Samy Lahfa AkechiShiro

How to resize a qcow2 disk image on Linux

This example takes olddisk.qcow2 and resizes it into newdisk.qcow2, extending one of the guest's partitions to fill the extra space.

1. qcow2 format

1.1. Verify the filesystems of `olddisk.qcow2`

Notes on my Arch Linux installation

Notes on my Arch Linux installation
Create the partitions

Fixing acpi_call kernel oops on Thinkpads

Intro

TLP, a power management utility for Thinkpads and other laptops, uses tpacpi-bat script for battery calibration and setting charge thresholds (for Thinkpads xx20 and later), which in turn uses acpi_call Linux kernel module that enables calls to ACPI methods through /proc/acpi/call. acpi_call can also be used for hybrid graphics switching and other power management tasks.

What happened

As explained here and here, a kernel upstream commit made seek support for [procfs](https://en.wikipedia.org/wiki/

KrbRelay with RBCD Privilege Escalation HOWTO

Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.

TL;DR

No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.

Prerequisites:

LDAP signing not required on Domain Controller (default!)

What is this?

So a friend of mine came across an FB post that is pretending to be an official account run by Facebook, it takes you to a phishing page that asks for your FB credentials to "confirm your identity and reactivate your account". Reporting the post didn't work (aparently that doesn't go against the community guidelines?), so I decided to write a script to spam the phising page with fake credentials that are almost indestinguishable from real data.

How does it work?

I fetched a list with the most common first names and last names to generate realistic fake emails (first name + separator + last name + separator + random number + email host), and also fetched a list of the most common passwords and also made a list of some common browser UserAgent strings, and I just mimic what the phishing page was doing to send the fake data.

It wasn't that straighforward though, the scammer was using SignalR and only accepting input while the websocket session was alive (also there was an "api key" sent

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

Introduction

This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.

Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.

References

CVE-2023-44487, CIRCL CVE Search
How AWS protects customers from DDoS events, AWS

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

	font = "Bmono 12"
	geometry = "0x0-62-62"
	separator_height = 2
	padding = 2
	horizontal_padding = 2
	frame_width = 2

	markup = full
	format = "<b>%s</b>\n%b"
	icon_path = ""

	#!/bin/sh

	_REGS=`echo RomProtect{0,1,2,3} SPICntrl0 SPIRestrictedCmd{,2} AltSPICS`

	for r in $_REGS; do
	chipsec_util.py reg read $r
	done

	dmidecode -t bios -t system