crates.io celebrates its 10 year anniversary today! 🎉

On 2014-06-25 Alex Crichton created the initial commit in the crates.io git repository: https://github.com/rust-lang/crates.io/commit/54cfc8d

A lot has happened since then, and the current crates.io team would like to say "thank you!" to all current and former contributors to crates.io and the ecosystem around it! 🤗

#rustlang

@rjzak Ghidra is something that I use sometimes just get ideas but this more when I already have "a target of interest". I.e. I know what data etc. I'm looking for :-)

Both are used for disassembly but still pretty different type of instruments.

Depite reverse engineering of malware and kernel engineering have commonalities in tools, they're still different type of Sudoku's... Malware has more "easter eggs" so to speak ;-) And requires factors more dynamic analysis and simulation.

@pid_eins does systemd have built-in mok signer?

my first ever pull request for #nnn: https://github.com/jarun/nnn/pull/1904

@rjzak it's a good one but I think that completely different angle too. it's an "exploration tool" this is a "debugging tool"...

@pid_eins not a big deal, just checking

@pid_eins Last week I ramped up my home office kernel QA to use UKI so I guess it was great timing then :-)

Is there LXR for systemd?

@jwz was going to ask this next but apparently FAQ has already an answer: https://www.jwz.org/blog/2023/09/wayland-and-screen-savers/

@Aissen Forks confuse me too much, if I don't know the clear reasoning for them, and they both are quite rich and complex tools, and I would not want invest learning "the wrong one". So I just decided to take the beef, use the tool that I already know (Python), and move forward with my life I guess 🤷

@Aissen yes, that's where i learned about capstone in the first place :-)

Next test run might be to combine this with #angr perhaps... https://angr.io/

If #Radare2 vs #Rizin makes no sense to you, perhaps #Python will. It is pretty solid tool for driving #Capstone :-)

Transcript:

raw = open('/home/jarkko/work/nnn/nnn', 'rb')
from elftools.elf.elffile import ELFFile
elf = ELFFile(raw)
symtab = {s.name: s for s in (elf.get_section_by_name('.symtab')).iter_symbols()}
sym = symtab.get('move_cursor')
addr = sym['st_value']
size = sym['st_size']
text = elf.get_section_by_name('.text')
offset = addr - text['sh_addr'] + text['sh_offset']
raw.seek(offset)
payload = raw.read(size)
from capstone import Cs, CS_ARCH_ARM64, CS_MODE_ARM)
disasm =  Cs(CS_ARCH_ARM64, CS_MODE_ARM)
for opcode in disasm.disasm(payload, addr):
    print(f"0x{opcode.address:x}:\t{opcode.mnemonic}\t{opcode.op_str}")

Just got a bit familiar this. The main benefits are obviously:

• Recursive traversal #disassembly (vs linear sweep style in objdump)
• Re-usable analysis
• No boundaries how you can post-process the analysis (or visualize it)

I find this super fascinating!

After reading #Ueber’s post about their use of #Zig, I tried it to random C and C++ projects:

export CC="zig cc"
export CXX="zig c++"
make

At least for relatively small projects such as nnn this seems to result working results. Still quite impressive. Next iteration would to replace Makefile with build.rs.

Also one tool that I like, ncdu, has successfully executed such conversion: https://dev.yorhel.nl/ncdu

I think I’ll try Linux with tinyconfig next by using this hacky script as basis next:

#!/usr/bin/env bash

set -e

make defconfig
scripts/config --set-str CONFIG_INITRAMFS_SOURCE "initramfs.txt"
yes '' | make oldconfig

cat > initramfs.txt << EOF
dir /dev 755 0 0
nod /dev/console 644 0 0 c 5 1
nod /dev/loop0 644 0 0 b 7 0
dir /bin 755 1000 1000
slink /bin/sh busybox 777 0 0
file /bin/busybox initramfs/busybox 755 0 0
dir /proc 755 0 0
dir /sys 755 0 0
dir /mnt 755 0 0
file /init initramfs/init.sh 755 0 0
EOF

mkdir initramfs

curl -sSf https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/busybox-static-1.36.1-r25.apk | tar zx --strip-components 1
cp busybox.static initramfs/busybox

cat > initramfs/init.sh << EOF
#!/bin/sh
mount -t proc none /proc
mount -t sysfs none /sys
sh
EOF

It is from my old’ish post: https://social.kernel.org/notice/AgzHqrYFGplZuYr3gG

@jwz ah ok u would probably know i guess :-) thanks for the rectification!

PipeWire 1.2 Released With Async Processing, Explicit Sync & Other Features

PipeWire 1.2 was christened today as the latest major feature update to this solution common to the modern Linux desktop for managing audio/video streams...
https://www.phoronix.com/news/PipeWire-1.2-Released

another classic piece of software with *uncluttered* Tk GUI: #gitk :-) #git

@gnubyte @pid_eins It's actually pretty good. I've tried it for my test VM's running archlinux while testing some kernel patch sets. My Fedora 40 host installation does not have it yet (at version 255).

In addition, it's a pretty nice stick for knocking the ice when testing various configurations related to polkit and PAM.

I've only recently moved my kernel QA from dusty old busybox to systemd (because I noticed that in some kernel features I was lagging over two years of user space progress), and it is definitely one of the more useful features of systemd for my work.

You can also pretty much use anything you want in the foreseeable future. In the end of the day, all of these are roughly front-ends configuring privileged access based on PAM, PolKit, MAC and DAC in varying levels of detail. There's also some other similar tools such as "really".

#Python #IDLE is still rockin' :-) Always have it open as my calculator (and doing binary analysis and whatnot).

@chexum ... and cannot really get more trustworthy than this: self-compiled binary from Affero GPL source 🐭

@chexum yea very possible! thanks for insight.

was not something i was suspicious, just was wondering why is it required :-) does wayland still use xscreensaver? my desktop knowledge is lacking..