0v0

5mo ago

What does firefox.settings.services.mozilla.com domain do?

It's used to check for website breaches. From How to stop Firefox from making automatic connections:

Firefox Monitor warns you if your online accounts were involved in a known data breach. For more information, see Firefox Password Manager - Alerts for breached websites.

To get the latest login breach information and more, Firefox connects to firefox.settings.services.mozilla.com

To disable, see here.

6mo ago

Alternatives to VirtualBox?

Jump

You can also run VirtualBox with KVM as a backend.

8mo ago

How would I go about gaining access to a locked-down Linux device I own.

Jump

The attack worked, the password is cmF0dGEK.

This was obtained by generating 32 possible plaintexts for the first 10 bytes of system.zip (based on the different values in the headers of ~300 zip files on my system), plus three null bytes for the high bytes of compressed size, file name length and extra field length.

8mo ago

How would I go about gaining access to a locked-down Linux device I own.

Jump

The inner zip files are just stored, uncompressed:

 text

    
Archive: update.zip
Index Encryption Compression CRC32    Uncompressed  Packed size Name
----- ---------- ----------- -------- ------------ ------------ ----------------
    0 ZipCrypto  Store       d1bca061     65761967     65761979 system_lib.zip
    1 ZipCrypto  Deflate     64a3f383         2183          741 config.json
    2 ZipCrypto  Store       3731280f     89300292     89300304 app.zip
    3 ZipCrypto  Store       a2bd64f5    135518964    135518976 app_lib.zip
    4 ZipCrypto  Store       700eb186      5996410      5996422 system.zip

So 12 bytes from the original content.

8mo ago

How would I go about gaining access to a locked-down Linux device I own.

Jump

The entries in update.zip are encrypted using the weak ZipCrypto scheme, which is known to be seriously flawed. If you feel motivated, and can guess at least 12 bytes of plaintext for an entry, it is possible to recover the internal state of the generator, which is enough to decipher the data entirely, as well as other entries which were encrypted with the same password. The bkcrack project implements this attack.

Since some of the entries are zip files themselves, it is within the realm of possibility to guess 12 bytes of plaintext. Parts of the zip local file header are pretty static, and you can use some of the values from the local file header of update.zip itself. Still, this would require a bit of luck / inspired guesswork.

9mo ago

where has zlibrary gone?

Jump

singlelogin.re still worked for me recently.

Source

1y ago

Access unrestricted remote desktop from very restricted office network

Jump

You can give chisel a try. It tunnels all traffic over http/https, and the client can then create port forwards, just as with ssh, to access other services.

1y ago

Why is SYSRQ Disabled on most consumer distributions?

Jump

Yes, for example, syncing on a kernel panic could lead to data corruption (which is why we don't do that). For the same reason REISUB is not recommended anymore: The default advice for a locked-up system should be SysRq B.

1y ago

Where can I ask questions about iproute2 tools?

Jump

https://linux-tc-notes.sourceforge.net/tc/doc/cls_u32.txt:

The base operation of the u32 filter is actually very simple. It extracts a bit field from a 32 bit word in the packet, and if it is equal to a value supplied by you it has a match. The 32 bit word must lie at a 32 bit boundary.

1y ago

[help] docker conflicts with host network, causing no internet connectivity

Jump

Try perhaps the solution in https://unix.stackexchange.com/questions/648084/docker-interface-tears-down-wifi-internet

1y ago

[not solved] I think I messed something up in the router settings but cannot understand what... now I have no internet connection

Jump

Try removing all the superfluous default routes.

2y ago

Self-hosted rotating proxy

Jump

I think glider can do this, with -strategy rr (Round Robin mode). I have not used it in this way myself, so you might need to experiment a little. Proxychains can also do this, but it doesn't present a socks5 interface itself (it uses LD_PRELOAD, so it won't work everywhere).

2y ago

EndeavourOS encrypted partition

Jump

Argon2id (cryptsetup default) and Argon2i PBKDFs are not supported (GRUB bug #59409), only PBKDF2 is.

There is this patch, although I have not tested it myself. There is always cryptsetup luksAddKey --pbkdf pbkdf2.

2y ago

EndeavourOS encrypted partition

Jump

GRUB works just fine with LUKS2 these days. There is no need to switch bootloaders.

2y ago

BTRFS and moving /home to subvolume, in need of a sanity check.

Jump

This seems right and exactly the way I've set it up. On subvolid=5 I have subvolumes @ and @home, in /etc/fstab I mount / as subvol=@, and /home as subvol=@home.

2y ago

Firefox supports loading about:config settings using user.js file that does not support even the basic thing Javascript is supposed to support

Jump

https://stackoverflow.com/questions/10602504/how-does-user-js-work-in-firefox-in-detail:

It just looks like a JavaScript file. Once upon a time in Netscape 3 and maybe 4 it actually was, but now it's just a file with a .js extension and a very restricted syntax that's parsed by a separate (non-JS) parser and not executed in any way.