Skip to content

Instantly share code, notes, and snippets.

View thimslugga's full-sized avatar
🏠
Working from home

adam kaminski thimslugga

🏠
Working from home
63 followers · 317 following
View GitHub Profile
@smx-smx
smx-smx / XZ Backdoor Analysis
Last active June 2, 2024 07:22
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@q3k
q3k / hashes.txt
Last active May 16, 2024 16:49
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'
@ecki
ecki / xz-backdoor.md
Last active April 16, 2024 15:10
Links about xz-utility/liblzma5 backdoor (CVE-2024-3094)
@thesamesam
thesamesam / xz-backdoor.md
Last active July 24, 2024 14:23
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@milos7250
milos7250 / env-manage.sh
Created March 8, 2024 16:22
Build, compress, cache, copy and remove conda environments on slurm using micromamba.
#!/bin/bash
#SBATCH --cpus-per-task=32
#SBATCH --mem=32000
#SBATCH --partition=short
#SBATCH --output=env-manage.log
#SBATCH --mail-type=END,FAIL
#SBATCH --mail-user=
set -e
@tekknolagi
tekknolagi / lines.py
Last active March 16, 2024 11:14
#!/usr/bin/env python
import multiprocessing
import random
import time
class Logger:
def __init__(self, num_lines, last_output_per_process, terminal_lock):
self.num_lines = num_lines
@MaartenBaert
MaartenBaert / btrfs-bitflip.md
Last active February 7, 2024 16:56

Manually fixing bit flips in BTRFS

Somehow my BTRFS file system became corrupted by what appears to be a single bit flip in a metadata field. Rather than copying all the data and reformatting the file system, which would have required another disk at least as large as the original, I decided to try to fix this manually, which appears to have worked. I've documented the procedure I've used here, in case I need it again or someone else runs into a similar issue and finds it useful.

The first thing you should do is run btrfs check. For me this produced the following output:

Opening filesystem to check...
Checking filesystem on /dev/nvme0n1p1
UUID: ec7afe1c-8478-450a-82fc-d17b32d8ca3d
@ig0rmin
ig0rmin / mount_namespace_sudo.c
Created January 30, 2024 20:49
Clone a process into a new mount namespace and pivot root to a given directory
// This example demonstrates creating mount namespace and using pivot_root()
// It doesn't create a user namespace, so to run it we need sudo
#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <sched.h>
#include <limits.h>
#include <errno.h>
#include <unistd.h>
@LloydAsp
LloydAsp / takeover.sh
Last active February 3, 2024 17:15
takeover.sh
#!/bin/sh
set -e
TO=/x
OLD_INIT=$(readlink /proc/1/exe)
cd "$TO"
if [ ! -e fakeinit ]; then
./busybox echo "Please compile fakeinit.c first"
exit 1
@midoriiro
midoriiro / convert-image.psm1
Created November 15, 2023 18:08
Convert OCI image to LXC format
Function Convert-Image
{
Param (
[Parameter(Mandatory = $true)]
[string]$Name,
[Parameter(Mandatory = $true)]
[string]$Tag,
[Parameter(Mandatory = $false)]