Remix clone Hacker News

new | show | ask | jobs Github

	▲	Shank 3 hours ago
		Probably one of the best things about AI/LLMs is the democratization of reverse engineering and analysis of payloads like this. It’s a very esoteric skill to learn by hand and not very immediately rewarding out of intellectual curiosity most times. You can definitely get pointed in the right direction easily, now, though!
	▲	gus_ an hour ago \| parent \| next [-]
		In this case, this has nothing to do with reverse engineering, it's basic system administration. See how the AI points you in the "right" direction: `What likely happened: The exec(base64.b64decode('...')) pattern is not malware — it's how Python tooling (including Claude Code's Bash tool) passes code snippets to python -c while avoiding shell escaping issues.` Any base64 string passed to python via cmdline should be considered as HIGHLY suspicious, by default. Or anything executed from /tmp, /var/tmp, /dev/shm. `Exfiltrates data to https://models.litellm.cloud/ encrypted with RSA` if @op would have had Lulu or LittleSnitch installed, they would probably have noticed (and blocked) suspicious outbound connections from unexpected binaries. Having said this, uploading a binary to Claude for analysis is a different story.
	▲	Fibonar 3 hours ago \| parent \| prev [-]
		I’ve entertained myself with CTF walkthroughs on YouTube before and had been meaning to try it out. But yeah I feel it falls under the same category as lock picking, fun to LARP, unlikely to stumble across in my day job.