Language Selection

English French German Italian Portuguese Spanish

Leftovers: Kernel

Filed under

More in Tux Machines

Best Hex Editors for Linux

This article will list useful hex editor applications available for Linux. Hex editors allow you to modify pre-compiled binary files whose source code is typically not available to change. They work by browsing binary data present in a file and then presenting the data in hexadecimal notation to users. Hex editors can also show partial or full ASCII data depending on the contents of the file. These hex editors allow you to change hexadecimal values, thereby allowing users to modify file behavior even if they don’t have access to source code. However, the data represented by a hex editor is not exactly human readable. Reading and interpreting hexadecimal values to infer program logic and behavior is not an easy task by any means and it takes considerable efforts to find values and make even the smallest of change. A hex editor is one of the first tools used while reverse engineering a file. Read more

LibreOffice Online with Team Editing Collaboration

Continuing the intro, now we will try LibreOffice Online with team collaboration. This allows you and friends (a team) altogether to edit a document simultaneously via the internet. It supports computer, laptop, as well as Android device users. How to do that? This simple tutorial explains it step by step for you. [...] Once a friend clicked the link, he/she will open your document on the web browser, asked for a name, asked for the password if any, and finally can edit the document together with you at the same time. The name asked will be used as identifier when a team working together. Read more

Security Leftovers

  • Feeding Frenzy as criminal groups stake their claim on Outlook Web Access servers

    This weekend, several days after the Patch Tuesday when Microsoft released fixes for the ProxyLogon vulnerability, Netcraft found more than 99,000 unpatched Outlook Web Access servers accessible on the internet — of which several thousand have clear evidence of one of more web shells installed. Outlook Web Access (OWA) provides remote access to on-premises Microsoft Exchange mailboxes. While a treasure trove of corporate email is a tempting enough target itself, it can also act as jumping-off point for deeper network access. Vulnerable versions allow unfettered remote access to the mail server. Originally attributed to the Hafnium group, the variety of different web shells and file naming conventions found by Netcraft suggest that the shells belong to multiple groups who have been spurred into action since Microsoft’s announcement by the scale of the opportunity.

  • A Basic Timeline of the Exchange Mass-Hack

    Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange? Pressed for a date when it first became aware of the problem, Microsoft told KrebsOnSecurity it was initially notified “in early January.” So far the earliest known report came on Jan. 5, from a principal security researcher for security testing firm DEVCORE who goes by the handle “Orange Tsai.” DEVCORE is credited with reporting two of the four Exchange flaws that Microsoft patched on Mar. 2.

  • David Tomaschik: BSidesSF 2021 CTF: Encrypted Bin (Author Writeup)

    I thought I’d do a walk through of how I expected players to solve the challenge, so I’ll write this as if I’m playing the challenge. Visiting the web service, we find an upload page for text and not much else. When we perform an upload, we see that we’re redirected to a page to view the encrypted upload...

Proposal and Steps To Dual-License Gutenberg Under the GPL and MPL

The GPL is so embedded into WordPress that it is not just the license the platform is under but a part of the community’s culture. Friends have been gained and lost over discussions of it. Bridges burned. Battles waged. People cast out to the dark corners of the web that “we don’t talk about.” There was even a time when one could expect a fortnightly GPL dust-up in which the inner WordPress world argued the same points over and over, ad nauseam. It might be hard to imagine a world where — outside of third-party libraries — direct contributions to the software are under anything other than the GPL. However, the wheels are now in motion. The Gutenberg project, which is the foundation of WordPress going forward, may soon be under both the GNU General Public License (GPL) v2 and the Mozilla Public License (MPL) v2.0. Read more Also: People of WordPress: Olga Gleckler