Skip to content

Instantly share code, notes, and snippets.

View TheLastZombie's full-sized avatar

Sunny TheLastZombie

167 followers · 308 following
View GitHub Profile
@NoobGajen
NoobGajen / EndeavourOS to Arch Linux.MD
Last active March 26, 2025 09:21 — forked from sun-jiao/endeavour-to-arch-guide.MD
Converting EndeavourOS to ArchLinux

First of all, uninstall the eos-hooks package, which keeps changing the data of /etc/os-release from a hook while installing base packages.

sudo pacman -R eos-hooks

Reinstall the base package group:

sudo pacman -Syyu --noconfirm archlinux-keyring bash bzip2 lsb-release coreutils file filesystem findutils gawk gcc-libs gettext glibc grep gzip iproute2 iputils licenses pacman pciutils procps-ng psmisc sed shadow systemd systemd-sysvcompat tar util-linux xz linux
@sgammon
sgammon / gist:ec604c3fabd1a22dd3cdc381b736b03e
Created March 31, 2024 03:25
XZ mitigation
There appears to be a string encoded in the binary payload:
https://gist.github.com/q3k/af3d93b6a1f399de28fe194add452d01#file-hashes-txt-L115
Which functions as a killswitch:
https://piaille.fr/@zeno/112185928685603910
Thus, one workaround for affected systems might be to add this to `/etc/environment`:
```
@smx-smx
smx-smx / XZ Backdoor Analysis
Last active February 26, 2025 01:17
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@lietu
lietu / scan_liblzma.sh
Last active March 29, 2024 20:49
Find libraries and binaries that depend on liblzma.so.5 (or other infected libraries)
#!/usr/bin/env bash
# Likely only works on Linux due to GNU Find, probably needs to be ported for BSD utils
OPTIONAL_FIND_ARGS=-xdev # Remove if you don't have slow remote mounts etc.
# Start with liblzma
LIBS=liblzma.so.5
LIB_DIRS="/usr/lib /lib"
BIN_DIRS="/usr/bin /bin /usr/local/bin"
@thesamesam
thesamesam / xz-backdoor.md
Last active April 29, 2025 14:00
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@OrionReed
OrionReed / dom3d.js
Last active April 19, 2025 12:06
3D DOM viewer, copy-paste this into your console to visualise the DOM topographically.
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
(() => {
const SHOW_SIDES = false; // color sides of DOM nodes?
const COLOR_SURFACE = true; // color tops of DOM nodes?
const COLOR_RANDOM = false; // randomise color?
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
const MAX_ROTATION = 180; // set to 360 to rotate all the way round
const THICKNESS = 20; // thickness of layers
const DISTANCE = 10000; // ¯\\_(ツ)_/¯
@adryd325
adryd325 / discord-scatter-plot.py
Last active April 27, 2025 17:14 — forked from lunasorcery/twitter-scatter-plot.py
#!/usr/bin/env python3
# Download your data dump and place this file in the "messages" folder of your data dump.
# Run it using python
from datetime import datetime, timedelta, timezone
import dateutil.parser
import matplotlib.pyplot as plt
import matplotlib.ticker as ticker
import matplotlib.dates as mdates
import csv
@izabera
izabera / pipeline_trick.md
Last active January 6, 2025 17:46

A funky shell thingy that I've never seen before

So you're in posix sh and you want to do the equivalent of this in bash:

foo | tee >(bar) >(baz) >/dev/null

(Suppose that bar and baz don't produce output. Add redirections where needed if that's not the case.)

@cvcore
cvcore / download_vscode_server.sh
Last active April 18, 2025 15:04
Manual download vscode-server
#!/bin/bash
# This script downloads and installs a specific version of VSCode Server for Linux.
# The version is specified by the first argument to the script.
# You can find the git commit id in the output of Remote - SSH plugin in VSCode.
# The output looks like this:
# ...
# Using commit id "af28b32d7e553898b2a91af498b1fb666fdebe0c" and quality "stable" for server
# ...
@mjkstra
mjkstra / arch_linux_installation_guide.md
Last active May 9, 2025 23:47
A modern, updated installation guide for Arch Linux with BTRFS on an UEFI system