Archive for December, 2024
Posted by jpluimers on 2024/12/05
After installing my Apple Silicon MacBook, I found out my machine had gotten named automatically in two different ways:
- readable name Jeroen’s Macbook Pro
- full name Jeroens-MacBook-Pro
- local hostname Jeroens-MacBook-Pro.local
- actual
hostname Jeroens-MBP
- HostName from
scutil
A few reasons I dislike that:
- Having 5 different names for the same machine creates a mess
- They chose for me where I like to choose myself
- They use spaces, quotes and hyphens where I like single a complete word
- They use mixed case where I like single case (preferably lower case) as not all other computers handle mixed case well
Finding out how to fix all this was a tedious job as I had to keep refining queries:
Read the rest of this entry »
Posted in Apple, Apple Silicon, ARM Mac, Mac, Mac OS X / OS X / MacOS, MacBook, MacBook-Pro, Power User, Terminal | Leave a Comment »
Posted by jpluimers on 2024/12/05
For my link archive as this is environment variable override trick to override DLL loading is not just limited to executables shipping with Windows, but also with other products (likely: virus scanners that run privileged); another alternative is running a local process serving the WebDAV protocol.
Read the rest of this entry »
Posted in Development, Power User, Security, Software Development, Windows, Windows 10, Windows 11, Windows Development | Tagged: DEFCON30 | Leave a Comment »
Posted by jpluimers on 2024/12/04
Need to write a tool for this that sets/clears the ………… flag in the PE .EXE header.
Officially it is for this:
[Wayback/Archive] IMAGE_FILE_HEADER (winnt.h) – Win32 apps | Microsoft Learn
- IMAGE_FILE_UP_SYSTEM_ONLY
- 0x4000
|
The file should be run only on a uniprocessor computer. |
In practice, this sets the affinity to 1 single CPU core (which is kind of random, and could change each time you start the executable).
This is ideal for code that is known for causing trouble executing on multiple cores, or – more importantly – to disallow core-switching for programs that give best performance when executed on a single core.
Via: [Wayback/Archive] Thread by @0gtweet on Thread Reader App – Did you ever hear about IMAGE_FILE_UP_SYSTEM_ONLY flag in NtHeader->FileHeader->Characteristics of an exe file?
Read the rest of this entry »
Posted in Development, Software Development, Windows Development | Leave a Comment »
Posted by jpluimers on 2024/12/04
Interesting for both red teams and blue teams: [Wayback/Archive] Hijack Libs
This project provides an curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website. Additionally, further metadata such as resources provide more context.
Read the rest of this entry »
Posted in Blue team, Development, Power User, Red team, Security, Software Development, Windows Development | Leave a Comment »
Posted by jpluimers on 2024/12/03
Het gebruik van Bitly is netjes vermeld: [Wayback/Archive] Privacyverklaring | Mazda
Bitly: URL-verkortingsdienst en linkbeheerplatform; dienstverlener: Bitly, Inc, 139 Fifth Avenue, 5th Floor, New York, NY 10010, USA; website: https://bitly.com; privacybeleid: https://bitly.com/pages/privacy.
Dat is belangrijk, want URL-shorteners zijn een risico op bijvoorbeeld:
- De daadwerkelijke doel-URL is niet op voorhand zichtbaar of duidelijk
- De doel-URL kan achteraf worden gewijzigd, dus waar je nu op uitkomt is niet noodzakelijkerwijs waar je in de toekomst op uitkomt
- Er kan user-tracking plaatsvinden op het niveau van de URL-shortener
- Ze worden veel gebruikt om malware te verpreiden (juist ook omdat de doel-URL makkelijk aanpasbaar is)
- In veel omgevingen worden URL-shorteners om bovenstaande redenen geblokkeerd
--jeroen
Posted in Development, GDPR/DS-GVO/AVG, LifeHacker, Power User, Privacy, Web Development | Leave a Comment »
Posted by jpluimers on 2024/12/03
Fron a while ago but still relevant [Wayback/Archive] Is it Pokémon or Big Data?.
It is a cool experiment to test your own knowledge or for fun to assess recruiters or candidates (;
And it is open source too:
Read the rest of this entry »
Posted in Cloud, Cloud Development, Conference Topics, Conferences, Development, Event, Fun, Infrastructure, LifeHacker, PokemonGo, Power User, Software Development | Tagged: bigdata | Leave a Comment »
Posted by jpluimers on 2024/12/02
Sometimes the best information is outside vendor forums. I think it is the case for this Reddit thread: [Wayback/Archive] Regarding updating Tumbleweed; what is the best way to do it? Appper, zypper dup, zypper up. Which one am i supposed to use? Should i be worried about the vendor changes? And why do i get a message when using ‘zypper up’ saying “The following 35 package updates will NOT be installed”? : openSUSE
Note that specific to openSuSE Tumbleweed you should prefer zypper distr-upgrade over zypper update as per [Wayback/Archive] TUMBLEWEED zypper dup default behavior changed: what is the difference to zypper up?
Be aware this thread is about Tumbleweed, the method to update is byusing dup since it’s a new snapshot. At this point it’s your choice toupdate or not depending on your requirements. If your running out ofkernel modules supplied by third parties, then your tied to theirschedule…. Using zypper up will in the long term create more issuesas well as not supported.
This is especially true as --no-allow-vendor-change has been the default for zypper dist-upgrade for almost a decade now: [Wayback/Archive] PSA: Tumbleweed: –no-allow-vendor-change now default zypper dup behaviour : openSUSE
Read the rest of this entry »
Posted in *nix, *nix-tools, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »
The Wiert Corner - irregular stream of stuff 