Saturday, 25 April 2026

Remember this...

 -----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512


In the off chance, you decide that you want to proceed with whatever funny ideas you have in your head. I'm recommending you that you do not do it, the dead man switch was active before this even started.

So if you decide to try me, everyone else will pay for it and this time it will be extremely. It will take you a lot of time to patch what will be published if the dead man switch is detonated.

Also if you somehow think I'm stupid, no, the dead man switch is insanely sophisticated it took me forever to deploy it and ensure it works properly before actually making it live and no it's not located at my place ;)


Don't say I did not warn you and again, I'm not bluffing. I deliver every promise I make.

-----BEGIN PGP SIGNATURE-----


iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCae2SbQAKCRDFFoRCS0/S

bKaBAQDDtPDgIaQz4ui3IPieeIgxswkLd4iBtYnYC7pXJsrE1gEAqgswfsI2NpYh

JYt5z6GkJtttQccLB7Mr3EFCJKb8TgE=

=BhrQ

-----END PGP SIGNATURE-----


at 1 comment:

Wednesday, 15 April 2026

Public disclosure, a response for CVE-2026-33825 patch

 -----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512


Here is the code, enjoy

https://github.com/Nightmare-Eclipse/RedSun


Now to address what some media articles wrote, first of all, I want to talk about MSRC official response regarding BlueHammer


"Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible. We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community."


This is a very generic response, almost as if they don't care and they don't. Why ? Because MSRC was fully aware of this public disclosure, a case was filled but was dismissed by them and they are also aware that this one will be disclosed but again, they are ignorant.


Normally, I would go through the process of begging them to fix a bug but to summarize, I was told personally by them that they will ruin my life and they did and I'm not sure if I was the only who had this horride experience or few people did but I think most would just eat it and cut their losses but for me, they took away everything. They mopped the floor with me and pulled every childish game they could. It was soo bad at some point I was wondering if I was dealing with a massive corporation or someone who is just having fun seeing me suffer but it seems to be a collective decision.

And one other thing, they do everything but support the research community, I won't disclose details but they sabotage people a lot. I mean just look at the past, Microsoft is the only major company who had a track of multiple vulnerabilities being publicly disclosed just because the researchers were soo upset by how MSRC treated them.


Unfortunately, the folks who have the capacity to stop those disclosures, not only don't care but also seems to push harder for worst exploits to be released, I didn't want to be evil but they are actively poking me to start releasing RCEs which I will be doing at some point...


I will personally make sure that it gets funnier every single time Microsoft releases a patch.

-----BEGIN PGP SIGNATURE-----


iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCaeAVxQAKCRDFFoRCS0/S

bKhnAP0XAkiRbMSdNupqgko9pahmFysxzkc2H4MspCVhpHc/BAD/bZPbGNwCvzzn

jFuRMhitmdMCHoauBOH0jRiaDwA8mwE=

=9Ffz

-----END PGP SIGNATURE-----


at 1 comment:

Sunday, 12 April 2026

Funny DOS tool

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512



New tool as promised, this is a 0day (kinda), Microsoft will definitely try to mitigate this but it will be a lower priority.

This tool, while stupid, is quite dangerous cause if paired with bluehammer, your machine is basically a hole, anyone can run anything with administrator privileges and windows defender can't really do much about it.

Considering that's the whole purpose of an antivirus, you're better off removing it lol.


https://github.com/Nightmare-Eclipse/UnDefend


-----BEGIN PGP SIGNATURE-----


iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCadwnHgAKCRDFFoRCS0/S

bF90APwKGUbQx/hnjQW5OoAOupa3pkDbmlm+ovQ9ANigb7yPTgD/Zg9BRfR57nM4

Uq3bu1KXpYwp15EuYq56SH6f/M1VFQQ=

=KcQc

-----END PGP SIGNATURE-----


at 1 comment:

Thursday, 2 April 2026

Public disclosure

I was not bluffing Microsoft and I'm doing it again.

https://github.com/Nightmare-Eclipse/BlueHammer

Unlike previous times, I'm not explaining how this works, yall geniuses can figure it out.

Also, huge thanks to MSRC leadership for making this possible !!! And a special thanks to Tom Gallagher !

at 2 comments:

PGP Key

 

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEacD4mxYJKwYBBAHaRw8BAQdA/+G2ISG5DwWQwITnrUwTrVkwk1XqJrHwuLiS
mhT7rzC0EFRlcnJhaW4gUmVwdWJsaWOIlgQTFgoAPgIbAwULCQgHAgYVCgkICwIE
FgIDAQIeAQIXgBYhBElO8B/8BZWEAoR5vsUWhEJLT9JsBQJpwPvqBQkLLaQYAAoJ
EMUWhEJLT9JsBekA/R++4t7IPQVEp3sxFkFdvGpX4WzcDa37Whj1z3UvowYhAQCh
m/ogT4hrLQCwvr6cxGpVzRiFBYt+QNJWFGuTwViCArg4BGnA+JsSCisGAQQBl1UB
BQEBB0AEdP/VzwwM1hTqRlvNnXB1H/znRiCiROQzvrDusSxLMQMBCAeIfgQYFgoA
JgIbDBYhBElO8B/8BZWEAoR5vsUWhEJLT9JsBQJpwPvqBQkLLaQYAAoJEMUWhEJL
T9JsM3gBAPNxQiC0ijrqUZojhW9l94eewUPolp3uaYIhRj8zVH+DAQDNHSLXy7jD
V8FyZeagMXwEZ5+ni4AxWDTkEGciPmAyCA==
=Jaoy
-----END PGP PUBLIC KEY BLOCK-----
at No comments:
Subscribe to: Posts (Atom)

MiniPlasma, a powerful LPE

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This one is accidental, I didn't even think cldflt.sys had that vulnerability. Turns out...