Franks Electric Dreams

  WeChall Ranking Update: I’m thrilled to share that my WeChall account, under the username FrankSx , is currently ranked 3rd in Australia and within the top 300 globally ! 🎉 For those who may not be familiar, WeChall is a platform that allows users to test their skills in various challenges related to web security, programming, and more. It’s a fantastic community for learning and honing your abilities while competing with others. I invite you to check out my profile and follow my journey as I continue to tackle new challenges and improve my skills. You can find my profile here: FrankSx . Thank you for your support, and I look forward to sharing more updates as I climb the ranks! Happy challenging! — FrankSx

  In the wake of the COVID-19 pandemic, governments worldwide scrambled to implement financial relief measures to support their economies. Australia was no exception, but a significant vulnerability in the Australian Tax Office (ATO) system during the 2021-2022 financial year led to a staggering loss of $2 billion. This incident raises critical questions about the balance between expediency and security in government systems, as well as the potential motivations behind such oversights. The Vulnerability Unveiled The vulnerability stemmed from a change in the ATO's processes that allowed individuals to create an Australian Business Number (ABN) and register for Goods and Services Tax (GST) with minimal verification. Once an ABN was obtained, individuals could lodge their Business Activity Statements (BAS) monthly after their first submission. This meant that, in a matter of weeks, someone could claim a GST credit against their supposed business activities, leading t...

ZTE MF65 - EFS Access Method / Partial FS Dump ZTE MF65 - EFS Access Method / Partial FS Dump In this post, I’ll share my findings on accessing the internal file system of the ZTE MF65 modem. This guide will cover the steps to resolve a soft brick issue caused by directory traversal and provide insights into accessing internal files. Introduction In our previous post, we discussed the local file listing method and the necessary changes to the configuration file for continuous file listing related to SD card functions. Recently, I encountered a challenge that led to a soft brick of my device due to directory traversal on the SD card base path. The Problem When the router attempted to load the HTTPS share page, it reached the share path and SD base path, ultimately reading /mmc2/../ . This caused the device to malfunction and become unresponsive. Fortunately, I have found a solution that not only resolv...

Wikaonwi: A Factory Wi-Fi Credential Vulnerability Wikaonwi: A Factory Wi-Fi Credential Vulnerability Date: 1/21/25 9:35 PM Today, I faced a setback when I was declined a position in the cyber security field due to a prior criminal conviction related to fraud. However, I refuse to let this discourage me. Instead, I am determined to showcase my skills and resilience by releasing another piece of my work. In a future post, I will also cover the details surrounding the charges that led to this situation. This is just one step in my journey, and I won’t allow past challenges to define my future. Wikaonwi: In the ever-evolving landscape of cybersecurity, vulnerabilities can often be found in the most unexpected places. One such vulnerability has been identified in the Kaon DG2144 router, where the factory Wi-Fi password is not as random as one might expect. This flaw can lead to the easy recovery of a device's Wi-Fi ...