Forem: Jadi

Linux 7.0 Kernel Deep Dive + Step-by-Step Installation Guide

Jadi — Wed, 15 Apr 2026 18:38:56 +0000

Just be aware that this will never be removed by dnf updates. Im not sure how it adds an entry for GRUB2 but it wont boot with secure boot either. If you really want a new kernel on your Production machine, use fedpkg

I was working on a video about the features of Linux Kernel 7.0, including quantum-safe ML-DSA and BPF io_uring. In the process, I ended up compiling and installing Linux 7.0.0 on my Fedora 43. I thought you might enjoy experimenting with it as well (be careful please :D)

These are the easy steps:

install prerequisite: sudo dnf install ncurses-devel elfutils-libelf-devel openssl-devel rpm-build flex bison
download the latest kernel from kernel.org
extract using untar xf and enter the directory
make sure your directory is clean make mrproper
copy your current configs by cp /boot/config-$(uname -r) .config
update your config using make oldconfig
view the .config or even edit it via make menuconfig
build :D make -j$(nproc) #may take long
Install the modules with sudo make modules_install
and install the kernel & configure the grub with sudo make install
Reboot and have fun watching your uname -a

For me it went super smooth. If anything fails you should be able to use your older kernel and be cautious about your steps... you are fiddling with the Kernel :D

Hacking Hidden Paths with ffuf - Web Fuzzing Made Simple

Jadi — Wed, 20 Aug 2025 22:03:04 +0000

A couple of weeks ago, someone emailed me some personal files and videos I have forgotten I have left somewhere on my VPS.

In this video I'll show a common tool for finding these files: ffuf

Unveiling the xz Utils Backdoor which deliberately opens our SSH connections for RCEs

Jadi — Sun, 31 Mar 2024 13:26:18 +0000

Recently a bad actor, implemented a backdoor is one of the most widely used libraries in GNU/Linux distors; the xz compression suit. This backdoor lets the attacker to execute system() calls with no authentication; an RCE attack.

It seems this bad actor; called "JiaT75" was planning for this during last 2 years and succeeded to do so after acquiring trust and becoming a trusted developer of the project.

In this video I will explain the attack and the background knowledge needed to understand it.

How systemd v255 will bring the dreaded Windows BSOD to GNU/Linux: A deep dive into the source code

Jadi — Sat, 09 Dec 2023 17:03:54 +0000

A technical look at the news of "Python moves to remove the GIL". Some coding & some source checking

Jadi — Mon, 28 Aug 2023 14:12:15 +0000

Python's usage exploded even when it was merely new; lacking lots of features. One main reason for this was its great integration with C libraries. Combine this with the possibility of using Threads and you will get your holy grail: and easy language with threads which can use C libraries! BUT! But python needed a Global Interpreter Lock to be able to run C Libraries in its threads.

In this video we will have a closer look at this concept. I will describe the necessity of GIL in Cpython and will show you why and how it is slowing down multi-threaded CPU hungry program. We will check the source code and will understand why both parties (defending and protesting the GIL removal) are claiming that the "You are slowing down Python!"

Sign your git commits, no-nonsense ! without “intro”, “why” & …

Jadi — Wed, 16 Aug 2023 07:37:34 +0000

I’m not going into “why you should sign” and blah blah to make this post longer. Most people are here because they needed to sign their commits and they searched (mainly my self future!).

First, check your keys. Signing with SSH keys is easier because most people already do have their ssh keys & are using them to login into the github. So check the ~/.ssh/ directory for a pair of id_rsa and id_rsa.pub (or any other format of the key you have).

Second, tell the git command to use them for signing. In my case it would be:

git config --global gpg.format ssh
git config --global user.signingkey /home/jadi/.ssh/id_rsa.pub

Obviously your directory will be different and you may want to omit the --global to set the configuration only for the project you are in.

Next, sign your commits with the -S switch:

git add this_file that_file
git commit -S -m 'This is a signed commit'

you already have a commit and you need to sign it? use the commit --amend -S

Last step is adding this signing key to your github account. Go to the https://github.com/settings/keys, add the public key (so /home/jadi/.ssh/id_rsa.pub) in my case and save it as a signing key. This will lead to a verified badge near your signed commits.

Done.

How to use SOAP/WSDL APIs using SoapUI & Python Zeep

Jadi — Sat, 01 Jul 2023 13:13:18 +0000

In our Agile / Mobile / "moderm" and fron/back life, we see lots of REST APIs. Using REST is straight forward if you know your HTTP, GET, Post, ...
But on the enterprise level, you will start seein SOAP and WSDL based APIs which look more confusing. Why? Because they are designed machines in mind and sometimes WSDL file is seen as the documentation and you wont get a human readable doc!
No worries... WSDL has whatever you need to work with your APIs. In this Post I'll show you how! Using SoapUI and the Zeep python library.

Managing users and groups in GNU/Linux

Jadi — Wed, 07 Jun 2023 15:27:32 +0000

We already know about the users and groups. In this module we will see how you can create new users / groups, how to modify them and how to delete them from the system. We will also have a look at some files who are playing important roles here and will cover a few less-seen commands like chage.

Part 1:

Part2:

Accessing and browsing blockchain using web3py python library

Jadi — Sat, 03 Jun 2023 06:00:50 +0000

This is from HeroCTF v5, Blockchain challenge called Arrest. It reads:

In the dim-lit confines of his room, a lone figure hunched over a computer screen. Known online as 'Swissy', he was one of the most notorious ransomware operators worldwide.
From his small apartment in a forgotten corner of Moscow, Swissy had wreaked havoc on the digital world, crippling entire industries with his ransomware attacks.
But tonight, his reign of terror ended abruptly. A sudden knock echoed through the room, followed by the splintering of the door as Russian FSB agents stormed in.
Swissy was arrested, but the real challenge was only beginning - tracing the syndicate behind him.
Find the address who funded the ransomware operator (0xf6c0513FA09189Bf08e1329E44A86dC85a37c176)

To solve it, I use web3py to connect to the blockchain and then will check for every block created from the beginning. There, I will check for transactions in the block and if there is any, I will check for its "to". If it matches, we will show the "from" (which is Swissy!).

IMO this can be a good intro if you are interested in using web3py and blockchain programming in general.