| XZ Backdoor symbol deobfuscation. Updated as i make progress |
| 0810 b' from ' | |
| 0678 b' ssh2' | |
| 00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
| 0708 b'%s' | |
| 0108 b'/usr/sbin/sshd\x00' | |
| 0870 b'Accepted password for ' | |
| 01a0 b'Accepted publickey for ' | |
| 0c40 b'BN_bin2bn\x00' | |
| 06d0 b'BN_bn2bin\x00' | |
| 0958 b'BN_dup\x00' |
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.
| # THIS LINUX SETUP SCRIPT HAS MORPHED INTO A WHOLE PROJECT: HTTPS://OMAKUB.ORG | |
| # PLEASE CHECKOUT THAT PROJECT INSTEAD OF THIS OUTDATED SETUP SCRIPT. | |
| # | |
| # | |
| # Libraries and infrastructure | |
| sudo apt update -y | |
| sudo apt install -y \ | |
| docker.io docker-buildx \ | |
| build-essential pkg-config autoconf bison rustc cargo clang \ |
| htmx.config.useTemplateFragments = true | |
| htmx.defineExtension('clone', { | |
| onEvent: function (name, evt) { | |
| if (name === 'htmx:beforeRequest') { | |
| if (evt.detail.elt) { | |
| const get = evt.detail.elt.getAttribute('hx-get') | |
| if (get && get.startsWith('clone:')) { | |
| const selector = get.substring(6) | |
| //console.log('htmx-clone: Intercepting xhr request to inject template with selector:', selector) | |
| const template = document.querySelector(selector) |
V8 is Google’s open source high-performance JavaScript and WebAssembly engine, written in C++. It is used in Chrome and in Node.js, among others. It implements ECMAScript and WebAssembly, and runs on Windows 7 or later, macOS 10.12+, and Linux systems that use x64, IA-32, ARM, or MIPS processors. V8 can run standalone, or can be embedded into any C++ application.
SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell. It can also be [compiled](https://bytecodealliance.org/articles/making-javascript-run-fast-on
I'm seeing how far I can get through Advent of Code using only Vim's editing commands. No Vimscript, variables, or function calls allowed! (Use of the expression register is also STRICTLY limited. I employed it to do adding in some early solutions, but anything more complex is a no-no.)
Solutions are notated using the standard notation used in Vim mappings and documentation. Ctrl-A is notated as <C-A>, Escape as <Esc>, Return as <CR>, etc.
But if a line starts with a colon, then it's an entire ex command: press Enter at the end of the line.
Otherwise, linebreaks aren't meaningful: they're just inserted at places that felt "natural" to me.
Note that I'm well aware the same techniques could be streamlined considerably: my intention with these is — hard as this may be to believe — to aim for clarity over efficiency. I'm not golfing here!
| " Have j and k navigate visual lines rather than logical ones | |
| nmap j gj | |
| nmap k gk | |
| " Go to beginning/end of line | |
| nmap gh ^ | |
| nmap gl $ | |
| " Cycle between tabs | |
| exmap tabprev obcommand workspace:previous-tab |
Why?