| XZ Backdoor symbol deobfuscation. Updated as i make progress |
After 2024-04-02 I am only adding important new discoveries (I come accross). There is just too much Blog and Video entries to keep track of.
Initial disclosure:
CVE and Alerts
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
| ---------------------------------------------------------------------------------------------------- | |
| tcpdump -s 0 #capture entire etherner header and IP packet | |
| tcpdump -ni tap55ec3c7f-91 ip6 #locate the ICMPv6 packets | |
| tcpdump -s0 -n -i any -w /tmp/$(hostname)-smbtrace.pcap #if the SMB client or SMB server is a Unix host,Troubleshooting Server Message Block (SMB) | |
| tcpdump -D #Print the list of the network interfaces available on the system and on which tcpdump can capture packet | |
| tcpdump -X -vvv -n -i eth0 |
| diff --git a/owa.tracker-combined-min-1.6.2.js b/owa-tgs.js | |
| index c718d10..2c5fd6e 100644 | |
| --- a/owa.tracker-combined-min-1.6.2.js | |
| +++ b/owa-pretty.js | |
| @@ -1,7 +1,3 @@ | |
| -/* OWA owa.tracker package file created Sun, 03 Jun 18 20:57:14 -0700 */ | |
| - | |
| -/* Start of json2 */ | |
| - | |
| if (!this.JSON) { |
Hence, if you are interested in existing applications to "just work" without the need for adjustments, then you may be better off avoiding Wayland.
Wayland solves no issues I have but breaks almost everything I need. Even the most basic, most simple things (like xkill) - in this case with no obvious replacement. And usually it stays broken, because the Wayland folks mostly seem to care about Automotive, Gnome, maybe KDE - and alienating everyone else (e.g., people using just an X11 window manager or something like GNUstep) in the process.
Wayland proponents make it seem like Wayland is "the successor" of Xorg, when in fact it is not. It is merely an incompatible alternative, and not even one that has (nor wants to have) feature parity (missing features). And unlike X11 (the X Window System), Wayland protocol designers actively avoid the concept of "windows" (making up incompr
| [ | |
| { | |
| "backcolor": "#222222", | |
| "name": "Wanyoo yKeyboard 78 key", | |
| "author": "icyleaf", | |
| "pcb": false | |
| }, | |
| [ | |
| { | |
| "c": "#282828", |
| [ | |
| { | |
| "name": "My preferred Tex Yoda II Layout", | |
| "background": { | |
| "name": "Aluminium brushed", | |
| "style": "background-image: url('/bg/metal/aluminum_texture1642.jpg');" | |
| }, | |
| "radii": "15px", | |
| "switchMount": "cherry", | |
| "switchBrand": "cherry", |
| import binascii | |
| import itertools | |
| # XORs two byte strings together | |
| def xor_bytes(bytes1, bytes2): | |
| return [ chr(ord(a) ^ b) for (a, b) in zip(bytes1, bytes2) ] | |
| # XORs a ciphertext with the malware's hardcoded key, and repeats it until it's long enough to match the ciphertext length. | |
| def decrypt(cipher, key_hex = 'BB2FA36AAA9541F0'): | |
| key_bytes = [ ord(a) for a in key_hex ] |
While I'm learning how to use Nginx, I was instructed to update the server_names_hash_bucket_size (/etc/nginx/nginx.conf) value from 32 to 64, but I don't understand why should I increase the value to 64.
References that have been read so far: