| 0810 b' from ' | |
| 0678 b' ssh2' | |
| 00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
| 0708 b'%s' | |
| 0108 b'/usr/sbin/sshd\x00' | |
| 0870 b'Accepted password for ' | |
| 01a0 b'Accepted publickey for ' | |
| 0c40 b'BN_bin2bn\x00' | |
| 06d0 b'BN_bn2bin\x00' | |
| 0958 b'BN_dup\x00' |
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.
| const NEW_CHARMAP = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20!\"#$%&'{([])}*+-.\\/0123456789:;,<=>?@EeAaUuOoIiFfGgHhJjLl|WwMmNnBbDdTtPpQqRrKkCcSsZzVvXxYy^_`~"; | |
| function get_new_char_code(old_char_code){ | |
| return NEW_CHARMAP.indexOf(String.fromCharCode(old_char_code)); | |
| } | |
| function get_old_char_code(new_char_code){ | |
| return NEW_CHARMAP.charCodeAt(new_char_code); | |
| } | |
| RSA Private-Key: (6969 bit, 69 primes) | |
| modulus: | |
| 01:01:a2:9e:47:bc:24:44:b8:5a:6d:ee:28:5a:e0: | |
| 66:13:46:f1:b6:33:54:91:86:c2:91:1c:5e:b9:4a: | |
| 7b:0f:b8:24:86:a1:66:5a:fd:0e:59:a1:bf:e8:8f: | |
| 7a:50:29:47:d5:6e:03:c4:50:1d:ac:38:7d:c3:30: | |
| 9a:5e:07:b8:1c:21:d8:c7:d1:91:b2:59:da:0d:66: | |
| 9d:99:12:51:9d:e4:04:f4:3b:30:b4:b9:96:91:4b: | |
| 4c:6f:73:e5:09:86:ee:d2:fa:5f:a1:98:0b:ba:05: | |
| 6e:ab:4d:c9:29:a8:b7:eb:06:84:f2:c4:46:a9:cd: |
| [ | |
| { | |
| "build": "20A362", | |
| "fw": "iPhone15,2_16.0_20A362_Restore.ipsw", | |
| "file": "LLB.d73.RELEASE.im4p", | |
| "kbag": "985898593B143B130AAEA95C723A342D647ED5F9E0953871E836000A7108E52D75E0BA03A9917E984889DCA1253D3F1C", | |
| "key": "9f58969bb426e99f2dc541bd524f2b5696865560a201a230ee25c89cd2a147d9e5d17779c0b816fd29c5f760a892c5bf" | |
| }, | |
| { | |
| "build": "20A362", |
| Return value;Return code;Description | |
| 0x00000000;STATUS_SUCCESS;The operation completed successfully. | |
| 0x00000000;STATUS_WAIT_0;The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state. | |
| 0x00000001;STATUS_WAIT_1;The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state. | |
| 0x00000002;STATUS_WAIT_2;The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state. | |
| 0x00000003;STATUS_WAIT_3;The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state. | |
| 0x0000003F;STATUS_WAIT_63;The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state. | |
| 0x00000080;STATUS_ABANDONED;The caller attempted to wait for a mutex that has been abandoned. | |
| 0x00000080;STATUS_ABANDONED_WAIT_0;The call |
| Date,Details,Email Payload Type,Users Targeted | |
| 10/1/2023,FW: damaged Goods; xlam -> agenttesla continued to 10/9,Attachment, | |
| 10/2/2023,RE: SHIPPING DOCUMENT & PACKING LIST; r15 -> agenttesla,Attachment,2 | |
| 10/2/2023,RE: CONFIRM REVISED PIURCHASE ORDER; zip -> formbook,Attachment,2 | |
| 10/2/2023,Signed Purchase Order: PO/US/4509622207; zip -> formbook,Attachment,2 | |
| 10/2/2023,Attachment name is Document.zip; zip -> agenttesla,Attachment,2 | |
| 10/3/2023,RE: New Order; r15 -> agenttesla,Attachment,2 | |
| 10/3/2023,Wrong Payment Information; zip -> agenttesla,Attachment,2 | |
| 10/4/2023,RE: Status For September SOA; xls -> agenttesla continued to 10/5,Attachment,4 | |
| 10/5/2023,Purchase Order - HOM-OS-20-23-813; r15 -> agenttesla,Attachment,2 |
This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.
Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.
| app_name | repo | electron_version | vulnerable | |
|---|---|---|---|---|
| 1Clipboard | https://github.com/wiziple/1clipboard | |||
| 1Password | None | 25.8.1 | FALSE | |
| 3CX Desktop App | 19.0.8 | TRUE | ||
| 5EClient | None | |||
| Abstract | None | |||
| Account Surfer | None | |||
| Advanced REST Client | https://github.com/advanced-rest-client/arc-electron | ^17.0.0 | TRUE | |
| Aedron Shrine | None | |||
| Aeon | https://github.com/leinelissen/aeon | 23.2.0 | TRUE |
| # latest supported electron version as of october 2024 | |
| LATEST_SUPPORTED_VERSION=30 | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| NC='\033[0m' # no color | |
| mdfind "kind:app" 2>/dev/null | sort -u | while read app; | |
| do | |
| filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework" | |
| if [[ -f $filename ]]; then |