7zip Has a Zero Day???

This so called: "zero day flaw" is a good example of why, using AI as a "solution" or "shortcut" without proof reading what it produces, is a horrible idea.

EchoVerse_Sonance

The person got what he wanted by getting everyone to spend time on it. You're absolutely right you can't use Ai to write code if you don't know how to code yourself so you can tell it where it's right and wrong :(

MFoster

As an instructor (teaching coding), I would recommend to my students that AI can be used to write the pseudocode but not the actual code. As you said, it will give you the framework, but you have to put the effort in afterward.

PatrickDickey

Basic Security Mechanism Failures:
No DEP (Data Execution Prevention) bypass
No ASLR (Address Space Layout Randomization) leak for the system() call
These are fundamental protections that any real exploit would need to address
Non-functional Code:
The file doesn't even work as a valid 7zip archive ("Error: Is not archive")
Includes 9 headers but only uses 7zip types - a clear sign of cargo cult programming
The "shellcode" is particularly amusing:
The assembly output shared shows it's completely broken
Random int3 instructions (breakpoints)
Invalid/nonsensical byte sequences
Would never actually execute properly

Nafo-Radio

Its a kid with delusions of grandeur and/or peaked on dunning-kruger curve re: cyber security telling from their twitter tag. Also enjoys trying to boost their own ego through Gemini. All this cringe or simply a troll.

EDIT: im either getting copycat trolled or its actually the same person responding to me so not a troll but a kid who genuinely believes they are smarter than everyone else

JaePlay

OMG, now even in Topics like this... the scheme, originally coming from political topics is:
-> Do/say something stupid in public
-> get a shitstorm
-> claiming receiving death threats (I'm actually the victim here...)

vitaliwilhelm

I liked the keyboard overlay which omitted the dedicated "calculator" button most multimedia keyboards have

Cvolton

Why do they always have the same setup. Its always something like:

"Hello, I have some very important information about [topic], however [lame excuse] so I cannot share it. Whoever denies my claims is a [foul word]."

Followed by

"I've received death threats and am now the victim"

van-sprundel

I like when women say nasty things like "arbitrary code execution"

overtheworl

Awesome, my favorite fed is back in my recommended.

Infisrael

fire to run into a female creator besides lexie or serena that has actual comedic relief within the content. here for it.

michaelsoftbinbows

great vid, but consider cutting less of your video, the cuts become pretty frequent and apparent, consider vocal retakes or re-recording some lines when you do need to cut it maybe.

Luzum

Really like the way you say "Dude"

GravemindHD

Keep speaking your magic words, magic man!

machpooch

This dude has no idea what he's doing. It's so easy to program something that won't be seen on task manager as malicious by using other legitimate processes. He's just a shame to the cyber security community. And the fact that he thinks some arbitrary code he wrote could replace the legitmacy of task manager... I bet you can even change/mess with task managers internals to not display certain things. No one is going to believe you if you don't post the full code or the compiled payload. He's just capping

brawldude

This was an awesome technical story much love from Florida 😎

David-ckep

Another day, another buffer overflow attack.

ProxyFoxOne

I had a dream that I was a shiny Blue balloon and a strange clown came and started twisting me around and turned me into some sort of balloon animal created by AI. 🤷‍♂️

exin

what did you all expect from the guy nicknamed NSA EMPLOYEE 39?

paxpax

Take the death threat evidence to the FBI. Do it now!

Duncan_