Event JSON
{
"id": "733a107679e60c0bce69cc7890be626a702a525d9a200d4b9eb53f348fd036d4",
"pubkey": "03a1277c960852d0619c90e78ce883f4b3466112fad0ae6c8e2586f86df67e85",
"created_at": 1720008987,
"kind": 1,
"tags": [
[
"proxy",
"https://hachyderm.io/@llimllib/112722509006887493",
"web"
],
[
"p",
"03a1277c960852d0619c90e78ce883f4b3466112fad0ae6c8e2586f86df67e85"
],
[
"p",
"738a357fe907750e6836230e04a7ca2e5f811f0cd1972c585546e3c4459e5075"
],
[
"e",
"77b4d36a6e3bcb52558fb5051860a3d97b473d7432ace66426269df9363b43a2",
"",
"root"
],
[
"e",
"c844e213deb1d34ddc161b74b68a4c2f9b148b89b5b84d8d9ec238254c29c378",
"",
"reply"
],
[
"proxy",
"https://hachyderm.io/users/llimllib/statuses/112722509006887493",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://hachyderm.io/users/llimllib/statuses/112722509006887493",
"pink.momostr"
],
[
"expiration",
"1722601207"
]
],
"content": "The vector for us was that somebody uploaded a file with a jpg extension that was actually an EPS (postscript) file. A javascript library passed the image to imagemagick, which detected it as a postscript file and passed it off to ghostscript (we had no idea it would do this), which then happily gave shell to the attacker. madness",
"sig": "f407b8913500659ccceccc720ff972635fe105a9e96fc86a5720031869c030ade56d3073db10efa86a0afc8cd233dea02b233755c50547950a8fa058b36a784d"
}
