time* Woah, would you look at that. It's projecting superhuman intelligence onto impulsive men's bad decisions time already. I'll get printing the Musk America Great Again hats.

Something I found early on is that my happiness from more money decreased exponentially and I quickly reached a point where my overall quality of life was improved more by adding happiness to my work day instead of investing it into more money to spend in my free time.

The only thing that beats working from home in a job that doesn't enforce set work hours is retirement. So, whatever money I'd need to retire in a year.https://twitter.com/cybersecmeg/status/1515053697620918286 …

I can't decide if to convince more cybersecurity people that TikTok is no worse for privacy than other platforms or just enjoy the lack of competition

This works except for the part where there are billions of people working hard their whole life and not getting rich because there is literally no correlation between hard work and wealth.https://twitter.com/marceloclaure/status/1514906537474633730 …

Full volume EDM is the most important part of reverse engineering, everything else can be substituted.

Just spent $45 on a pizza and 1 side. Not sure if inflation or just LA but

Wow, just hit 300,000 followers. I don't know how or why, but thank you

Yeah bro, so weird for a hacker not to want a platform dominated by Nazis. I thought computer hacking was all about.... *checks notes* ethnic cleansing?https://twitter.com/Nopninja/status/1514713249022889988 …

Not sure I like the part of capitalism where Elon Musk can afford to buy and ruin anything I enjoy. The last thing Twitter needs is to become 8chan 2.0 in the name of "free speech".https://twitter.com/AP/status/1514555018560655364 …

AFIK Microsoft gives out detailed information on vulnerabilities to MAPP members, but then the NDA would prevent me doing the things I need to do, so 10000 hours of patch analysis it is

This is the same problem I've been running into with exploiting CVE-2022-26809. It's possible to hit the exploitable code by creating a custom RPC server, but it's not yet clear which (if any) reachable RPC services have the exploitable configuration.https://twitter.com/splinter_code/status/1514653941304369153 …

CVE-2022-26809 is interesting because it's in the RPC runtime library (which is used by anything that speaks RPC). If the RPC ports are firewalled but SMB is open you can connect to the system via SMB then use it to forward RPC requests over named pipes instead of TCP.