Post B18h7EAToZP2YJsODw by q3k@social.hackerspace.pl
(DIR) More posts by q3k@social.hackerspace.pl
(DIR) Post #B18h7EAToZP2YJsODw by q3k@social.hackerspace.pl
2025-12-11T12:41:34Z
1 likes, 1 repeats
AccursedUnutterableXmlDeserialize
(DIR) Post #B18h7FIJcvGU2uYA4m by whitequark@mastodon.social
2025-12-11T12:43:40Z
0 likes, 0 repeats
@q3k I was right there with you until "Rising edge starts deserialization of the XML" and then i hit Boost
(DIR) Post #B18h7GYevdvrxtCjBo by ignaloidas@not.acu.lt
2025-12-11T12:45:52.251Z
0 likes, 0 repeats
@whitequark@mastodon.social @q3k@social.hackerspace.pl just imagine, if SOAP wasn't cast aside as it was, we could have NICs that offer XML (de)serialization acceleration
(DIR) Post #B18jq8oGmbVgsF227c by whitequark@mastodon.social
2025-12-11T12:46:23Z
0 likes, 0 repeats
@ignaloidas @q3k I worked with SOAP once *blank stare*
(DIR) Post #B18jqAO6upm1lgoAcq by q3k@social.hackerspace.pl
2025-12-11T12:49:56Z
0 likes, 0 repeats
@whitequark @ignaloidas Hey, at least the SIMATIC people are forward-thinking! There's a JSON variant, too.
(DIR) Post #B18jqBZqUgkrSNJ3YW by zardoz03@mastodon.online
2025-12-11T13:10:21Z
0 likes, 0 repeats
@q3k @whitequark @ignaloidas how do you even get the informatiom out of the json tree port, is it sending strings/indexes across the port and then it sends a pointer or value back??
(DIR) Post #B18jqCqtklzPPYIBm4 by q3k@social.hackerspace.pl
2025-12-11T13:14:14Z
0 likes, 0 repeats
@zardoz03 @whitequark @ignaloidas Good question! You'd hope that you get some kind of Vec<(JSONPath, Value)> array... That would be actually quite okay!But what you actually get is just Vec<(Key, Value)> and you need to somehow keep your own state to make sure that the Key="foo" you got is bar.foo and not baz.foo. Good luck!
(DIR) Post #B18jqE57BOxJDvx3ZY by ignaloidas@not.acu.lt
2025-12-11T13:16:22.404Z
0 likes, 0 repeats
@q3k@social.hackerspace.pl @zardoz03@mastodon.online @whitequark@mastodon.social who let HW engineers do software protocols?and why?
(DIR) Post #B18kAjnMyuYrNFQqVk by q3k@social.hackerspace.pl
2025-12-11T13:18:52Z
0 likes, 0 repeats
@ignaloidas @whitequark @zardoz03 You see, this isn't 'software', this is 'PLC programming'. That's totally different.(It really is, from the point of view of the system we live in: PLC programmers usually come from the automation/electrical engineering world, and they get taught all of this in a vacuum. This whole industry is based on the lie^Wassumption that this isn't software engineering, so none of the SWEng best practices need to apply.)
(DIR) Post #B18kAkt4vAiolF6v32 by ignaloidas@not.acu.lt
2025-12-11T13:20:09.668Z
0 likes, 0 repeats
@q3k@social.hackerspace.pl @whitequark@mastodon.social @zardoz03@mastodon.online no, I know that, I mean who let/forced them use JSON/XML, which are things that are purely in the software side of the realm
(DIR) Post #B18kkwJBw1MSblZwem by q3k@social.hackerspace.pl
2025-12-11T13:21:02Z
0 likes, 0 repeats
@ignaloidas @whitequark @zardoz03 It turns out sometimes you need to access non-OT stuff from OT stuff :).
(DIR) Post #B18kkx0RLDxKltoU4G by ignaloidas@not.acu.lt
2025-12-11T13:26:42.439Z
0 likes, 0 repeats
@q3k@social.hackerspace.pl @whitequark@mastodon.social @zardoz03@mastodon.online we have a word for that, and it's called FIRMWAREI'm ok with them pretending that their PLC's are ideal implementations of ladder logic or whatever, but man, know your limits
(DIR) Post #B18nQEgEjYyfMtB3M8 by f4grx@chaos.social
2025-12-11T13:55:48Z
0 likes, 0 repeats
@q3k @whitequark @ignaloidas what do you mean, compressed?
(DIR) Post #B18nQFe98otqMhCtjk by ignaloidas@not.acu.lt
2025-12-11T13:56:32.971Z
0 likes, 0 repeats
@f4grx@chaos.social @q3k@social.hackerspace.pl @whitequark@mastodon.social Check this outRE: https://social.hackerspace.pl/users/q3k/statuses/115701181669150560
(DIR) Post #B18u7yoHhR3yc9BRVQ by rahix@chaos.social
2025-12-11T13:28:19Z
0 likes, 0 repeats
@q3k @whitequark @ignaloidas Not in the screenshot: If the JSON contains any whitespace, the parsing result "may contain errors"
(DIR) Post #B18u80T5XDIRkzHXkG by q3k@social.hackerspace.pl
2025-12-11T13:32:05Z
0 likes, 0 repeats
@rahix @whitequark @ignaloidas Holy shit I missed this. What the fuck.
(DIR) Post #B18u81hewWXvaT6h60 by gsuberland@chaos.social
2025-12-11T13:34:00Z
0 likes, 0 repeats
@q3k @rahix @whitequark @ignaloidas inb4 this is being done on an FPGA internally
(DIR) Post #B18u82S69rh1uUpmTo by rahix@chaos.social
2025-12-11T13:35:34Z
0 likes, 0 repeats
@gsuberland @q3k @whitequark @ignaloidas No no, this is just a vendor-provided library that gets executed like any other PLC code. There is no excuse for this madness here.
(DIR) Post #B18u83EJGcG2K1OHcu by gsuberland@chaos.social
2025-12-11T13:36:22Z
0 likes, 0 repeats
@rahix @q3k @whitequark @ignaloidas I figured as much, industrial stuff is cursed lol
(DIR) Post #B18u845q3b4l02R23s by gsuberland@chaos.social
2025-12-11T13:36:45Z
0 likes, 0 repeats
@rahix @q3k @whitequark @ignaloidas and people wonder why nmap scanning the OT environment gets you yelled at
(DIR) Post #B18u857eEM7KBwHzWK by q3k@social.hackerspace.pl
2025-12-11T13:37:41Z
0 likes, 0 repeats
@gsuberland @rahix Don't ask Rahix about that time I sent a few too many kilobytes of data to our brand new Modbus RTU/TCP bridge...
(DIR) Post #B18u86HFw7Ofm1nB8S by gsuberland@chaos.social
2025-12-11T13:39:42Z
0 likes, 0 repeats
@q3k @rahix probably still a better outcome than the time I ran a very slow (~1pkt/s) TCP connect scan against a HMI just to find the open ports, and caused a 3 hour ECR outage on an LPG tanker during cargo ops.
(DIR) Post #B18u87UlPNnPYD7TpQ by gsuberland@chaos.social
2025-12-11T13:42:51Z
0 likes, 0 repeats
@q3k @rahix still not fully sure what the root cause of the failure was, but fixing it required the chief engineer to climb up into the cabinets for the aux generator combining bus to physically unplug and replug power to the PLCs
(DIR) Post #B18u88PU0VAMO7emEi by azonenberg@ioc.exchange
2025-12-11T13:47:12Z
0 likes, 0 repeats
@gsuberland @q3k @rahix Oof.The one time I've caused an outage in prod actually was not SCADA related.But many years ago, I did knock an decently sized company off the internet by running a sqlmap scan against a random marketing department web server. Have you ever heard that story? Lol
(DIR) Post #B18u89HMmAGf5EroDw by gsuberland@chaos.social
2025-12-11T13:51:12Z
1 likes, 0 repeats
@azonenberg @q3k @rahix I don't think I have.I did something similar at a hosting provider, except it was because they told me to do something silly (~10Gbps SYN scan of their internal /8) and I said "are you absolutely sure?" and they said "yes". sev0 outage, took out several call centers, incident got escalated to C-level.
(DIR) Post #B19Bicccr6MFjbmwLI by karppinen@mastodon.online
2025-12-11T18:28:31Z
1 likes, 0 repeats
@ignaloidas @whitequark @q3k well, Mellanox NICs offer regexp acceleration today and I’m not sure this is the preferrable outcome
(DIR) Post #B19C0lakFGJClYYp6G by ignaloidas@not.acu.lt
2025-12-11T18:32:07.198Z
0 likes, 0 repeats
@karppinen@mastodon.online @whitequark@mastodon.social @q3k@social.hackerspace.pl looks like that's only with DPU's that have ARM cores on them?Still crazy tho
(DIR) Post #B19HRLFKnuaCeB2Nvs by philpem@digipres.club
2025-12-11T19:32:22Z
0 likes, 1 repeats
@q3k @rahix @whitequark @ignaloidas I did some work on Siemens the SIMATIC Device Manager (HART device descriptor debugging). Nothing in this screenshot surprises me after that.I used to have an email printed out on the wall and framed - it was a request from a Siemens senior engineering manager via the UK FAE to "stop breaking our product, it works fine for many customers".
(DIR) Post #B1LLkyxs5UP32y0dAu by q3k@social.hackerspace.pl
2025-12-11T13:41:03Z
1 likes, 0 repeats
@gsuberland @rahix Ah yes, the good old #define MAX_NUM_SOCKETS 3; // TODO: clean up aborted connections.