Bluesky Exploits
https://github.com/qwell/bsky-exploits [github.com]
2023-09-13 20:32
tags:
exploit
security
social
ux
web
web
I have discovered a number of security vulnerabilities in Bluesky and atproto. Each time I’ve found something new, I’ve chosen to report it to Bluesky at security@bsky.app, as requested at https://bsky.app/.well-known/security.txt, and provide them with details. Bluesky has responded to only one of these reports, one time, 4 days after submission, saying “We appreciate the report, and we’ll be taking a closer look at the issue.”. They did not follow up on that report and they have not responded to any of my other reports.
acme.sh runs arbitrary commands from a remote server
https://github.com/acmesh-official/acme.sh/issues/4659 [github.com]
2023-06-09 04:49
tags:
programming
security
sh
turtles
web
Now it became immediately obvious to my why HiCA only supports acme.sh. They are not conforming to ACME at all! (Bugs the heck outa me that they’re using the official ACME logo on their site even though they don’t implement the ACME standard.)
Instead, HiCA is stealthily crafting curl commands and piping the output to bash. acme.sh is (being tricked into?) running arbitrary code from a remote server.
source: HN
gotraceui - an efficient frontend for Go execution traces
https://github.com/dominikh/gotraceui [github.com]
2023-03-31 02:29
tags:
development
go
perf
swtools
Gotraceui is a tool for visualizing and analyzing Go execution traces. It is meant to be a faster, more accessible, and more powerful alternative to go tool trace. Unlike go tool trace, Gotraceui doesn’t use deprecated browser APIs (or a browser at all), and its UI is tuned specifically to the unique characteristics of Go traces.
source: L
All About Libpas, Phil's Super Fast Malloc
https://github.com/WebKit/WebKit/blob/main/Source/bmalloc/libpas/Documentation.md [github.com]
2022-06-01 21:43
tags:
c
malloc
perf
programming
Libpas is a fast and memory-efficient memory allocation toolkit capable of supporting many heaps at once, engineered with the hopes that someday it’ll be used for comprehensive isoheaping of all malloc/new callsites in C/C++ programs.
source: HN
Introduction to Apple Silicon
https://github.com/AsahiLinux/docs/wiki/Introduction-to-Apple-Silicon [github.com]
2022-03-17 03:23
tags:
bios
cpu
development
mac
systems
This document attempts to explain the Apple Silicon (i.e. M1 and later) Mac boot ecosystem (henceforth “AS Macs“), as it pertains for how open OSes interoperate with the platform.
It is intended for developers and maintainers of Linux, BSD and other OS distributions and boot-related components, as well as users interested in the platform, and its goal is to cover the overall picture without delving into excessive technical detail. Specifics should be left to other wiki pages. It also omits details that only pertain to macOS (such as how kernel extensions work and are loaded).
source: HN
Wrecking sandwich traders for fun and profit
https://github.com/Defi-Cartel/salmonella [github.com]
2021-03-19 18:19
tags:
blockchain
finance
programming
security
However, nothing is risk-free on the blockchain, and exploitative trading strategies such as sandwich trading and front-running actually increase in risk the more the engineer attempts to generalise their ability to capture opportunities.
To illustrate to novice traders the risks of playing in the mempool, I have conducted a demonstration of a new trading alpha I call “Salmonella”, which involves intentionally exploiting the generalised nature of front-running setups. The goal of sandwich trading is to exploit the slippage of unintended victims, so this strategy turns the tables on the exploiters.
source: HN
Block Profiling in Go
https://github.com/felixge/go-profiler-notes/blob/main/block.md [github.com]
2021-02-10 01:46
tags:
benchmark
development
go
perf
The block profile in Go lets you analyze how much time your program spends waiting on the blocking operations listed below:
source: HN
http desync guardian
https://github.com/aws/http-desync-guardian [github.com]
2021-01-20 07:06
tags:
defense
library
security
web
This means there is a variety of servers and clients, which might have different views on request boundaries, creating opportunities for desynchronization attacks (a.k.a. HTTP Desync). It might seem simple to follow the latest RFC recommendations. However, for large scale systems that have been there for a while, it may come with unacceptable availability impact.
http_desync_guardian library is designed to analyze HTTP requests to prevent HTTP Desync attacks, balancing security and availability. It classifies requests into different categories and provides recommendations on how each tier should be handled.
.NET Memory Performance Analysis
https://github.com/Maoni0/mem-doc/blob/master/doc/.NETMemoryPerformanceAnalysis.md [github.com]
2020-09-10 02:58
tags:
development
dotnet
garbage-collection
investigation
malloc
perf
This document aims to help folks who develop applications in .NET with how to think about memory performance analysis and finding the right approaches to perform such analysis if they need to. In this context .NET includes .NET Framework and .NET Core. In order to get the latest memory improvements in both the garbage collector and the rest of the framework I strongly encourage you to be on .NET Core if you are not already, because that’s where the active development happens.
When I was writing this document I intended to introduce concepts like concurrent GC or pinning as needed by the explanation of the analysis. So as you read it, you’ll gradually come across them. If you already kind of knew what they are and are looking for explanation on a specific concept here are the links to them
source: HN
present - A terminal-based presentation tool with colors and effects.
https://github.com/vinayak-mehta/present [github.com]
2020-08-30 21:36
tags:
release
swtools
text
tty
Slides follow Markdown syntax.
And there’s fireworks!
source: HN
Animation of the SHA-256 hash function in your terminal
https://github.com/in3rsha/sha256-animation [github.com]
2020-05-13 22:22
tags:
hash
interactive
tty
visualization
Restoring Picroma Plasma Without Patching it
https://github.com/ChrisMiuchiz/Plasma-Writeup [github.com]
2020-04-30 18:26
tags:
investigation
programming
Plasma was Picroma’s first (and probably, in their eyes, their primary) product, but only one release was ever created, and it was in 2011. It used an authentication server which eventually went down, so when it stopped working, most people just got rid of the software and moved on. It wasn’t until April 20th, 2020 that the installer from 2011 resurfaced and we could get to work on making this old art tool work again.
source: HN
A "living" Linux process with no memory
https://github.com/izabera/zeromaps [github.com]
2020-03-26 20:50
tags:
linux
malloc
programming
systems
This code gets a list of all memory maps from /proc/self/maps, then creates a new executable map where it jits some code that calls munmap() on each of the maps it just got, and finally on the map it’s on. This is just a quick example with no portability in mind, so the source code contains the actual bytes that would be emitted by a x64 compiler. After unmapping the final map, where the jit code lies, there’s no new instruction to execute and a segfault is raised.
source: HN
oxbar - configurable X11 status bar for OpenBSD
https://github.com/ryanflannery/oxbar [github.com]
2020-03-24 02:59
tags:
admin
openbsd
x11
oxbar is a X11 status bar for OpenBSD showing various system stats. It has a configurable display and works out-of-the-box on most modern window managers in an intuitive fashion. oxbar supports FreeType font rendering and styling, true transparency & alpha blending on all UI components (including the root window), and a simple configuration format that can concisely support multiple themes.
source: vermaden
Avast Antivirus JavaScript Interpreter
https://github.com/taviso/avscript [github.com]
2020-03-10 01:47
tags:
malware
release
security
testing
windows
Despite being highly privileged and processing untrusted input by design, it is unsandboxed and has poor mitigation coverage. Any vulnerabilities in this process are critical, and easily accessible to remote attackers.
source: grugq
The Hidden Number Problem
https://github.com/kelbyludwig/notebooks/blob/master/The%20Hidden%20Number%20Problem.ipynb [github.com]
2020-01-24 07:47
tags:
crypto
exploit
interactive
math
programming
python
security
The Hidden Number Problem (HNP) is a problem that poses the question: Are the most signficant bits of a Diffie-Hellman shared key as hard to compute as the entire secret? The original problem was defined in the paper “Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes” by Dan Boneh and Ramarathnam Venkatesan.
In this paper Boneh and Venkatesan demonstrate that a bounded number of most signifcant bits of a shared secret are as hard to compute as the entire secret itself. They also demonstrate an efficient algorithm for recovering secrets given a significant enough bit leakage. This notebook walks through some of the paper and demonstrates some of the results.
gter - a terminal for GUI apps
https://github.com/raoofha/gter [github.com]
2020-01-14 22:02
tags:
sh
swtools
ux
x11
A shell may be more accurate?
source: HN
Peak Map
https://github.com/anvaka/peak-map [github.com]
2020-01-10 01:32
tags:
graphics
maps
visualization
web
The BLAKE3 cryptographic hash function
https://github.com/BLAKE3-team/BLAKE3 [github.com]
2020-01-09 21:26
tags:
crypto
hash
library
security
BLAKE3 is based on an optimized instance of the established hash function BLAKE2, and on the original Bao tree mode. The BLAKE3 specifications and design rationale are available in the BLAKE3 paper. The current version of Bao implements verified streaming with BLAKE3.
source: L
SafeSide
https://github.com/google/safeside [github.com]
2020-01-09 20:27
tags:
development
security
sidechannel
testing
SafeSide is a project to understand and mitigate software-observable side-channels: information leaks between software domains caused by implementation details outside the software abstraction.