dergachev

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

DashW

using UnityEngine;
using System;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Threading;

class BitmapEncoder
{
	public static void WriteBitmap(Stream stream, int width, int height, byte[] imageData)

kosamari

ServiceWorker for github pages

This is a ServiceWorker template to turn small github pages into offline ready app.

Why ?

Whenever I make small tools & toys, I create github repo and make a demo page using github pages (like this one).
Often these "apps" are just an index.html file with all the nessesary CSS and JavaScript in it (or maybe 2-3 html/css/js files). I wanted to cache these files so that I can access my tools offline as well.

Notes

Make sure your github pages have HTTPS enforced, you can check Settings > GitHub Pages > Enforce HTTPS of your repository.

zeljic

How to build SQLite3 .lib file on Windows 10

1. Download source from source

   For example: source https://www.sqlite.org/2023/sqlite-amalgamation-3430100.zip

2. Download binary from binary

   For example: binary https://www.sqlite.org/2023/sqlite-dll-win64-x64-3430100.zip

3. Extract both archives to the same directory

creadone

# Method alias
# ------------

macro alias_method(new_name, existing_method)
  def {{new_name.id}}(*args)
    {{existing_method.id}}(*args)
  end
end

# Generate Union type from array of classes

mattmc3

layout	author	title	revision	version	description
default	mattmc3	Modern SQL Style Guide	2019-01-17	1.0.1	A guide to writing clean, clear, and consistent SQL.

Modern SQL Style Guide

DavidKuennen

(function (context, trackingId, options) {
    const history = context.history;
    const doc = document;
    const nav = navigator || {};
    const storage = localStorage;
    const encode = encodeURIComponent;
    const pushState = history.pushState;
    const typeException = 'exception';
    const generateId = () => Math.random().toString(36);
    const getId = () => {

GabrielVidal1

# Vars
ROOT=/workspace
SD_DIR=sd
MODEL_DIR=$ROOT/$SD_DIR/models/Stable-diffusion
VENV=env
GRADIO_AUTH=user:password123
SD_REPO=https://github.com/AUTOMATIC1111/stable-diffusion-webui.git

# Install packages
apt update

bryanhpchiang

const sleep = ms => { return new Promise(resolve => setTimeout(resolve, ms)) }


const injectButton = async () => {
	// Similiarly, we also need to wait for the page to load in...
	await sleep(1000);
  console.log("hey");
	const {url} = await fetch("https://bhchiang--get-url-get.modal.run/").then(r => r.json());
	const URL = `${url}/get_prompt`;