Hackers rejoice!
We are releasing the Phrack 71 PDF for you today!
Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue!
The CFP is still open, you can find it and the PDF link at https://phrack.org
It’s a shame to see Sci-Hub falling for web3 hype and adding a pumpfun memecoin ticker to their webpage. Blockchain-based DNS does not automatically mean “decentralized”, and 3DNS — the company behind .box — is based in the US and would be subject to US court orders.
Someone unaffiliated with Sci-Hub created the memecoin, claiming to be fundraising, but said only 20% of proceeds would go to Sci-Hub. Founder Alexandra Elbakyan herself condemned this.
What comes after world domination?
This is the abstract for my scheduled talk at foss-north 2025 in April. What do you think is next?
New year, new skills, new exploits! 💻🎯
Corelan classes are coming your way! Learn Windows stack & heap exploitation from corelanc0d3r.
🔥 Hands-on labs, real-world scenarios & an elite alumni network. Spots fill up fast—register now! 👉 [https://www.corelan-training.com/index.php/training-schedules
As the next step in my quest to make it easier to poison AI crawlers, I present you: OCIocaine: a project where #DockerCompose meets #Caddy and #Iocaine, to poison AI crawlers for all your sites, automatically.
The idea here is to provide a docker compose file that starts up Caddy and Iocaine, configured so that Caddy will reverse proxy for any and all services on the same docker network, as long as they have a few labels that tell it to do so. In addition, a Caddyfile snippet will be available for all of these, which takes care of routing bad visitors to Iocaine.
And if that's not enough, the whole thing comes preconfigured with a wordlist (a list of English words), and traning data (the complete works of Shakespeare), and a list of known AI crawlers (courtesy of ai.robots.txt
).
All you have to do is copy the sample configuration, create a network, start it up, and deploy labeled containers into the same network, and OCIocaine takes care of the rest.
WordPress 6.8 is due to switch their password hashing to bcrypt, and their application passwords to BLAKE2b.
Great news:
They disarmed the 72 char footgun with bcrypt in the way I recommended (HMAC, rather than just SHA2, to prevent hash shucking, and base64 to prevent NUL truncation).
🚨Secure Boot relies on revocation lists (dbx) to block malicious bootloaders, but discrepancies between the @uefiforum & @microsoft lists create security gaps.
👉Call for a single and openly maintained revocation list -- a unified source of truth!
https://www.binarly.io/blog/from-trust-to-trouble-the-supply-chain-implications-of-a-broken-dbx
Project: golang/go https://github.com/golang/go
File: src/cmd/compile/internal/ssa/rewritePPC64latelower.go:55 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/cmd/compile/internal/ssa/rewritePPC64latelower.go#L55
func rewriteValuePPC64latelower_OpPPC64AND(v *Value) bool
SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Fssa%2FrewritePPC64latelower.go%23L55&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fcmd%2Fcompile%2Finternal%2Fssa%2FrewritePPC64latelower.go%23L55&colors=light
New updates in LIEF including better support for PE modifications and ARM64EC/ARM64X binaries.
Blog post: https://lief.re/blog/2025-02-16-arm64ec-pe-support/
Stop saying “artificial intelligence”. (And “neural networks” too.)
Be more specific. Say “reinforcement learning”. Say “generative modelling”. Say “Bayesian filtering”. Say “statistical prediction”.
These are incredibly useful tools that have nothing to do with “intelligence”.
And say “model trained on plagiarised data”.
Say “bullshit generator”.
Say “internet regurgitator”.
These are also nothing to do with intelligence, but they have the added bonus of being useless, too.
Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75ab2bd98
x86_skip_prefixes
SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ab2bd98.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ab2bd98.json&colors=light
FYI: I have made public new #NetBSD AMIs for #AWS #ec2. These are evbarm and amd64 images for NetBSD/10.1 and now have their boot messages sent to the serial console (although it takes EC2 about 5-8 minutes from instance creation until `aws ec2 get-console-output` shows the messages).
These AMIs should be public and ready for you to launch in us-east-1a: