tarjeezy

joined 2 years ago
sorted by: new top controversial old
Lemmy.world (and some others) were hacked in c/[email protected]
[–] tarjeezy 7 points 2 years ago (3 children)

So, simply viewing a comment thread with a maliciously-altered emoji (on an unpatched instance) was enough to compromise your account?

What are these comments on lemmy posts? in c/[email protected]
[–] tarjeezy 5 points 2 years ago (4 children)

Yea I've got both .zip and .mov blocked on my pihole

What are these comments on lemmy posts? in c/[email protected]
[–] tarjeezy 10 points 2 years ago (1 children)

Good luck, I'm behind 7 proxies

(URGENT) Lemmy has an XSS vulnerability in the sidebar in c/main
[–] tarjeezy 6 points 2 years ago (1 children)

Good luck, and thanks for all your hard work. I don't know if you already saw this, but it looks like this might be the vector for the account compromise. If that's the case, I don't think 2FA is enough to protect, because it's exfiltrating the session cookies of someone already logged in. Seems like the precaution is for admins to avoid clicking any suspicious links. I realize the irony of sharing a link about this, but at least it's to a thread on this instance.

https://lemmy.ca/post/1311411

What are these comments on lemmy posts? in c/[email protected]
[–] tarjeezy 21 points 2 years ago (15 children)

The encoded string contains the URL zelensky dot zip. Zip is one of the newer top-level domains. It itself is not a zip file, but I am not going to visit that site to find out whatever treasures it has to offer..

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down) in c/[email protected]
[–] tarjeezy 10 points 2 years ago

Thanks for digging in and sharing your findings!

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down) in c/[email protected]
[–] tarjeezy 7 points 2 years ago (3 children)

Last I saw, they were on 0.18.1, unless a very recent update was installed. Do you happen to have a full list of domains they were redirecting to? Just want to be sure they were only going to "harmless" offensive sites, and not something worse.

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down) in c/[email protected]
[–] tarjeezy 15 points 2 years ago (4 children)

Really hoping it's "only" redirecting to offensive sites, and not to malware. I got redirected a few times, before I closed my browser.

would it make sense to host something on my main machine? in c/[email protected]
[–] tarjeezy 1 points 2 years ago

If any other device on your network, such as your phone, exclusively uses pihole for DNS, they won't be able to resolve web addresses when your computer is off - effectively cutting off internet access. Pihole should really be running 24/7 to avoid complications.

[META] [Crosspost] Announcing a new Search Engine for Lemmy in c/[email protected]
[–] tarjeezy 1 points 2 years ago

It doesn't seem like you actually need the https:// to parse the instance name, since the text xxxxxxxxlemmy.worldx still searches successfully. Maybe just exclude those parts off the URL and simply use lemmy.world, lemmy.ml, etc in the autocomplete list.

Announcing a new Search Engine for Lemmy in c/[email protected]
[–] tarjeezy 1 points 2 years ago (1 children)

Hello, I commented about a bug in the instance selector on a cross post, not realizing that wasn't the actual developer. Not sure if it's related to what you're talking about here, but I wanted to bring it to your attention. Great project by the way!

https://lemmy.ca/comment/829227

[META] [Crosspost] Announcing a new Search Engine for Lemmy in c/[email protected]
[–] tarjeezy 1 points 2 years ago

By the way, neat project! It looks like it's filling a pretty big need that people having been asking for. Keep up the good work!

view more: ‹ prev next ›