The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea oh I'm sure if was the merest accidental oversight and that they're very very sorry and feel so foolish now.
-
@rrb Well you got a point there. At least it wouldn't be worse than a US tech phone @0xabad1dea
@energisch_ @0xabad1dea and I don't live in China, so their ability to mess with me is limited
-
@energisch_ @0xabad1dea and I don't live in China, so their ability to mess with me is limited
@rrb exactly! @0xabad1dea
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea Kind of ironic that this is posted on github!!
-
@0xabad1dea Kind of ironic that this is posted on github!!
@pa27 that's why I was quick to download it
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea How did they come by the content of these files?
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea There's also about 20 MB of other files.
-
@0xabad1dea There's also about 20 MB of other files.
@jernej__s they're just empty log files (a header plus megabytes of zeroes), presumably because if they're missing entirely, something errors out before the flag gets processed
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
Also for whatever reason, only windows 11 (+Server 2022/2025) are affect, windows 10 is not.
another win 10 w!!!!!!!!!!!!!!!! -
@rrb exactly! @0xabad1dea
@energisch_ @0xabad1dea And this is unrelated to a former student of mine working on security for Huawei, because another student is managing security for Microsoft
-
RE: https://cyberplace.social/@GossiTheDog/116565662607962457
The chill I got when I downloaded the repo and realized the “exploit” was a zero byte file with a magic filename…
The charitable interpretation is that Microsoft accidentally shipped an internal test build to global production. The less charitable one isn’t very pleasant
@0xabad1dea I feel certain that FileVault also has some kind of magic bypass. Either of the ‘haha nobody will ever discover the arcane incantation needed to put this developer test mode’ or more likely requested by a three letter agency.
-
@0xabad1dea this is what you get when you do disk encryption without user input
@oilheap @0xabad1dea yeah i was wondering that... So this exploit only works if you don't use a password or pin?
-
@oilheap @0xabad1dea yeah i was wondering that... So this exploit only works if you don't use a password or pin?
@babble_endanger @oilheap if you have a password on bitlocker itself (as opposed to your Windows account) then yes, this debug backdoor cannot work.
-
@jernej__s they're just empty log files (a header plus megabytes of zeroes), presumably because if they're missing entirely, something errors out before the flag gets processed
@0xabad1dea Looks like one of the files causes winpeshl.ini on the ramdrive to be deleted, which eventually results in command prompt to be spawned instead of the usual UI.
