|
Rust Martialis posted:Ugly hack but it 'works' with bsdtar 3.4.3 on FreeBSD: Defenestrategy posted:I think they're going for that nordic J like fjord, but that's dumb it's Log Fourjay
|
#
?
Dec 16, 2021 05:40
|
|
|
|
| # ? May 20, 2024 07:30 |
|
|
KillHour posted:That's just a standard buffer overflooooh. Oh my. There is no  big enough, that's an amazing hack. I'm an overflow ! I can write to arbitrary memory ! All I can execute is AND, OR, XOR and XNOR I'm Turing complete !
|
|
#
?
Dec 16, 2021 05:40
|
|
|
repiv posted:https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html?m=1 indeed.
|
|
#
?
Dec 16, 2021 06:01
|
|
|
mllaneza posted:There is no I was trying to think of some way to explain it to people with less computing knowledge and have settled on: “the enemy has broken past the first wall of your base but has no more resources to go any further. So they pick up broken parts of the wall and make them into a tank to go the rest of the way.” NSO group has some skilled people and we should be really glad they don’t have a huge target group.
|
|
#
?
Dec 16, 2021 06:08
|
|
|
Alternatively, we should be terrified that they realize the real money isn't in extorting a few thousand dollars out of people but in helping governments murder dissidents and destabilize countries. It's not that other hacking groups aren't skilled or smart enough to pull that kind of thing off, it's that once you realize the amount of effort that it would take, it's not worth it if it's going to get patched in a week. It's only worth it if you're reasonably sure that your targets are narrow enough that your techniques won't be found out. It would never happen but I'd be 100% on board with Congress passing a law saying the government isn't allowed to hack people for any reason. Intelligence, military and law enforcement should not be trusted with that poo poo. KillHour fucked around with this message at 06:29 on Dec 16, 2021 |
|
#
?
Dec 16, 2021 06:24
|
|
|
ShoeFly posted:My client is still 99% running log4j v1 which has been fun
|
|
#
?
Dec 16, 2021 12:32
|
|
|
Powershell script I modified - scans ALL drives for jar files and hunts for JDNILookup.class in them, spits it out. base script not mine.pre:$Drives = Get-PSDrive -PSProvider 'FileSystem'
foreach($Drive in $drives) {
echo $Drive
gci -Path $Drive.root -rec -force -include *.jar -ea 0 | foreach {select-string "JndiLookup.class" $_} | select -exp Path
}
|
|
#
?
Dec 16, 2021 14:20
|
|
|
Just read that Project Zero post and had my holyshitfuckthat'samazingwhatinthefuck moment at the end. Thanks for sharing it!
|
|
#
?
Dec 16, 2021 14:39
|
|
|
First person to pull off an RCE in space wins https://twitter.com/TheASF/status/1400875147163279374
|
|
#
?
Dec 16, 2021 17:14
|
|
|
If an iPhone was hit by this vulnerability, would a patch then erase any exploits? I'd assume you'd need to reinstall the OS, but would that be enough?
|
|
#
?
Dec 16, 2021 18:49
|
|
|
Fart Amplifier posted:If an iPhone was hit by this vulnerability, would a patch then erase any exploits? I'd assume you'd need to reinstall the OS, but would that be enough? A patch would prevent future exploits, but anything already put in place would be running with whatever permissions it gave itself.
|
|
#
?
Dec 16, 2021 19:01
|
|
|
If you're the sort of target that gets attention from NSO-wielding entities, you have someone else get a new device for you.
|
|
#
?
Dec 16, 2021 19:07
|
|
|
chin up everything sucks posted:A patch would prevent future exploits, but anything already put in place would be running with whatever permissions it gave itself. Yeah, I'm assuming even at that point even a wipe might not be able to remove it
|
|
#
?
Dec 16, 2021 19:16
|
|
|
Fart Amplifier posted:Yeah, I'm assuming even at that point even a wipe might not be able to remove it A full factory restore would be the way to go - flash firmware and everything.
|
|
#
?
Dec 16, 2021 19:18
|
|
|
chin up everything sucks posted:A full factory restore would be the way to go - flash firmware and everything. Is this exploit guaranteed to not survive a firmware flash? I don't know how that works. If I were an at-risk journalist/dissident I'd definitely want a confirmation before putting myself at risk trusting the flashing process of a compromised device.
|
|
#
?
Dec 16, 2021 19:22
|
|
|
My life is being ruined by a java library This is like the world's stupidest supervillain origin story
|
|
#
?
Dec 16, 2021 21:06
|
|
|
It's so bad and it just doesn't stop.
|
|
#
?
Dec 16, 2021 21:07
|
|
|
When hasn't Java ruined someone's life?
|
|
#
?
Dec 16, 2021 21:20
|
|
|
Fart Amplifier posted:Is this exploit guaranteed to not survive a firmware flash? I don't know how that works. Honestly, I have no idea - I don't think anything survives a wipe + firmware flash unless the device was compromised via a supply chain attack, but I can't say that with 100% certainty.
|
|
#
?
Dec 16, 2021 21:23
|
|
|
CommieGIR posted:When hasn't Java ruined someone's life? My early CS education? Oh wait, no. That was someone else.
|
|
#
?
Dec 16, 2021 21:29
|
|
|
chin up everything sucks posted:Honestly, I have no idea - I don't think anything survives a wipe + firmware flash unless the device was compromised via a supply chain attack, but I can't say that with 100% certainty. Unless they compromise your Mac/Windows device with a separate zero-day before you manage to DFU your iPhone and use that to put it back
|
|
#
?
Dec 16, 2021 21:34
|
|
|
CommieGIR posted:When hasn't Java ruined someone's life?  Cup Runneth Over posted:Who's Jay and why are we compromising all our systems just to log for them? Logs for Jay :: Flowers for Algernon
|
|
#
?
Dec 16, 2021 23:55
|
|
|
I don't know if folks use Zeek here, but if you do and you're looking to augment finding attempts/exploits on your network, we have a zeek package for that. If you don't already have a Zeek->SIEM kinda situation set up, it's probably not worth your time. But figured I'd post it anyway just in case.
|
|
#
?
Dec 17, 2021 00:02
|
|
|
KillHour posted:It would never happen but I'd be 100% on board with Congress passing a law saying the government isn't allowed to hack people for any reason. Intelligence, military and law enforcement should not be trusted with that poo poo. If you saw the process involved in government-sponsored hacking, I think you'd immediately stop worrying much about it. If you want to get behind banning stuff, get behind banning bullshit port-of-entry "lol give us logins to your social media so we can see what poo poo you've been up to" searches. Doubly so because they can be applied to US citizens and then triply so because they require no actual justification other than the CBP agent was bored. Quadrupally so because CBP has decided that they have jurisdiction anywhere within 100 miles of any border, which covers something like 66% of the entire US population.
|
|
#
?
Dec 17, 2021 02:20
|
|
|
defmacro posted:I don't know if folks use Zeek here, but if you do and you're looking to augment finding attempts/exploits on your network, we have a zeek package for that. If you don't already have a Zeek->SIEM kinda situation set up, it's probably not worth your time. But figured I'd post it anyway just in case. I saw this the other day and turned it on and created some alerts. Thanks for this. I love
|
|
#
?
Dec 17, 2021 02:52
|
|
|
KillHour posted:Alternatively, we should be terrified that they realize the real money isn't in extorting a few thousand dollars out of people but in helping governments murder dissidents and destabilize countries. uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually
|
|
#
?
Dec 17, 2021 03:19
|
|
Cat Army
|
Can we just launch the nukes already? That would at least spare me another weekend of this.
|
|
#
?
Dec 17, 2021 04:32
|
|
|
Martytoof posted:Can we just launch the nukes already? Why? Do the nukes run Java?
|
|
#
?
Dec 17, 2021 04:44
|
|
|
Mustache Ride posted:I saw this the other day and turned it on and created some alerts. Thanks for this. I love Glad to hear it! Hope it helps 
|
|
#
?
Dec 17, 2021 05:32
|
|
|
I do find it highly suspicious that, just as this all was breaking, I got a recruiting invite from Tencent. Not today, China, not today! You can wallow in the shithole that is log4j with the rest of us.
|
|
#
?
Dec 17, 2021 05:35
|
|
|
DrDork posted:If you saw the process involved in government-sponsored hacking, I think you'd immediately stop worrying much about it. I've done work with 3 letter agencies before and I worry very much about it. The Iron Rose posted:uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually Think about the people on intelligence committees and ask yourself if you're likely to agree with them on who to target.
|
|
#
?
Dec 17, 2021 05:56
|
|
|
KillHour posted:Think about the people on intelligence committees and ask yourself if you're likely to agree with them on who to target. Nobody is bothering to hack into US ideological dissidents, let alone be trying to break into your tentacle porn collection. And why would they? Way easier to just drag-net large sectors of the internet and get most of the interesting comms from that, hack free. Or just, you know, rely on password re-use and/or idioticly weak password choices. maga2020! indeed. Which is why if your primary concern is targeting and privacy, the real risk is in "let's monitor the world!" and "lol, show me your phone or I don't let you in the country" crap, not whether the NSA is bothering to cook up a special hack just for you when they keep having people air their dirty laundry to the world every few years.
|
|
#
?
Dec 17, 2021 06:51
|
|
|
I never claimed they were trying to hack me. They're trying to hack political activists in countries half way around the world. And they need to stop.
|
|
#
?
Dec 17, 2021 07:45
|
|
|
KillHour posted:I've done work with 3 letter agencies before and I worry very much about it. The Iron Rose posted:uh I for one do want my government, military, and intelligence services to be able to hack the computers of our geopolitical competitors, actually lmao infosec will forever be divided between the cDc free as in freedom types and the water-carrying neolib types
|
|
#
?
Dec 17, 2021 08:57
|
|
|
Internet Explorer posted:It's so bad and it just doesn't stop.
|
|
#
?
Dec 17, 2021 09:05
|
|
|
Governments need to both be able to hack stuff, and have oversight when doing so.
|
|
#
?
Dec 17, 2021 09:27
|
|
|
spankmeister posted:Governments need to both be able to hack stuff, and have oversight when doing so. This is a nonsense argument because the oversight can never come from a truly neutral arbiter because the decisions they make currently can't be public and can't be questioned. The constitution should be expanded to cover all humans regardless of citizenship or location and the government hacking individual accounts anywhere in the world should have the same level of oversight as a domestic wiretap, at a bare minimum. "But" I hear you say "you can't have a domestic judge sign a warrant authorizing the wiretap of a foreign national without that country's knowledge!" And that's my point - any hack of a foreign individual necessarily infringes on their human rights. You shouldn't be less of a human because you're not an American. Now, if you want to hack a foreign government itself, that's the domain of the military because it's a literal act of war and I'm sick of people minimizing the damage of a nation doing that to another just because it didn't involve bullets. Hacking another nation's infrastructure is a casus belli, full stop.
|
|
#
?
Dec 17, 2021 09:38
|
|
|
evil_bunnY posted:2.16 is apparently still problematic LMBO Circumcision of the offending JNDILookup.class file sounds better and better every loving second
|
|
#
?
Dec 17, 2021 09:48
|
|
|
Rust Martialis posted:Circumcision 
|
|
#
?
Dec 17, 2021 10:15
|
|
|
|
| # ? May 20, 2024 07:30 |
|
|
Did the image fail to convey itself?
|
|
#
?
Dec 17, 2021 10:39
|
|