New version of Function-Graph-Overview is out for both VSCode and JetBrains IDEs.

This version is a bugfix release, solving some edge-cases that led to infinite loops in rendering, and improving performance in some cases too. Thanks @buherator for the fix!

JetBrains: https://plugins.jetbrains.com/plugin/25676-function-graph-overview
VSCode: https://marketplace.visualstudio.com/items?itemName=tamir-bahar.function-graph-overview

The future of IBM Power CPUs.
#IBMi #rpgpgm #IBMChampion
https://www.rpgpgm.com/2025/01/the-future-of-ibm-power-cpus.html

I will stream tonight (9PM CET) about the basics of PDF file format tricks - the road to funky PDF, polyglots and hash collisions! See you there!
https://www.youtube.com/live/8g6G96nn7Mo?si=0IByzWDDNDtrnPPk

Interesting links of the week:

Strategy:

* https://jericho.blog/2024/12/28/mitres-phoning-in-new-cnas/ - a critique of the training for new CNA from @attritionorg

Standards:

* https://www.misp-standard.org/blog/Naming-Threat-Actor/ - @misp proposes a standard for naming threat actors

Threats:

* https://www.propublica.org/article/ap3-oath-keepers-militia-mole - moles in right wing infrastructure
* https://community.emergingthreats.net/t/the-many-cves-of-d-link-hnap-command-injection/2314 - attacking HNAP for CLI injection
* https://www.flux.utah.edu/paper/singh-nsdi24 - analysing the prevalence and scope of ITW SSH brute force attacks

Detection:

* https://www.usenix.org/conference/usenixsecurity24/presentation/badva - paper on threat hunting, full disclosure: participant P18 is me :)

Bugs:

* https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/ - AD LDAP sadness
* https://social.circl.lu/@vulnerability_lookup/113761006476621066 - fediverse reporting on the same bugs by @vulnerability_lookup
* https://thesecmaster.com/blog/how-to-protect-your-four-faith-industrial-routers-from-cve-2024-12856-a-critical - hacking the factory
* https://seclists.org/fulldisclosure/2024/Dec/21 - when the CTF platform itself supplies the bugs...
* https://seclists.org/fulldisclosure/2024/Dec/19 - iSay, iSay, shell me a midtier, sir!

Exploitation:

* https://people.kernel.org/kees/colliding-with-the-sha-prefix-of-linuxs-initial-git-commit - @kees collides Linux
* https://www.hvs-consulting.de/en/nfs-security-identifying-and-exploiting-misconfigurations/ - holes in NFS, surely not?
* https://blog.slowerzs.net/posts/thievingfox/ - stealing passwords for red team glory

Hardening:

* https://www.cisa.gov/sites/default/files/2024-01/SbD-Alert-Security-Design-Improvements-for-SOHO-Device-Manufacturers.pdf - CISA advice on SOHO networks.. not wildly blown away but I suppose they have to start somewhere...

Nerd:

* https://github.com/markqvist/Reticulum/discussions/231 - an interesting approach to non-TCP/IP federated networks as shared by @sqshr...
* https://www.jmeiners.com/lc3-vm/ - write your own VM... kinda remember doing this at uni
* https://tickets.why2025.org/ - have you ordered your tickets for @why2025camp

#security, #research

at #38c3 @rdjgr did a pretty good job at explaining the lore of how they scammed me before we ultimately joined forces. make sure to check out the full talk ("Dialing into the Past: RCE via the Fax Machine – Because Why Not?"), great stuff!

[RSS] Reliable system call interception [with seccomp user notify]

https://blog.mggross.com/intercepting-syscalls/

#genuary5 prompt: Isometric art.

It's game of life. History goes down. I've seen a visualization like this last year and wanted to recreate it.

Made with #PyScript:
https://ambv.pyscriptapps.com/genuary-prompt-5/latest/

#genuary2025 #genuary #GenerativeArt #CreativeCoding #WebGL #Python

I have this favorite story about "the first 3D shopping mall" on the Hungarian Internet: it was of course a massive failure, because the minds behind it didn't realize that people are not going to the mall to use escalators (which was precisely modeled in VRML along with corridors, benches, etc).

I think the recent enthusiasm about GenAI-driven voice/video recognition is similar in this aspect: in many cases people would prefer a system *not* involving human(-like) interaction (or using an escalator), it's just we currently don't have better solutions for many tasks. Assuming a speech/video interface is always better than e.g. a bar code reader results in faster horses, not cars.

#GrapheneOS appears to be standing up to UK forensics, in this painful and "unprecedented" case which could see a UK journalist go to jail for not relinquishing the passphrase to his devices. Not only is withholding his basic human right, but he does it to protect his sources, and as ratified in the European Court of Human Rights.

https://www.ilfattoquotidiano.it/in-edicola/articoli/2025/01/02/british-journalist-could-face-years-in-prison-for-refusing-to-hand-over-his-passwords-to-the-police/7822432/

#humanrights #infosec #privacy

Oh hey. Just wanted to let you know today that I am open to hobby/public IC decapping and imaging projects. Boosts and other sharing are always appreciated!

More info here: https://siliconpr0n.org/archive/doku.php?id=infosecdj:start#commissioning_work

#microscopy #reverseengineering #electronics

The last couple of days I worked with @tmr232 to bring binaries to his @cfgbot.

Here's my script to export CFG's in DOT and JSON formats from #Ghidra:

https://github.com/v-p-b/ghidra-graph-export

I also exported the latest Microsoft Defender and openssl binaries:

https://github.com/v-p-b/ghidra-function-graph-datasets

... so you can enjoy Absolute Units like:

https://tmr232.github.io/function-graph-overview/render/?graph=https://gist.githubusercontent.com/v-p-b/67d63235089a02888d0bb0159181534a/raw/2799461034b0c0d6fff2051868d56370962965eb/netvm_emulate.json

Like and subscribe:

https://mastodon.social/@cfgbot
https://bsky.app/profile/cfgbot.bsky.social

Arrrgh does anyone have a recommendation for a hugo theme that is very very simple (no sass or npm etc), text-centric, responsive, and accessible? I am trying to move off Wordpress for this site:

https://frameshiftconsulting.com/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 0058b000

EC_POINT_is_at_infinity

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0058b000.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0058b000.json&colors=light

Following my live stream yesterday to introduce the basics of the PDF file format, I will stream live in 7 hours on the risks of information leaks in PDF document, based on in-the-wild examples and hand-written PoCs.
The pace was nice and chill - see you there! https://www.youtube.com/live/hncHOnppwl8?si=yfWEeTbiXgoHbp-D

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a3d13a8

GetVolumeGuid

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a3d13a8.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a3d13a8.json&colors=light

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75ac7c698

Add

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ac7c698.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ac7c698.json&colors=light

my name is `adduser`
and my brother's `useradd`
one of us is good
and one of us is bad!

which of us is which?
there is no way to know
we change names sometimes
to keep you on your toes!

FuuuUUUuuuck Cancer.
Just learned that Amit Yoran has passed.
He was a friend, and a long-time supporter of @SecurityBSidesGlobal from the early days of NetWitness through his leadership at Tenable.
Fuckity fuck fuck, would y'all stop dying and shit? Please?

I still don't get GPU accelerated terminal emulators.

I just git added a directory of >100k files in a non-accelerated terminal and I didn't even notice the combined lag of terminal prints **and** git tree updates in the background. I only noticed the change was this large because GitHub complained!