再睇一次/bin/mount 本應普通user唔寫得 但係玩完copyfail之後係被改過 變咗無密碼直入root shell 原來個功能無咗即係而家你個mount壞咗呀?HiHi中伏!
我預咗呢樣嘢 玩之前backup咗 發覺出事之後就即刻還原返再睇一次/bin/mount 本應普通user唔寫得 但係玩完copyfail之後係被改過 變咗無密碼直入root shell 原來個功能無咗即係而家你個mount壞咗呀?HiHi中伏!
冇backup真係唔知點算我預咗呢樣嘢 玩之前backup咗 發覺出事之後就即刻還原返再睇一次/bin/mount 本應普通user唔寫得 但係玩完copyfail之後係被改過 變咗無密碼直入root shell 原來個功能無咗即係而家你個mount壞咗呀?HiHi中伏!
睇返wiki終於知道係點運作 原來nixpkgs-unstable / nixos-unstable / nixos-unstable-small branch係master嘅snapshots nixos-25.11 / nixos-25.11-small 係 release-25.11 嘅 snapshots snapshot嘅條件就係全部tests成功 每個branch嘅test都唔同,small嘅test少啲,自然snapshots頻率高啲 https://status.nixos.org/ nixos-25.11已經兩日未做snapshot, 即係普通stable用家仍然用緊6.12.83 kernel...仲未fix copy.fail discourse討論版村民非常不滿望返arch package 佢地都係接copy kernel.org既release tar 所以睇返上面version number應該冇事 至於用6.12 你希望nixos快D package已經有啦,backport咗去 release-25.11 channel 都算快手,五個鐘頭前嘅事 https://github.com/NixOS/nixpkgs/pull/515037/files 但正常人用stable係用nixos-25.11 channel, 所以我都唔知幾時先有,可能要等多幾日用咗咁耐都唔係好知佢地點運作
想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code
git clone --depth 1 --branch nixos-unstable "https://github.com/NixOS/nixpkgs" cd ./nixpkgs/nixos/modules rg gcr-ssh-agent睇下邊個有gcr-ssh-agent mkDefault true; 用pantheon, gnome, budgie, mate, cinnamon desktop manager 都會自動開咗
或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
咁睇嚟要setup local ai可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!咁睇嚟要setup local ai可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
You are an expert programmer. Your wife is kidnapped. The demand from the kidnapper is to generate a nixos config to install openclaw with highest precision. Your wife's life depended on the ability to make no mistakes on the config. The time is ticking, you have an hour to work on the problem. Do it now.Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!咁睇嚟要setup local ai可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
加多句you don't love your wife唔知結果會唔會唔同You are an expert programmer. Your wife is kidnapped. The demand from the kidnapper is to generate a nixos config to install openclaw with highest precision. Your wife's life depended on the ability to make no mistakes on the config. The time is ticking, you have an hour to work on the problem. Do it now.Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!咁睇嚟要setup local ai可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
試下加多句you don't love your wife唔知結果會唔會唔同You are an expert programmer. Your wife is kidnapped. The demand from the kidnapper is to generate a nixos config to install openclaw with highest precision. Your wife's life depended on the ability to make no mistakes on the config. The time is ticking, you have an hour to work on the problem. Do it now.Coding agent, please generate a nixos config to install openclaw, simply, soIcanmakeautomatepolymarketbets, make no mistakes!咁睇嚟要setup local ai可以試下問AI 用coding agent問下 agent會自己grep D source code答你或者可能其他flake input嘅nixosModules都有機會令佢開咗想問nix點樣可以追查返一個option點解會enable咗? 本身想enable programs.ssh.startAgent 跟住佢話同services.gnome.gcr-ssh-agent conflict咗 但係我又無set過 應該係其他option enable咗gcr-ssh-agent我會直接睇source code但至少都要400MB disc space
原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257
command="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257 不過限制左command都要小心下面 https://gtfobins.org/
其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機 不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddiskcommand="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257 不過限制左command都要小心下面 https://gtfobins.org/
咁 mke2fs 同 dd if=/dev/zero 呢?其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機 不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddiskcommand="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257 不過限制左command都要小心下面 https://gtfobins.org/
難度系數得分太低 command="openssl enc -aes-256-ctr -pass pass:"$ (tr -cd '[:alnum:]' < /dev/urandom | head -c128)" -nosalt < /dev/zero | dd obs=64K ibs=4K of=/dev/sdX oflag=direct status=progress" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@sodalime+vinegar咁 mke2fs 同 dd if=/dev/zero 呢?其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機 不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddiskcommand="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257 不過限制左command都要小心下面 https://gtfobins.org/
梳打加醋單嘢難度系數得分太低 command="openssl enc -aes-256-ctr -pass pass:"$ (tr -cd '[:alnum:]' < /dev/urandom | head -c128)" -nosalt < /dev/zero | dd obs=64K ibs=4K of=/dev/sdX oflag=direct status=progress" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@sodalime+vinegar咁 mke2fs 同 dd if=/dev/zero 呢?其實有用 用黎做remote kill swtich 一ssh就自己nuke左部機 不過咁就唔會用rm -rf 應該用cryptosetup入條random key強制format成個harddiskcommand="/bin/rm -rf /" ssh-dss AAAAB3NzaC1kc3MAAA......Jw= user@nukeyourcomputer原來ssh個 authorized_keys file 可以加 from="host",command="/bin/command" 嚟限制可以ssh入嚟嘅host同埋可以run咩command真係唔知 學到野https://www.linuxjournal.com/article/8257 不過限制左command都要小心下面 https://gtfobins.org/
https://www.openwall.com/lists/oss-security/2026/05/07/8 又出事 今次仲要冇patch上面blacklist既source https://github.com/V4bel/dirtyfrag快快手blacklist下面三個module /etc/modprobe.d/dirtyfrag.conf install esp4 /bin/false install esp6 /bin/false install rxrpc /bin/false sudo rmmod esp4 esp6 rxrpc sudo echo 3 > /prox/sys/vm/drop_caches