Rust Martialis posted:Ugly hack but it 'works' with bsdtar 3.4.3 on FreeBSD: Defenestrategy posted:I think they're going for that nordic J like fjord, but that's dumb it's Log Fourjay
|
|
![]() |
|
![]()
|
# ? Jun 12, 2024 10:52 |
|
KillHour posted:That's just a standard buffer overflooooh. Oh my. There is no ![]() I'm an overflow ! I can write to arbitrary memory ! All I can execute is AND, OR, XOR and XNOR I'm Turing complete !
|
![]() |
|
repiv posted:https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html?m=1 ![]()
|
![]() |
|
mllaneza posted:There is no I was trying to think of some way to explain it to people with less computing knowledge and have settled on: “the enemy has broken past the first wall of your base but has no more resources to go any further. So they pick up broken parts of the wall and make them into a tank to go the rest of the way.” NSO group has some skilled people and we should be really glad they don’t have a huge target group.
|
![]() |
|
Alternatively, we should be terrified that they realize the real money isn't in extorting a few thousand dollars out of people but in helping governments murder dissidents and destabilize countries. It's not that other hacking groups aren't skilled or smart enough to pull that kind of thing off, it's that once you realize the amount of effort that it would take, it's not worth it if it's going to get patched in a week. It's only worth it if you're reasonably sure that your targets are narrow enough that your techniques won't be found out. It would never happen but I'd be 100% on board with Congress passing a law saying the government isn't allowed to hack people for any reason. Intelligence, military and law enforcement should not be trusted with that poo poo. KillHour fucked around with this message at 06:29 on Dec 16, 2021 |
![]() |
|
ShoeFly posted:My client is still 99% running log4j v1 which has been fun
|
![]() |
|
Powershell script I modified - scans ALL drives for jar files and hunts for JDNILookup.class in them, spits it out. base script not mine.pre:$Drives = Get-PSDrive -PSProvider 'FileSystem' foreach($Drive in $drives) { echo $Drive gci -Path $Drive.root -rec -force -include *.jar -ea 0 | foreach {select-string "JndiLookup.class" $_} | select -exp Path }
|
![]() |
|
Just read that Project Zero post and had my holyshitfuckthat'samazingwhatinthefuck moment at the end. Thanks for sharing it!
|
![]() |
|
First person to pull off an RCE in space wins https://twitter.com/TheASF/status/1400875147163279374
|
![]() |
|
If an iPhone was hit by this vulnerability, would a patch then erase any exploits? I'd assume you'd need to reinstall the OS, but would that be enough?
|
![]() |
|
Fart Amplifier posted:If an iPhone was hit by this vulnerability, would a patch then erase any exploits? I'd assume you'd need to reinstall the OS, but would that be enough? A patch would prevent future exploits, but anything already put in place would be running with whatever permissions it gave itself.
|
![]() |
|
If you're the sort of target that gets attention from NSO-wielding entities, you have someone else get a new device for you.
|
![]() |
|
chin up everything sucks posted:A patch would prevent future exploits, but anything already put in place would be running with whatever permissions it gave itself. Yeah, I'm assuming even at that point even a wipe might not be able to remove it
|
![]() |
|
Fart Amplifier posted:Yeah, I'm assuming even at that point even a wipe might not be able to remove it A full factory restore would be the way to go - flash firmware and everything.
|
![]() |
|
chin up everything sucks posted:A full factory restore would be the way to go - flash firmware and everything. Is this exploit guaranteed to not survive a firmware flash? I don't know how that works. If I were an at-risk journalist/dissident I'd definitely want a confirmation before putting myself at risk trusting the flashing process of a compromised device.
|
![]() |
|
My life is being ruined by a java library This is like the world's stupidest supervillain origin story
|
![]() |
|
It's so bad and it just doesn't stop.
|
![]() |
|
When hasn't Java ruined someone's life?
|
![]() |
|
Fart Amplifier posted:Is this exploit guaranteed to not survive a firmware flash? I don't know how that works. Honestly, I have no idea - I don't think anything survives a wipe + firmware flash unless the device was compromised via a supply chain attack, but I can't say that with 100% certainty.
|
![]() |
|
CommieGIR posted:When hasn't Java ruined someone's life? My early CS education? Oh wait, no. That was someone else.
|
![]() |
|
chin up everything sucks posted:Honestly, I have no idea - I don't think anything survives a wipe + firmware flash unless the device was compromised via a supply chain attack, but I can't say that with 100% certainty. Unless they compromise your Mac/Windows device with a separate zero-day before you manage to DFU your iPhone and use that to put it back ![]()
|
![]() |
|
CommieGIR posted:When hasn't Java ruined someone's life? ![]() Cup Runneth Over posted:Who's Jay and why are we compromising all our systems just to log for them? Logs for Jay :: Flowers for Algernon
|
![]() |
|
I don't know if folks use Zeek here, but if you do and you're looking to augment finding attempts/exploits on your network, we have a zeek package for that. If you don't already have a Zeek->SIEM kinda situation set up, it's probably not worth your time. But figured I'd post it anyway just in case.
|
![]() |
|
KillHour posted:It would never happen but I'd be 100% on board with Congress passing a law saying the government isn't allowed to hack people for any reason. Intelligence, military and law enforcement should not be trusted with that poo poo. If you saw the process involved in government-sponsored hacking, I think you'd immediately stop worrying much about it. If you want to get behind banning stuff, get behind banning bullshit port-of-entry "lol give us logins to your social media so we can see what poo poo you've been up to" searches. Doubly so because they can be applied to US citizens and then triply so because they require no actual justification other than the CBP agent was bored. Quadrupally so because CBP has decided that they have jurisdiction anywhere within 100 miles of any border, which covers something like 66% of the entire US population.
|
![]() |
|
defmacro posted:I don't know if folks use Zeek here, but if you do and you're looking to augment finding attempts/exploits on your network, we have a zeek package for that. If you don't already have a Zeek->SIEM kinda situation set up, it's probably not worth your time. But figured I'd post it anyway just in case. I saw this the other day and turned it on and created some alerts. Thanks for this. I love
|
![]() |
|
KillHour posted:Alternatively, we should be terrified that they realize the real money isn't in extorting a few thousand dollars out of people but in helping governments murder dissidents and destabilize countries. uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually
|
![]() |
|
Can we just launch the nukes already? That would at least spare me another weekend of this.
|
![]() |
|
Martytoof posted:Can we just launch the nukes already? Why? Do the nukes run Java?
|
![]() |
|
Mustache Ride posted:I saw this the other day and turned it on and created some alerts. Thanks for this. I love Glad to hear it! Hope it helps ![]()
|
![]() |
|
I do find it highly suspicious that, just as this all was breaking, I got a recruiting invite from Tencent. Not today, China, not today! You can wallow in the shithole that is log4j with the rest of us.
|
![]() |
|
DrDork posted:If you saw the process involved in government-sponsored hacking, I think you'd immediately stop worrying much about it. I've done work with 3 letter agencies before and I worry very much about it. The Iron Rose posted:uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually Think about the people on intelligence committees and ask yourself if you're likely to agree with them on who to target.
|
![]() |
|
KillHour posted:Think about the people on intelligence committees and ask yourself if you're likely to agree with them on who to target. Nobody is bothering to hack into US ideological dissidents, let alone be trying to break into your tentacle porn collection. And why would they? Way easier to just drag-net large sectors of the internet and get most of the interesting comms from that, hack free. Or just, you know, rely on password re-use and/or idioticly weak password choices. maga2020! indeed. Which is why if your primary concern is targeting and privacy, the real risk is in "let's monitor the world!" and "lol, show me your phone or I don't let you in the country" crap, not whether the NSA is bothering to cook up a special hack just for you when they keep having people air their dirty laundry to the world every few years.
|
![]() |
|
I never claimed they were trying to hack me. They're trying to hack political activists in countries half way around the world. And they need to stop.
|
![]() |
|
KillHour posted:I've done work with 3 letter agencies before and I worry very much about it. The Iron Rose posted:uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually lmao infosec will forever be divided between the cDc free as in freedom types and the water-carrying neolib types
|
![]() |
|
Internet Explorer posted:It's so bad and it just doesn't stop.
|
![]() |
|
Governments need to both be able to hack stuff, and have oversight when doing so.
|
![]() |
|
spankmeister posted:Governments need to both be able to hack stuff, and have oversight when doing so. This is a nonsense argument because the oversight can never come from a truly neutral arbiter because the decisions they make currently can't be public and can't be questioned. The constitution should be expanded to cover all humans regardless of citizenship or location and the government hacking individual accounts anywhere in the world should have the same level of oversight as a domestic wiretap, at a bare minimum. "But" I hear you say "you can't have a domestic judge sign a warrant authorizing the wiretap of a foreign national without that country's knowledge!" And that's my point - any hack of a foreign individual necessarily infringes on their human rights. You shouldn't be less of a human because you're not an American. Now, if you want to hack a foreign government itself, that's the domain of the military because it's a literal act of war and I'm sick of people minimizing the damage of a nation doing that to another just because it didn't involve bullets. Hacking another nation's infrastructure is a casus belli, full stop.
|
![]() |
|
evil_bunnY posted:2.16 is apparently still problematic LMBO Circumcision of the offending JNDILookup.class file sounds better and better every loving second
|
![]() |
|
Rust Martialis posted:Circumcision ![]()
|
![]() |
|
![]()
|
# ? Jun 12, 2024 10:52 |
|
Did the image fail to convey itself?
|
![]() |