Skip to content

Commit

Permalink
deploy: a13bc12
Browse files Browse the repository at this point in the history
  • Loading branch information
@himazawa
himazawa committed Aug 7, 2024
1 parent 075c70f commit a24a85b
Show file tree
Hide file tree
Showing 13 changed files with 16 additions and 16 deletions.
2 changes: 1 addition & 1 deletion categories/vulnerability-research/index.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ And I also don&rsquo;t want to change a working keyboard.</p>
<a href="#arbitrary-file-read" class="header-mark" aria-label="Header mark for 'Arbitrary file read'"></a>2.1 Arbitrary file read</h3><p>This UI has 3 main features:</p>
<ul>
<li>
<p>The <code>App Store</code> that basically let&rsquo;s you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
<p>The <code>App Store</code> that basically let you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
</li>
<li>
<p>The <code>Files</code> app that allows you to navigate the filesystem (only partially)</p>
Expand Down
2 changes: 1 addition & 1 deletion en/sitemap.xml
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion index.html
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<!doctype html><html lang=en><head><meta name=generator content="Hugo 0.131.0"><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=robots content="noodp"><title>appsec & stuff</title><meta name=Description content><meta property="og:url" content="https://appsec.space/">
<meta property="og:site_name" content="appsec & stuff"><meta property="og:title" content="appsec & stuff"><meta property="og:locale" content="en"><meta property="og:type" content="website"><meta property="og:image" content="https://appsec.space/images/logo.png"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://appsec.space/images/logo.png"><meta name=twitter:title content="appsec & stuff"><meta name=application-name content="appsec & stuff"><meta name=apple-mobile-web-app-title content="appsec & stuff"><meta name=theme-color content="#f8f8f8"><link rel="shortcut icon" type=image/x-icon href=/favicon.ico><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=canonical href=https://appsec.space/><link rel=alternate href=/index.xml type=application/rss+xml title="appsec & stuff"><link rel=feed href=/index.xml type=application/rss+xml title="appsec & stuff"><link rel=stylesheet href=/css/main.min.css><link rel=stylesheet href=/css/style.min.css><script type=application/ld+json>{"@context":"https://schema.org","@graph":[{"@type":"WebSite","url":"https://appsec.space/","inLanguage":"en","author":{"@type":"Person","name":"himazawa"},"copyrightYear":2023,"copyrightHolder":{"@type":"Person","name":"true"},"name":"appsec \u0026 stuff"},{"@type":"BlogPosting","headline":"My keyboard was misbehaving so I had to exploit my NAS","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/zimaos-casaos-rce/"},"genre":"posts","keywords":["zimaos","casaos","research","nas"],"wordcount":1929,"url":"https://appsec.space/posts/zimaos-casaos-rce/","datePublished":"2024-08-07T10:00:24+01:00","dateModified":"2024-08-07T12:03:47+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Debloating the Onyx Boox Go 10.3","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/onyx-boox-go-10.3/"},"genre":"posts","keywords":["android","eink","Onyx Boox"],"wordcount":799,"url":"https://appsec.space/posts/onyx-boox-go-10.3/","datePublished":"2024-08-02T12:00:00+01:00","dateModified":"2024-08-06T11:14:33+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"The xz backdoor from a Security Engineer persepective","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/xz-backdoor/"},"genre":"posts","keywords":["backdoor","CVE-2024-3094","xz","liblzma","supply-chain","security-engineering"],"wordcount":1500,"url":"https://appsec.space/posts/xz-backdoor/","datePublished":"2024-03-30T19:49:24+01:00","dateModified":"2024-03-31T23:16:02+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Security Theatre? More like Security Circus","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/security-theatre/"},"genre":"posts","keywords":["security theatre","infosec","rants"],"wordcount":474,"url":"https://appsec.space/posts/security-theatre/","datePublished":"2023-02-13T20:20:00+01:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Long Time No See","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/long-time-no-see/"},"genre":"posts","keywords":["updates"],"wordcount":390,"url":"https://appsec.space/posts/long-time-no-see/","datePublished":"2023-02-06T00:01:18+01:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Getting \"Zero Click\" Remote Code Execution in Mycroft AI vocal assistant","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/mycroft-ai-rce/"},"genre":"posts","keywords":["writeup","code review","AI","vocal assistant"],"wordcount":768,"url":"https://appsec.space/posts/mycroft-ai-rce/","datePublished":"2018-06-10T20:59:09+02:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""}]}</script></head><body data-instant-intensity=viewport><script type=text/javascript>function setTheme(e){document.body.setAttribute("theme",e),document.documentElement.className=e,document.documentElement.style.setProperty("color-scheme",e==="light"?"light":"dark"),e==="light"?document.documentElement.classList.remove("tw-dark"):document.documentElement.classList.add("tw-dark"),window.theme=e,window.isDark=window.theme!=="light"}function saveTheme(e){window.localStorage&&localStorage.setItem("theme",e)}function getMeta(e){const t=document.getElementsByTagName("meta");for(let n=0;n<t.length;n++)if(t[n].getAttribute("name")===e)return t[n];return""}if(window.localStorage&&localStorage.getItem("theme")){let e=localStorage.getItem("theme");e==="light"||e==="dark"?setTheme(e):setTheme(window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light")}else"auto"==="light"||"auto"==="dark"?(setTheme("auto"),saveTheme("auto")):(saveTheme("auto"),setTheme(window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light"));let metaColors={light:"#f8f8f8",dark:"#161b22"};getMeta("theme-color").content=metaColors[document.body.getAttribute("theme")],window.switchThemeEventSet=new Set</script><div id=back-to-top></div><div id=mask></div><div class=wrapper><header class="desktop print:!tw-hidden" id=header-desktop><div class=header-wrapper><div class=header-title><a href=/ title="appsec & stuff"><img class="tw-inline tw-align-text-bottom tw-mr-1" src=/images/circle_cropped_logo.png height=32 width=32></a></div><div class=menu><div class=menu-inner><a class=menu-item href=/posts/>Posts </a><a class=menu-item href=/categories/>Categories </a><a class=menu-item href=/about/>About me </a><span class="menu-item delimiter"></span><button class="menu-item language" aria-label="Select Language">English<svg class="icon" viewBox="0 0 320 512"><path d="M285.476 272.971 91.132 467.314c-9.373 9.373-24.569 9.373-33.941.0l-22.667-22.667c-9.357-9.357-9.375-24.522-.04-33.901L188.505 256 34.484 101.255c-9.335-9.379-9.317-24.544.04-33.901l22.667-22.667c9.373-9.373 24.569-9.373 33.941.0L285.475 239.03c9.373 9.372 9.373 24.568.001 33.941z"/></svg>
<meta property="og:site_name" content="appsec & stuff"><meta property="og:title" content="appsec & stuff"><meta property="og:locale" content="en"><meta property="og:type" content="website"><meta property="og:image" content="https://appsec.space/images/logo.png"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://appsec.space/images/logo.png"><meta name=twitter:title content="appsec & stuff"><meta name=application-name content="appsec & stuff"><meta name=apple-mobile-web-app-title content="appsec & stuff"><meta name=theme-color content="#f8f8f8"><link rel="shortcut icon" type=image/x-icon href=/favicon.ico><link rel=icon type=image/png sizes=32x32 href=/favicon-32x32.png><link rel=icon type=image/png sizes=16x16 href=/favicon-16x16.png><link rel=apple-touch-icon sizes=180x180 href=/apple-touch-icon.png><link rel=canonical href=https://appsec.space/><link rel=alternate href=/index.xml type=application/rss+xml title="appsec & stuff"><link rel=feed href=/index.xml type=application/rss+xml title="appsec & stuff"><link rel=stylesheet href=/css/main.min.css><link rel=stylesheet href=/css/style.min.css><script type=application/ld+json>{"@context":"https://schema.org","@graph":[{"@type":"WebSite","url":"https://appsec.space/","inLanguage":"en","author":{"@type":"Person","name":"himazawa"},"copyrightYear":2023,"copyrightHolder":{"@type":"Person","name":"true"},"name":"appsec \u0026 stuff"},{"@type":"BlogPosting","headline":"My keyboard was misbehaving so I had to exploit my NAS","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/zimaos-casaos-rce/"},"genre":"posts","keywords":["zimaos","casaos","research","nas"],"wordcount":1929,"url":"https://appsec.space/posts/zimaos-casaos-rce/","datePublished":"2024-08-07T10:00:24+01:00","dateModified":"2024-08-07T12:19:49+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Debloating the Onyx Boox Go 10.3","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/onyx-boox-go-10.3/"},"genre":"posts","keywords":["android","eink","Onyx Boox"],"wordcount":799,"url":"https://appsec.space/posts/onyx-boox-go-10.3/","datePublished":"2024-08-02T12:00:00+01:00","dateModified":"2024-08-06T11:14:33+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"The xz backdoor from a Security Engineer persepective","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/xz-backdoor/"},"genre":"posts","keywords":["backdoor","CVE-2024-3094","xz","liblzma","supply-chain","security-engineering"],"wordcount":1500,"url":"https://appsec.space/posts/xz-backdoor/","datePublished":"2024-03-30T19:49:24+01:00","dateModified":"2024-03-31T23:16:02+02:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Security Theatre? More like Security Circus","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/security-theatre/"},"genre":"posts","keywords":["security theatre","infosec","rants"],"wordcount":474,"url":"https://appsec.space/posts/security-theatre/","datePublished":"2023-02-13T20:20:00+01:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Long Time No See","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/long-time-no-see/"},"genre":"posts","keywords":["updates"],"wordcount":390,"url":"https://appsec.space/posts/long-time-no-see/","datePublished":"2023-02-06T00:01:18+01:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""},{"@type":"BlogPosting","headline":"Getting \"Zero Click\" Remote Code Execution in Mycroft AI vocal assistant","inLanguage":"en","mainEntityOfPage":{"@type":"WebPage","@id":"https://appsec.space/posts/mycroft-ai-rce/"},"genre":"posts","keywords":["writeup","code review","AI","vocal assistant"],"wordcount":768,"url":"https://appsec.space/posts/mycroft-ai-rce/","datePublished":"2018-06-10T20:59:09+02:00","dateModified":"2024-03-30T22:00:02+01:00","publisher":{"@type":"Organization","name":"himazawa"},"author":{"@type":"Person","name":"himazawa","url":"/"},"description":""}]}</script></head><body data-instant-intensity=viewport><script type=text/javascript>function setTheme(e){document.body.setAttribute("theme",e),document.documentElement.className=e,document.documentElement.style.setProperty("color-scheme",e==="light"?"light":"dark"),e==="light"?document.documentElement.classList.remove("tw-dark"):document.documentElement.classList.add("tw-dark"),window.theme=e,window.isDark=window.theme!=="light"}function saveTheme(e){window.localStorage&&localStorage.setItem("theme",e)}function getMeta(e){const t=document.getElementsByTagName("meta");for(let n=0;n<t.length;n++)if(t[n].getAttribute("name")===e)return t[n];return""}if(window.localStorage&&localStorage.getItem("theme")){let e=localStorage.getItem("theme");e==="light"||e==="dark"?setTheme(e):setTheme(window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light")}else"auto"==="light"||"auto"==="dark"?(setTheme("auto"),saveTheme("auto")):(saveTheme("auto"),setTheme(window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light"));let metaColors={light:"#f8f8f8",dark:"#161b22"};getMeta("theme-color").content=metaColors[document.body.getAttribute("theme")],window.switchThemeEventSet=new Set</script><div id=back-to-top></div><div id=mask></div><div class=wrapper><header class="desktop print:!tw-hidden" id=header-desktop><div class=header-wrapper><div class=header-title><a href=/ title="appsec & stuff"><img class="tw-inline tw-align-text-bottom tw-mr-1" src=/images/circle_cropped_logo.png height=32 width=32></a></div><div class=menu><div class=menu-inner><a class=menu-item href=/posts/>Posts </a><a class=menu-item href=/categories/>Categories </a><a class=menu-item href=/about/>About me </a><span class="menu-item delimiter"></span><button class="menu-item language" aria-label="Select Language">English<svg class="icon" viewBox="0 0 320 512"><path d="M285.476 272.971 91.132 467.314c-9.373 9.373-24.569 9.373-33.941.0l-22.667-22.667c-9.357-9.357-9.375-24.522-.04-33.901L188.505 256 34.484 101.255c-9.335-9.379-9.317-24.544.04-33.901l22.667-22.667c9.373-9.373 24.569-9.373 33.941.0L285.475 239.03c9.373 9.372 9.373 24.568.001 33.941z"/></svg>
<select class=language-select aria-label="Select Language" id=language-select-desktop onchange="location=this.value"><option value=/ selected>English</option><option value=/it/>Italiano</option></select>
</button><span class="menu-item search" id=search-desktop>
<input type=text placeholder="Search titles or contents..." id=search-input-desktop>
Expand Down
2 changes: 1 addition & 1 deletion index.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion index.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ And I also don&rsquo;t want to change a working keyboard.</p>
<a href="#arbitrary-file-read" class="header-mark" aria-label="Header mark for 'Arbitrary file read'"></a>2.1 Arbitrary file read</h3><p>This UI has 3 main features:</p>
<ul>
<li>
<p>The <code>App Store</code> that basically let&rsquo;s you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
<p>The <code>App Store</code> that basically let you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
</li>
<li>
<p>The <code>Files</code> app that allows you to navigate the filesystem (only partially)</p>
Expand Down
2 changes: 1 addition & 1 deletion posts/index.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ And I also don&rsquo;t want to change a working keyboard.</p>
<a href="#arbitrary-file-read" class="header-mark" aria-label="Header mark for 'Arbitrary file read'"></a>2.1 Arbitrary file read</h3><p>This UI has 3 main features:</p>
<ul>
<li>
<p>The <code>App Store</code> that basically let&rsquo;s you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
<p>The <code>App Store</code> that basically let you download apps that run in Docker via <code>docker-compose</code> files (more on this later).</p>
</li>
<li>
<p>The <code>Files</code> app that allows you to navigate the filesystem (only partially)</p>
Expand Down
Loading

0 comments on commit a24a85b

Please sign in to comment.