Skip to content

Instantly share code, notes, and snippets.

View hank9999's full-sized avatar

hank9999

56 followers · 56 following
View GitHub Profile
@hank9999
hank9999 / gist:3a7198942ce3d5d1d58e8eab98ef9619
Created February 3, 2026 09:49
Swoole Crashed Log on MacOS
[
{
"app_name": "php",
"timestamp": "2026-02-03 15:50:56.00 +0800",
"app_version": "",
"slice_uuid": "6cd78821-01e3-3b6d-9ae1-a23979b7424a",
"build_version": "",
"platform": 1,
"share_with_app_devs": 1,
"is_first_party": 1,
@hank9999
hank9999 / research.md
Created January 22, 2025 13:28 — forked from hackermondev/research.md
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k