Elliot Alderson

@fs0c131y

French security researcher. Worst nightmare of Oneplus, Wiko, UIDAI, Kimbho, Donald Daters and others. Not completely schizophrenic. Not related to USANetwork.

fs0c131y.com
Joined June 2015
2,118 Photos and videos Photos and videos

You may also like

·

Worldwide trends

Tweets

You blocked @fs0c131y

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @fs0c131y

  1. Pinned Tweet
    Feb 18

    It’s time to publish the details of the biggest I had to deal with. leaked numbers: 6,700,000 Aadhaar numbers

    113 replies 1,828 retweets 2,063 likes
    Show this thread
    Show this thread
    Undo
  2. 2 hours ago

    Is it a Swiss joke 😂?

    Swiss Cybervoting - / is now playing after the copyright mafia playbook & doing takedowns to stop the e-voting source code to be spread unconditionally. …
    2 replies 7 retweets 34 likes
    Undo
  3. 12 hours ago

    Their AzimovWebview is able to open a lot of files

    1 retweet 15 likes
    Show this thread
    Show this thread
    Undo
  4. 12 hours ago

    This is useless but it’s funny. Me, using the RSA conference app to go on Twitter

    1 reply 3 retweets 31 likes
    Show this thread
    Show this thread
    Undo
  5. 13 hours ago

    I am interested to know if this password is the same for everybody 🤔

    6 replies 2 retweets 19 likes
    Show this thread
    Show this thread
    Undo
  6. 13 hours ago

    I created my account today, it seems to be an incremental number 🤔

    1 reply 2 retweets 23 likes
    Show this thread
    Show this thread
    Undo
  7. 13 hours ago

    The password of the user_data_crypt.db is quite long, encoded with Base64. This is the tables available in the database

    2 replies 1 retweet 15 likes
    Show this thread
    Show this thread
    Undo
  8. 13 hours ago

    The databases folder contains 2 interesting databases: "persistentstorage.db" and "user_data_crypt.db". What do we have in user_data_crypt 🤔?

    3 replies 5 retweets 27 likes
    Show this thread
    Show this thread
    Undo
  9. 14 hours ago

    The rsa2019.sqlite_1 is a sqlite3 database which contains all the useful info regarding the event

    2 replies 3 retweets 22 likes
    Show this thread
    Show this thread
    Undo
  10. 14 hours ago

    The sharedPreferences files called prefsGlobal.xml contains a lot of juicy info

    1 reply 3 retweets 17 likes
    Show this thread
    Show this thread
    Undo
  11. 14 hours ago

    -this method

    1 reply 10 likes
    Show this thread
    Show this thread
    Undo
  12. 14 hours ago

    This key is used to generate the HMAC key. It is used after the download of the attendance db. This is something we should hook this method during the dynamic analysis

    2 replies 3 retweets 18 likes
    Show this thread
    Show this thread
    Undo
  13. 14 hours ago

    This is the kind of string I like

    5 replies 3 retweets 29 likes
    Show this thread
    Show this thread
    Undo
  14. 14 hours ago

    I wonder what is a debug Google Maps key 🤷‍♂️

    3 replies 6 retweets 26 likes
    Show this thread
    Show this thread
    Undo
  15. 14 hours ago

    All the available endpoints

    2 replies 2 retweets 19 likes
    Show this thread
    Show this thread
    Undo
  16. 14 hours ago

    I told you https is secure!

    2 replies 3 retweets 26 likes
    Show this thread
    Show this thread
    Undo
  17. 15 hours ago

    This is a dead end. The CustomTabMainActivity is checking the action and finish the activity if the action is equals to CustomTabActivity.a which is our case here. Next!

    2 replies 3 retweets 19 likes
    Show this thread
    Show this thread
    Undo
  18. 15 hours ago

    This CustomTabActivity is taking the data string and forward it to another app. By sending "adb shell am start -n "com.rsa.rsaconference/com.facebook.CustomTabActivity" -d """ the app is blinking twice

    2 replies 5 retweets 19 likes
    Show this thread
    Show this thread
    Undo
  19. 15 hours ago

    A good thing is to check the word exported="true" in the AndroidManifest.xml. For example, if you send adb shell am start -n "com.rsa.rsaconference/com.facebook.CustomTabActivity", the RSA Conference app will open a blank screen 🤔

    3 replies 4 retweets 26 likes
    Show this thread
    Show this thread
    Undo
  20. 15 hours ago

    This app has been obviously made by .

    5 replies 2 retweets 20 likes
    Show this thread
    Show this thread
    Undo
  21. 15 hours ago

    - In the values folder, check the strings.xml and search "secret" for example. We have a lot of results. Let's keep it on a side note for a later use

    2 replies 4 retweets 32 likes
    Show this thread
    Show this thread
    Undo

@fs0c131y hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.