[U] Update channel content

This commit is contained in:
github-actions
2026-01-09 04:35:17 +00:00
parent fe97cbf904
commit 879d09f2aa
4 changed files with 8 additions and 8 deletions
+1 -1
View File
@@ -2,7 +2,7 @@
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="zh-cn">
<id>https://aza.moe/life</id>
<title>小桂桂的回忆录 📒</title>
<updated>2026-01-09T02:54:38.046005+00:00</updated>
<updated>2026-01-09T04:35:12.952300+00:00</updated>
<link href="https://aza.moe/life" rel="alternate"/>
<generator uri="https://lkiesow.github.io/python-feedgen" version="0.9.0">python-feedgen</generator>
<logo>https://aza.moe/meru_256px.png</logo>
File diff suppressed because one or more lines are too long
+5 -5
View File
@@ -72903,14 +72903,14 @@
"id": 5277,
"date": "2025-04-26T15:39:57",
"text": "<a href=\"https://t.me/kxxtchannel/962\">https://t.me/kxxtchannel/962</a>\n\nClash Verge 的提权漏洞好抽象... 有一个本地 http 接口用来启动 clash,但是发请求的人可以指定 clash 程序路径,然后它不检查程序签名也不检查请求来源直接跑,还是用 root 权限跑 <i class=\"custom-emoji\" emoji-src=\"emoji/6320856404055820121.webp\">😨</i>\n\n鉴定为后门",
"views": 1886,
"views": 1887,
"forwards": 52
},
{
"id": 5278,
"date": "2025-04-26T16:48:46",
"text": "溯源一下发现这个漏洞是在 clash-verge-service 代码中出现的,从那个删库的原作者 zzzgydi 2022 年的<a href=\"https://github.com/zzzgydi/clash-verge-service/blob/42b42d47c82469f1a5d37c463dd89aaf41ac911c/src/service/web.rs#L58\">第一个提交</a>开始到现在都一直存在...",
"views": 1175,
"views": 1176,
"forwards": 11,
"reply": {
"id": 5277,
@@ -73066,7 +73066,7 @@
"id": 5288,
"date": "2025-04-28T20:26:59",
"text": "后续:clash verge rev 的开发者给 macOS <a href=\"https://github.com/clash-verge-rev/clash-verge-service/commit/06b522d2ccf37bdbc00e59687cc701c946166afe\">添加了可执行程序签名验证</a>,然而这个签名验证并没有用(笑)\n\n因为它甚至没有解析 codesign 输出... 直接验证了 codesign 输出有没有包含特定的字符串,所以黑客只要自己签一个恶意 bin 把它检测的字符串全都堆到 identifier 里就可以绕过检测拿到 root 了 <i class=\"custom-emoji\" emoji-src=\"emoji/6170075684434610033.webm\">⌨</i>\n\nPoC 原图放这里了: <a href=\"https://github.com/clash-verge-rev/clash-verge-service/issues/9\">clash-verge-service#9</a>\n\n安全检查能写成这样也太草台了,而且这个注释看起来像是 AI 生成的一样... 希望大家都不要用这样的软件",
"views": 6402,
"views": 6403,
"forwards": 150,
"media_group_id": 13966976157341773,
"images": [
@@ -102196,7 +102196,7 @@
"id": 7622,
"date": "2025-12-31T23:00:35",
"text": "锂电池烟花好好看,<del>想点</del>\n\n(源视频连接:<a href=\"https://www.youtube.com/watch?v=Mkgo_CLVbzg\"><em>Ignoring All Lithium Battery Safety Warnings.. For Science!</a></em>",
"views": 239,
"views": 240,
"forwards": 2,
"files": [
{
@@ -102725,7 +102725,7 @@
"id": 7670,
"date": "2026-01-04T22:06:51",
"text": "去玩了小游戏「<a href=\"https://thiori.itch.io/deep-fry\">Deep Fry</a>」(递归天妇罗?)好可爱好生草\n\n游戏全流程只有十五分钟,大家也可以去玩玩 qwq",
"views": 298,
"views": 302,
"forwards": 7,
"images": [
{
+1 -1
View File
@@ -12,7 +12,7 @@
<link>https://aza.moe/life</link>
</image>
<language>zh-cn</language>
<lastBuildDate>Fri, 09 Jan 2026 02:54:38 +0000</lastBuildDate>
<lastBuildDate>Fri, 09 Jan 2026 04:35:12 +0000</lastBuildDate>
<item>
<title>小桂桂的回忆录 📒 #7674</title>
<link>https://aza.moe/life?post=7674</link>