Weekly Digest #35

Articles

Playing games with an attacker: how I messed with someone trying to breach the CryptoWall tracker

The author tells a story of how he tries to uncover the attacker through fake websites, fake SQL dump and Tor exit nodes

Never a dill moment: Exploiting machine learning pickle files

The PM(Pickle Machine) contains two opcodes that can execute arbitrary Python code outside of the PM, pushing the result onto the PM’s stack: GLOBALand REDUCE.

GLOBAL is used to import a Python module or class, and REDUCE is used to apply a set of arguments to a callable, typically previously imported through GLOBAL.

Loading pickle file can result in malicious program to execute. We can use flicking to detect this

Tutorials

D2L.ai

Interactive Deep Learning Book with Multi-Framework Code, Math, and Discussions

Tools

profile-summary-for-github (vue + kotlin)

Off-topic

https://git-history.jpalmer.dev/

A visualisation of the commit history in git

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store