smx-smx

XZ Backdoor symbol deobfuscation. Updated as i make progress

thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

NetSysFire

A network/channel I am in gets spammed with some message advertising a channel on Libera Chat, what do I do?

First of all, nothing. Libera Chat is not spamming your network, it is a botnet. See https://en.wikipedia.org/wiki/Joe_job

Libera Chat staff is contributing to dronebl blocklists, helping other networks protect themselves. There is not much else they can do on other networks. Contact the staff of the affected network.

It appears that spammers are actively impersonating innocent users on Libera Chat. Remember, everyone can choose almost any nick with /nick and not every Libera Chat user is on your network, so it is trivial to impersonate users.

david-zw-liu

-- Thank @sbengo to figure out foreign_keys constraints is defaults to false in sqlite
-- Enable to delete logs by cascading delete
PRAGMA foreign_keys = ON;

WITH n_build_ids_per_repo as (
  SELECT build_id
  FROM (
    SELECT
      build_id,
      build_repo_id,

andersk

#!/usr/bin/python3
import apt_pkg
import debian.deb822
import gzip
import sys
from io import BytesIO
from ubuntutools.lp.lpapicache import Distribution
from urllib.request import urlopen

COMPONENTS = ["main", "restricted", "universe", "multiverse"]

vpnwall-services

#Put me in /lib/systemd/system/
[Unit]
Description=My Miscellaneous Service
After=network.target

[Service]
Type=simple
User=nanodano
WorkingDirectory=/home/nanodano
ExecStart=/home/nanodano/my_daemon --option=123

KurtJacobson

#!/usr/bin/env python

#  Copyright (c) 2017 Kurt Jacobson
#  License: https://kcj.mit-license.org/@2017

import cairo
import gi

gi.require_version('Gtk', '3.0')
gi.require_version('Gdk', '3.0')

Keenuts

GSOC 2017 | Virgl Windows Driver

Project links

The project is split into several parts:

• The kernel driver, with simple 3D command forwarding and 3D resource allocation
• The userland driver, in fact the OpenGL backend
• The reference, explaining virtio-gpu commands

https://github.com/Keenuts/virtio-gpu-win-icd \

L-P

[Unit]
Description=Munin FCGI
After=network.target

[Service]
Type=forking
PIDFile=/var/run/munin/fcgi-graph.pid
Restart=always

ExecStartPre=/bin/mkdir -p /var/lib/munin/cgi-tmp/munin-cgi-graph

ChrisTyrrel

Freenode and gateway cloaks

Gateways on freenode work a tad bit different on freenode than they do on other networks. They're given a cloak describing the gateway they're using.

Cloak Examples

• PanicBNC: gateway/shell/panicbnc/x-*
• EliteBNC: gateway/shell/elitebnc/x-*
• BNC4FREE: gateway/shell/bnc4free/x-*

Autovoicing/auto Modes

Flags on I-Line cloak

Suppose I wanted to voice any BNC4FREE users by setting the ChanServ V flag on the I-Line cloak. The process would be as follows: