ActiveTK․

@activetk.jp

19
Followers 12
Following 3
Posts 07.02.2024
Joined

Posts Following

Latest posts by ActiveTK․ @activetk.jp

I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.

The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().

It's RCE, not auth bypass, and gated/unreplayable.

30.03.2024 17:13 👍 687 🔁 275 💬 7 📌 13

既定で20人を自動フォローするのか....いろいろと事故る人いそう

07.02.2024 08:03 👍 4 🔁 0 💬 0 📌 0

activetkの方でアカウントを再作成しました。
MisskeyにせよBlueskyにせよ、やはりtwttrに近いUIですね。

07.02.2024 07:56 👍 3 🔁 0 💬 0 📌 1

Hello, world!

07.02.2024 07:54 👍 5 🔁 0 💬 0 📌 0