From 879d09f2aa2a6aed54615881ac23f265916340d1 Mon Sep 17 00:00:00 2001 From: github-actions <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 Jan 2026 04:35:17 +0000 Subject: [PATCH] [U] Update channel content --- exports/hykilp/atom.xml | 2 +- exports/hykilp/index.html | 2 +- exports/hykilp/posts.json | 10 +++++----- exports/hykilp/rss.xml | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/exports/hykilp/atom.xml b/exports/hykilp/atom.xml index f6104f89b..78aab44f9 100644 --- a/exports/hykilp/atom.xml +++ b/exports/hykilp/atom.xml @@ -2,7 +2,7 @@ https://aza.moe/life 小桂桂的回忆录 📒 - 2026-01-09T02:54:38.046005+00:00 + 2026-01-09T04:35:12.952300+00:00 python-feedgen https://aza.moe/meru_256px.png diff --git a/exports/hykilp/index.html b/exports/hykilp/index.html index 4729021ff..4008a3330 100644 --- a/exports/hykilp/index.html +++ b/exports/hykilp/index.html @@ -27,7 +27,7 @@ diff --git a/exports/hykilp/posts.json b/exports/hykilp/posts.json index c8b4f5cad..97b0c07d2 100644 --- a/exports/hykilp/posts.json +++ b/exports/hykilp/posts.json @@ -72903,14 +72903,14 @@ "id": 5277, "date": "2025-04-26T15:39:57", "text": "https://t.me/kxxtchannel/962\n\nClash Verge 的提权漏洞好抽象... 有一个本地 http 接口用来启动 clash,但是发请求的人可以指定 clash 程序路径,然后它不检查程序签名也不检查请求来源直接跑,还是用 root 权限跑 😨\n\n鉴定为后门", - "views": 1886, + "views": 1887, "forwards": 52 }, { "id": 5278, "date": "2025-04-26T16:48:46", "text": "溯源一下发现这个漏洞是在 clash-verge-service 代码中出现的,从那个删库的原作者 zzzgydi 2022 年的第一个提交开始到现在都一直存在...", - "views": 1175, + "views": 1176, "forwards": 11, "reply": { "id": 5277, @@ -73066,7 +73066,7 @@ "id": 5288, "date": "2025-04-28T20:26:59", "text": "后续:clash verge rev 的开发者给 macOS 添加了可执行程序签名验证,然而这个签名验证并没有用(笑)\n\n因为它甚至没有解析 codesign 输出... 直接验证了 codesign 输出有没有包含特定的字符串,所以黑客只要自己签一个恶意 bin 把它检测的字符串全都堆到 identifier 里就可以绕过检测拿到 root 了 \n\n(PoC 原图放这里了: clash-verge-service#9)\n\n安全检查能写成这样也太草台了,而且这个注释看起来像是 AI 生成的一样... 希望大家都不要用这样的软件", - "views": 6402, + "views": 6403, "forwards": 150, "media_group_id": 13966976157341773, "images": [ @@ -102196,7 +102196,7 @@ "id": 7622, "date": "2025-12-31T23:00:35", "text": "锂电池烟花好好看,想点\n\n(源视频连接:Ignoring All Lithium Battery Safety Warnings.. For Science!)", - "views": 239, + "views": 240, "forwards": 2, "files": [ { @@ -102725,7 +102725,7 @@ "id": 7670, "date": "2026-01-04T22:06:51", "text": "去玩了小游戏「Deep Fry」(递归天妇罗?)好可爱好生草\n\n游戏全流程只有十五分钟,大家也可以去玩玩 qwq", - "views": 298, + "views": 302, "forwards": 7, "images": [ { diff --git a/exports/hykilp/rss.xml b/exports/hykilp/rss.xml index 57f456649..832d68d5c 100644 --- a/exports/hykilp/rss.xml +++ b/exports/hykilp/rss.xml @@ -12,7 +12,7 @@ https://aza.moe/life zh-cn - Fri, 09 Jan 2026 02:54:38 +0000 + Fri, 09 Jan 2026 04:35:12 +0000 小桂桂的回忆录 📒 #7674 https://aza.moe/life?post=7674