News
Site News
Operation JASK
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension scripts. Modifying the configuration file allows the attacker to inject additional encryption keys under their control, thereby disclosing passwords to the attacker. Modifying the extension scripts allows the attacker arbitrary code execution.
IETF 101
IETF 101 was organized in London this year. As usual, we, the hackers.mu team, participated remotely. This year, we were in as the TLS champions. Hence there was more responsibilities and planning needed.
Un membre de hackers.mu remporte le Grand Prix Drupal de Google Code-in
Maurice est à nouveau a l'honneur, grâce à quelques étudiants qui ont obtenu d'excellents résultats lors du concours Google Code In organisé par Google. Sous le mentora de hackers.mu, 15 étudiants issues différents collèges de l’ile notamment Le Collège du Saint Esprit, Le Collège Saddul, Le Collège Royale de Curepipe et Le Collège Royal de Port Louis se sont distingués lors de ce concours de développement informatique.
End of year 2017 review
hackers.mu review of 2017
Lest we Forget
A quick catch up of where we were and where we are right now.
Operation Crypto Redemption
Inspired by Google's operation RoseHub. where a team of 50 Google employees used GitHub to patch the “Apache Commons Collections Deserialization Vulnerability”. This hackathon is focused towards reducing the probability of non random bytes, due to a concern that appeared from vault7.
Hackers.mu leads Mauritians for the Google code-in
Hackers.mu supported College Du St Esprit for Google Code-in, by sending 2 of its members: Deelvesh Bunjun and Loganaden Velvindron.