Argument and shell command injections in browser invocation

Published: May 28 2018

I found an argument injection vulnerability related to the handling of the BROWSER environment variable in sensible-browser. This lead me (and others) to a a few other argument and shell command injection vulnerabilities in BROWSER processing and browser invocation in general.

Sibling tail call optimization in Python

Published: Mar 19 2018

In Tail Recursion In Python, Chris Penner implements (self) tail-call optimization (TCO) in Python using a function decorator. Here I am extending the approach for sibling calls.

Foo over SSH

Using SSH as a transport for your protocol

Published: Aug 2 2017

A comparison of the different solutions for using SSH2 as a secured transport for protocols/services/applications.

Terminal read-only live sharing

Published: Oct 18 2016

Live sharing a terminal session to another (shared) host over SSH in read-only mode.

OpenSSH ProxyUseFdPass

Published: Aug 7 2016

While looking at the OpenSSH ssh_config manpage, I found the ProxyUseFdpass configuration I did not know about. It is apparently not widely known or used.

C++ synchronisations for SimGrid

Published: Aug 1 2016

This is an overview of some recent additions to the SimGrid code related to actor synchronisation. It might be interesting for people using SimGrid, working on SimGrid or for people interested in generic C++ code for synchronisation or asynchronicity.

Intel AMT discovery

Published: Jul 11 2016

There has been some articles lately about Intel Active Management Technology (AMT) and its impact on security, trust, privacy and free-software. AMT supposed to be widely deployed in newest Intel hardware. So I wanted to see if I could find some AMT devices in the wild.

Number of lines of code with FlameGraph

Published: Mar 25 2016

FlameGraph is used to display stack trace samples but we can ue it for other purposes as well.

IP over UDP tunnel with socat

Published: Jan 12 2016

A simple way to create IP over UDP tunnels using socat.

DNS aggregation over TLS

Published: Dec 9 2015

In a previous post, I tried different solutions for tunnelling DNS over TLS. One of those solutions was using a dedicated DNS-over-UDP fake service replying to all queries with the truncate flag set: this was causing the stub resolvers to retry the query using a TCP-based virtual-circuit. This solution is interesting because it is dead simple (it fits in a few line of codes) but it is clearly a hack. Here, I am using a dedicated DNS forwarder aggregating all the incoming DNS-over-UDP requests over a single persistent TCP virtual-circuit.

Page 7 of 11 | Previous page | Next page | JSON Feed | Atom Feed