ushjftye

@ushjftye@programming.dev

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨23⁩ ⁨hours⁩ ago⁩:
Good idea, I’ll put it on the list. I am getting excited though, because photorec is pulling basically my whole disk before deletion back, I’m gonna sort by file extension, grep through and see if I can find the syslogs between Jan 29th and Feb 4th
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨23⁩ ⁨hours⁩ ago⁩:
Oh and WINE updating its config when I hadn’t made changes, just gave me a funny feeling
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I tell you what though I am pulling a shit tonne of .txt files off of this dump. I am gonna put them all in a folder, and grep through it. There’s definitely syslogs, I might be able to find out where it was going. If I can find the exact .DLL I could potentially open it up in a text editor and see where it was going. Schroot was established January the 29th and I didn’t discover it until February 4th so there’s a week of stuff to comb through.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Different country, also I wouldn’t trust any administration with that.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Let it be a lesson. Do not live out of the same machine you connect from, do not keep everything in one place. Family photos filled with exif data. applications I’d built from source and configured specifically for my hardware. pages and pages of config files, music collection, documents, pdfs. All of it is gone.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I had it set up so wine network access anyway, runs an authenticator because of the software license.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
First image is the second half of the tree from my /home/. contains a whopping 37 directories.

2nd is what I believe to be the poisoned .Dll in the output of foremost’s audit.text

3rd is the beginning of the audit.

4th is the first half of the tree for home. Sorry for out of order.

5th is photorec which is currently digging through the img…

6th is the out put from my first attempt at using foremost to file carve. didn’t work because the img was mounted

7th is my poor desktop which is now just the default kde screen the browser I’m talking to you on and the Win10.iso I burned onto my housemates laptop.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Image Image Image Image Image Image Image

Sorry friend, I’m not gonna send you an image of the disk. This just happened to me, I’m not about to trust an anonymous good samaritan.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
What’s open snitch? I was just gonna focus on learning docker, containerise everything. Never Again.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I didn’t own the network, that was the problem. My distro has security updates still, everything comes from repositories. I didn’t containerise everything. That was my fault. WINE had network access and filesystem access and it wasn’t in a container, and the password to the router was plain text. Absolutely chilling, finding the root /run/. 128TB man. I use clamav and it identified winexpiro hidden in a .DLL called .BRM. Supposedly for Windows 6. WINE is just a compatability layer, so you can push any .DLL into it. This is why I NEED to learn commandline docker, because it’s just not fucking safe. I don’t know whose machine it got to first, but once you’re connected to a machine as admin that’s connected to a router as admin. Like Fuck me.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
The most frustrating part, nobody understands man. That’s how this whole fucking digital oligarchy bullshit became reality. It’s like the people who don’t get that the new distros valve are associated with are just so Gabe Newell has exclusive access to your data. The GUI fucking ruined peoples understanding of these machines. I swear.
⁨Comment⁩ on ⁨Absolute disaster, RAT backdoored through WINE. Assistance with Docker⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I don’t use paypal, but thank you. Bro I explained this on .ml and their first question was why do you have a computer with 128 terrabytes of storage. like, my god
Absolute disaster, RAT backdoored through WINE. Assistance with Dockerprogramming.dev ↗
Submitted ⁨⁨1⁩ ⁨day⁩ ago⁩ to ⁨cybersecurity@infosec.pub⁩ | ⁨23⁩ ⁨comments⁩