$ sudo systemd --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid
$ sudo systemd-run --property=WorkingDirectory=/foo/bar --property=TimeoutSec=5min --on-active="10min" command args
Running timer as unit: run-1.timer
Will run service as unit: run-1.service
$ sudo systemctl list-timers
using REPL | |
using REPL.LineEdit | |
# basically the same as Base's `display_error`, just with different frames removed | |
function display_error(io, err, st) | |
ind = findfirst(frame -> frame.file == Symbol(@__FILE__) && frame.func == :repleval, st) | |
st = st[1:(ind == nothing ? end : ind - 2)] | |
printstyled(io, "ERROR: "; bold=true, color=Base.error_color()) | |
showerror(IOContext(io, :limit => true), err, st) | |
println(io) | |
end |
#!/usr/bin/env python3 | |
# This code is available under the MIT license: https://opensource.org/licenses/MIT | |
from pathlib import Path | |
import subprocess | |
import json | |
from dataclasses import dataclass | |
from typing import List, Optional |
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log
and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
sed -E -f solver.sed input
where input
is a file containing the maze.
For best results, resize your terminal to match the height of the maze. To disable animations, delete the lines containing p
.
The solver assumes the following:
- The maze only contains the characters
# \nSE
- Every line has the same number of characters
- There is only one start (
S
) and end (E
)
$INPUTVIDEO='input.mp4' | |
$OUTPUTVIDEO='output.mp4' | |
ffmpeg -i $INPUTVIDEO -metadata:s:v rotate="-90" -codec copy $OUTPUTVIDEO |
// Just before switching jobs: | |
// Add one of these. | |
// Preferably into the same commit where you do a large merge. | |
// | |
// This started as a tweet with a joke of "C++ pro-tip: #define private public", | |
// and then it quickly escalated into more and more evil suggestions. | |
// I've tried to capture interesting suggestions here. | |
// | |
// Contributors: @r2d2rigo, @joeldevahl, @msinilo, @_Humus_, | |
// @YuriyODonnell, @rygorous, @cmuratori, @mike_acton, @grumpygiant, |
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
- Royce Williams list sorted by vendors responses Royce List
- Very detailed list NCSC-NL
- The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List