Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 004f2a10

tls_post_process_client_hello

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F004f2a10.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F004f2a10.json&colors=light

Thanks to the most awesome @c3voc people the most excellent registration of my #why2025 talk yesterday is up already! DNA & Molecular Biology: A 2025 digital view has been released on media.ccc.de and YouTube #why2025 #Thesquarehole #Andromeda #why2025eng https://media.ccc.de/v/why2025-33-dna-molecular-biology-a-2025-digital-view https://www.youtube.com/watch?v=22lcbiXf9gc https://program.why2025.org/why2025/talk/GGDRKY/

Grown men, he told himself, in flat contradiction of centuries of accumulated evidence about the way grown men behave, do not behave like this.

#HitchhikersGuide #DouglasAdams #quotes #quote #bot

#iocaine has been up for 11d 12h 45min, and spent 1d 16h 7min dealing with - gestures hands wildly - everything.

In the past 24 hours, it served 12.10M requests, 98.82% of which were garbage, 1.18% passed through unscathed, and 0.01% were fed to the Cookie Monster. This required about 104.97MiB of memory on average, and 34.57GiB of absolute trash was served to the nastiest visitors.

Top three garbage consumers were:

1. Bots trying to hide (and failing) - 8.31M
2. ClaudeBot - 1.74M
3. GPTBot - 814.69k

In these trying times, 0.11% of all requests were likely of human origin: I hope you enjoyed your stay, and will visit again! Of all requests iocaine let into the garden, 69.25% were from Fediverse software. Thank you! #FediHug

#AIStatsPorn

Boycott all movies, entertainments, concerts, newspapers which are in any way connected with the quisling authorities.

PHONY AWARD ceremony at the PHRACK PARTY at @why2025camp hosted by @Emerson @thc and tmp.out

VOTE (by shouting) for the “Biggest Security Facepalm” and more. Legends like Hegseth and Crowdstrike have been nominated and informed.

Winning prize is the privilege to be trolled by us and pay for phrack's next print release :>

Interesting links of the week:

Strategy:

* https://www.ncsc.gov.uk/blog-post/caf-v4-0-released-in-response-to-growing-threat - NCSC CAF 4.0 drops
* https://cfp.bsides.london/bsides-london-2025/cfp - BSides London CFP is open
* https://data-media.s3.us-east-1.amazonaws.com/assets/CISOs+guide+to+SAP+Security.pdf - a CISO view on SAP

Threats:

* https://unit42.paloaltonetworks.com/infiltration-of-global-telecom-networks/ - PA give their thoughts on telco intrusions

Detection:

* https://medium.com/anton-on-security/soc-visibility-triad-is-now-a-quad-soc-visibility-quad-2025-72811401073a - @anton_chuvakin's take on what comes next in SOCs... is it AI or is it fuck?
* https://www.greynoise.io/resources/early-warning-signals-attacker-behavior-precedes-new-vulnerabilities - what to look for as new bugs rain down...
* https://bakerstreetforensics.com/2025/08/02/enhance-threat-hunting-with-mitre-lookup-in-malchela-3-0-2/ - neat @mitreattack integration
* https://www.totes-legit-notmalware.site/home/detection-exercise-d-link-dir-513-cves-2025-8184-8169-and-8168 - @da_667 talks IDS detections

Exploitation:

* https://specterops.io/blog/2025/07/29/bloodhound-v8-usability-extensibility-and-opengraph/ - new dog, who dis?
* https://www.incendium.rocks/posts/Exploit-Development-For-MSRPC/ - developing exploits for Microsoft RPC
* https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/ - @trailofbits exploit some 0lddays
* https://secret.club/2022/08/29/bootkitting-windows-sandbox.html - breaking the Windows sandbox
* https://blogs.cisco.com/security/extracting-training-data-from-chatbots - another way to fuck with LLMs

Hardening:

* https://lwn.net/Articles/1030669/ - how security patches land in Debian

Development:

* https://metacpan.org/dist/MCP - MCP in Perl
* https://20455591.fs1.hubspotusercontent-na1.net/hubfs/20455591/Website%20Assets/Secure%20Coding%20Guideline%20en%20BASE24%20.pdf - writing secure Base24 code

Nerd:

* https://www.e-resident.gov.ee/uk-hub-digital-residency-setup/ - become a virtual Estonian

#security, #research

Radare2 continues to broaden its architecture support, Version 6.0.0 adds support for several lesser-known or specialized targets, including:

- RCA COSMAC 1806 microprocessors
- TMS320 C6x DSPs from Texas Instruments
- Classic Macintosh and BeOS PEF binaries
- Plan 9 RISC-V binaries
- Updates to EVM support for recent Solidity versions

This is an interesting pro-AI take, exploring beyond the hype. I do like some of its points. Maybe accuracy (not that we all have been doing a great job) etc are irrelevant in the future and speed is what matters. A broken/insecure system that has ability to update and fix in real time might be better than the current crap patch cycle we have (although it seems patching gaps are crashing hard). Fits well the potential displayed at AIxCC contest.

https://fluxus.io/article/a-hitchhikers-guide-to-the-ai-bubble

In 40 minutes at 11 AM Dutch time you can watch a presentation on the Cyber Resilience Act here: https://streaming.media.ccc.de/why2025/andromeda https://program.why2025.org/why2025/talk/RT9XQ9/ @vaurora

The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: https://http1mustdie.com/

Good morning @why2025camp - we are up and running and the first talks just started off. Live streams are here https://streaming.media.ccc.de/why2025/ #why2025camp #why2025 - we are still having a lot of camera, video mixing and audio mixing shifts open. If you'd like to volunteer and maybe know something about video - feel free to come to the Productiehuis HelpDesk https://map.why2025.org/?building=35&building_table=buildings#maphash=19/52.691395/4.744388/-20 ^th

Another fresh #Python #tarfile #vulnerability

Python TarFile.extractall(..., filter='tar') arbitrary file chmod

https://github.com/python/cpython/issues/127987

🥈 We won second place in DARPA's AI Cyber Challenge with Buttercup!

After competing against 7 top teams to build autonomous AI systems, we're excited to announce that Buttercup, our Cyber Reasoning System that automatically discovers and patches vulnerabilities, is now open source.

Learn more about Buttercup: https://blog.trailofbits.com/2025/08/08/buttercup-is-now-open-source/

3 or 4 decades of InfoSec and this kind of crap still going on :P

"The Linux kernel contributes to this issue by exposing esoteric features through the same syscalls as commonly-used core kernel functionality."