| --- Log opened Tue Oct 15 00:00:53 2019 |
| 00:05 | | Kimo|autojoin is now known as Kindamoody |
| 01:19 | | Kindamoody is now known as Kindamoody[zZz] |
| 01:21 | <&McMartin> | https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html |
| 02:02 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has quit [Connection closed] |
| 02:32 | <&ToxicFrog> | The reportage on that is...kind of awful? |
| 02:32 | <&ToxicFrog> | The attack vector is: if you have a user in your sudoers file who is not permitted to become root, but is permitted to run some specific programs as anyone but root, they can also run this programs as root even if they shouldn't be able to. |
| 02:33 | <&ToxicFrog> | Which is bad, but not "allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system" bad. |
| 02:51 | <@Alek> | from what I see, as long as the ALL entry is on the top of the list and they have ANY sudo access, they can do it. maybe solvable by moving the ALL entry to the bottom? |
| 03:03 | | himi [sjjf@Nightstar-1drtbs.anu.edu.au] has joined #code |
| 03:03 | | mode/#code [+o himi] by ChanServ |
| 03:09 | | catalyst [catalyst@Nightstar-v6lb30.cable.virginm.net] has joined #code |
| 03:28 | | Degi [Degi@Nightstar-tljrft.dyn.telefonica.de] has quit [Ping timeout: 121 seconds] |
| 03:31 | | Degi [Degi@Nightstar-ntckpd.dyn.telefonica.de] has joined #code |
| 04:53 | | catalyst [catalyst@Nightstar-v6lb30.cable.virginm.net] has quit [Connection closed] |
| 06:35 | | celticminstrel [celticminst@Nightstar-ocfc15.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 07:32 | | himi [sjjf@Nightstar-1drtbs.anu.edu.au] has quit [Ping timeout: 121 seconds] |
| 09:32 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has joined #code |
| 09:32 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 10:02 | | himi [sjjf@Nightstar-v37cpe.internode.on.net] has joined #code |
| 10:02 | | mode/#code [+o himi] by ChanServ |
| 10:06 | | Derakon_ [Derakon@Nightstar-f1lpvo.ca.comcast.net] has joined #code |
| 10:09 | | Derakon [Derakon@Nightstar-f1lpvo.ca.comcast.net] has quit [Ping timeout: 121 seconds] |
| 10:34 | | Kindamoody[zZz] is now known as Kindamoody |
| 11:13 | <&[R]> | https://pastebin.com/CbR3YYHw Hmm |
| 11:28 | <@ErikMesoy> | Hmmm |
| 12:06 | | Kindamoody is now known as Kindamoody|afk |
| 13:15 | | celticminstrel [celticminst@Nightstar-ocfc15.dsl.bell.ca] has joined #code |
| 13:15 | | mode/#code [+o celticminstrel] by ChanServ |
| 13:29 | <&jerith> | Hmmmm? (paste is gone) |
| 13:32 | <@ErikMesoy> | Seeds to input to Java.Random so that it pseudorandomly generates "1 1 1 1 1 1 1 1 1 1" or "0 1 2 3 4 5 6 7 8 9" on nextInt, or generates "hello world" as a series of characters. |
| 13:33 | <@ErikMesoy> | I retained one I copied out. Random r = new Random(441287210); for (int i=0;i<10;i++) {System.out.print(r.nextInt(10)+" ");} |
| 13:37 | <&jerith> | I wonder how system/version-dependent that is. |
| 13:38 | | celticminstrel is now known as celmin|away |
| 13:49 | | gnolam [lenin@Nightstar-e3tf4i.priv.bahnhof.se] has quit [[NS] Quit: Reboot] |
| 13:53 | | gnolam [lenin@Nightstar-e3tf4i.priv.bahnhof.se] has joined #code |
| 13:53 | | mode/#code [+o gnolam] by ChanServ |
| 15:10 | | gnolam_ [lenin@Nightstar-e3tf4i.priv.bahnhof.se] has joined #code |
| 15:11 | | gnolam [lenin@Nightstar-e3tf4i.priv.bahnhof.se] has quit [NickServ (RECOVER command used by gnolam_)] |
| 15:11 | | gnolam_ is now known as gnolam |
| 15:11 | | mode/#code [+o gnolam] by ChanServ |
| 16:03 | <&[R]> | I am going to tell everyone a scary story |
| 16:03 | <&[R]> | `sudo -u remote_user ssh -i /home/remote_user/.ssh/id_rsa 10.10.9.183 'bash -s' < myscript.sh` |
| 16:43 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has joined #code |
| 18:52 | | Kindamoody|afk is now known as Kindamoody |
| 19:10 | | Derakon_ is now known as Derakon |
| 19:10 | | mode/#code [+ao Derakon Derakon] by ChanServ |
| 21:33 | | Vorntastic [uid293981@Nightstar-6br85t.irccloud.com] has joined #code |
| 21:33 | | mode/#code [+qo Vorntastic Vorntastic] by ChanServ |
| 22:05 | <&McMartin> | I don't suppose anyone here still runs WinXP 64 |
| 22:05 | <&McMartin> | Hopefully not on any public network if so |
| 22:30 | <@Reiv> | ... I had generally understood WinXP 64 to be a pox upon all your houses to begin with |
| 22:31 | <&[R]> | I think I had an instance 5 years ago |
| 22:50 | <@Tamber> | I still regularly use an XP machine at work, but it's a 32bit one. |
| 22:52 | < Mahal> | WinXP 64 was fairly notoriously shit, yes |
| 22:52 | < Mahal> | If someone's looking for an ISO, I could acquire one for you |
| 22:57 | <&McMartin> | Nah |
| 22:57 | | * McMartin is experimenting with some low-level Win64 stuff, and it isn't clear whether he should care about avoiding calls that weren't added until Vista. |
| 22:59 | <~Vorntastic> | Meh |
| 23:00 | <~Vorntastic> | Honestly you can skip pre-7. I haven't seen a Vista box in the wild in a long time either |
| 23:00 | <&McMartin> | It turns out the avoidance costs five bytes of code, so I might as well, really. |
| 23:07 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has quit [Ping timeout: 121 seconds] |
| 23:13 | <~Vorntastic> | Heh |
| 23:41 | <&McMartin> | And it looks like some of the _fun_ stuff is actually not introduced until Win7, *but* appears as flags in the final executable that earlier versions ignore |
| 23:41 | <&McMartin> | I am not yet 100% sure how some of those will work out |
| 23:42 | | * McMartin is also not yet 100% sure how flagrantly 1991-era DOS he should be making this. |
| 23:43 | <&McMartin> | The thing I want to play with here is that apparently ASLR is just a linker flag, and so is "hey, use the entire 64-bit address space for ASLR"... |
| 23:44 | <&McMartin> | ... but the actual encoded instructions are using 32-bit relative-from-instruction-pointer addresses for pretty much everything. |
| 23:44 | <&McMartin> | That is a circle I would like to see squared. |
| 23:44 | <&McMartin> | I know how *I'd* probably do it, but that doesn't mean that's what it does. |
| 23:47 | <&McMartin> | No, wiki, ASLR is not ASMR. |
| 23:51 | <@gnolam> | Vorntastic: ha... ha... ha... |
| 23:52 | <@gnolam> | There are a scary number of industrial XPs still out there. |
| 23:52 | <&McMartin> | Oh, I do not doubt this at all |
| 23:52 | <&McMartin> | But I *do* doubt that a significant fraction of them are XP64. |
| 23:52 | <@gnolam> | That is true. |
| --- Log closed Wed Oct 16 00:00:55 2019 |