|
|
|
|
|
|
by 1oooqooq
241 days ago
|
|
|
how do you test your software can decompress files created with old/different implementations? the exploit used the only solution for this problem: binary test payload. there's no other way to do it. maybe including the source to those versions and all the build stuff to then create them programmatically... or maybe even a second repo that generates signed payloads etc... but its all overkill and would have failed human attention as the attack proved to begin with. |
|
|