diff --git a/src/posts/im-bored.md b/src/posts/im-bored.md index 991f4cb..1b58cac 100644 --- a/src/posts/im-bored.md +++ b/src/posts/im-bored.md @@ -1,7 +1,7 @@ --- title: "i'm bored, so here's a useless 0day" date: 2025-08-20 -changed_date: 2025-08-20T19:43:00Z +changed_date: 2025-08-20T09:18:00Z description: "i either want my US$2.5k professional-grade device backdoored or not at all" feature_image: /img/posts/im-bored/cover.jpg feature_alt: "a photo of a rugged professional device with word art text over it that says 'YAY! everyone is admin now!'" @@ -13,7 +13,7 @@ tags: - javascript --- -in early 2024, i was spending some time trying to find IDF field infrastructure on [Zoomeye](https://zoomeye.ai), particularly GNSS base stations (used to correct for errors in GPS tracker data) and similar (semi-)permanent field gear. as i was doing this, i started seeing more and more [CHCNAV P5](https://geospatial.chcnav.com/products/chcnav-P5) GNSS devices, {% footnoteref "idf", "i never ended up figuring out if any of those belonged to the IDF or not" %}including near the Gaza Strip and West Bank borders{% endfootnoteref %}. it got kinda boring quick, especially because i only had credentials to a few of these devices and they seemed pretty useless, so i started aimlessly clicking around in Firefox's developer tools on one of the sites. +in early 2024, i was spending some time trying to find IDF field infrastructure on [Zoomeye](https://zoomeye.ai), particularly GNSS base stations (used to correct for errors in GPS tracker data) and similar (semi-)permanent field gear. as i was doing this, i started seeing more and more [CHCNAV P5](https://geospatial.chcnav.com/products/chcnav-P5) GNSS devices, {% footnoteref "idf", "i never ended up figuring out if any of those belonged to the IDF or not" %}including near the Gaza Strip and West Bank borders.{% endfootnoteref %} it got kinda boring quick, especially because i only had credentials to a few of these devices and they seemed pretty useless, so i started aimlessly clicking around in Firefox's developer tools on one of the sites. all it took was a search for "admin" and i had this absolutely beautiful piece of front-end javascript code in front of me: ```js