smx-smx

XZ Backdoor symbol deobfuscation. Updated as i make progress

thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

wynnchel

#!/bin/bash
# Steps:
# 1) Make sure bash is available
# 2) Create udev rule
# - path to new udev rule: /etc/udev/rules.d/50-x-resize.rules
# - udev rule content: 
# ACTION=="change",KERNEL=="card0", SUBSYSTEM=="drm", RUN+="/usr/local/bin/x-resize" 
# 3) Create /var/log/autores directory
# 4) Create script /usr/local/bin/x-resize (this file) and make executable
# 5) Reload udev rules with `sudo udevadm control --reload-rules`

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

nitred

About

• I faced bandwidth issues between a WG Peer and a WG server. Download bandwidth when downloading from WG Server to WG peer was reduced significantly and upload bandwidth was practically non existent.
• I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU.
• Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.

Testing

• On WG server, I started an iperf3 server
• On WG peer, I wrote a script that does the following:
  • wg-quick down wg0
• Edit MTU in the /etc/wireguard/wg0.conf file

aaronmdjones

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

My resignation from freenode staff
==================================

I joined the freenode staff in March 2019 [1].

Before I joined the staff, Freenode Ltd was sold [2] to a person named
Andrew Lee as part of a sponsorship deal. The informal terms of that

andrebrait

Here is the best setup (I think so :D) for K-series Keychron keyboards on Linux.

Note: many newer Keychron keyboards use QMK as firmware and most tips here do not apply to them. Maybe the ones related to Bluetooth can be useful, but everything related to Apple's keyboard module (hid_apple) on Linux, won't work. As far as I know, all QMK-based boards use the hid_generic module instead. Examples of QMK-based boards are: Q, Q-Pro, V, K-Pro, etc.

Most of these commands have been tested on Ubuntu 20.04 and should also work on most Debian-based distributions. If a command happens not to work for you, take a look in the comment section.

Make Fn + F-keys work (NOT FOR QMK-BASED BOARDS)

Older Keychron keyboards (those not based on QMK) use the hid_apple driver on Linux, even in the Windows/Android mode, both in Bluetooth and Wired modes.

bsidhom

#!/usr/bin/env bash

# Usage: ffcat <output> <input> [input ...]

set -euo pipefail

# Prints the contents of a concat file for ffmpeg.
function catfile() {
  local inputs=($@)
  local input

3lpsy

#!/bin/bash
# SPDX-License-Identifier: MIT License
# Steps:
# 1) Make sure bash is available
# 2) Create udev rule
# - path to new udev rule: /etc/udev/rules.d/50-x-resize.rules
# - udev rule content: 
# ACTION=="change",KERNEL=="card0", SUBSYSTEM=="drm", RUN+="/usr/local/bin/x-resize" 
# 3) Create /var/log/autores directory
# 4) Create script /usr/local/bin/x-resize (this file) and make executable

nevack

This gist is currenctly archived.

Please refer to previous revisions if you know what to do.

The patch proposed was merged into kernel in 5.8 release, but no longer working as of linux 5.11