smx-smx

XZ Backdoor symbol deobfuscation. Updated as i make progress

q3k

0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'

ThePlenkov

#!/bin/bash

# Remove existing "nameserver" lines from /etc/resolv.conf
sed -i '/nameserver/d' /etc/resolv.conf

# Run the PowerShell command to generate "nameserver" lines and append to /etc/resolv.conf
# we use full path here to support boot command with root user
/mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe -Command '(Get-DnsClientServerAddress -AddressFamily IPv4).ServerAddresses | ForEach-Object { "nameserver $_" }' | tr -d '\r'| tee -a /etc/resolv.conf > /dev/null

moyix

#!/usr/bin/env python

import re
import sys, os
sys.path.append('/usr/lib/python3/dist-packages')
import apt
import apt_pkg
import argparse

def urljoin(*args):

ErnWong

Awesome List of Rust Footguns

This will be a living document where I will ocassionally add new "gotchas" I discover with Rust. Do note that I am still learning Rust. I mean, who isn't?

Drops are not guaranteed

8 May 2021.

Dear diary,

pixel-stuck

Hacking the SX Core modchip

Background

On October 2nd 2020, CVE-2020-15808 was publicly announced, detailing an out-of-bounds memory read/write vulnerability in STM's microcontroller firmware. Any chip containing STM's USB CDC driver library contains the bugged code, which represents a large amount of products on the market. While bugged STM libraries may be bad enough, this problem is much more widespread. Several companies manufacture "clones" of STM chips which, due to mostly identical MMIO (Memory Mapped Input/Output) addresses, fully support the affected STM vendor code. Most clone manufacturers don't offer their own libraries, so developers must either write their own from scratch, or they can use the STM's existing libraries, and most clone manufacturers encourage this.

Armed with this information, I became interested in exploiting and dumping the flash on the "Team Xecuter" SX Core modchip for the Nintendo Switch. The MCU used on the ch

cdeath

Extract stuff from .mkv with ffmpeg

Full documentation: https://ffmpeg.org/ffmpeg.html

List all tracks

ffmpeg -i input.mkv

track indexes are zero-based.

Track types

coltenkrauter

More recent resolution:

1. cd ~/../../etc (go to etc folder in WSL).
2. echo "[network]" | sudo tee wsl.conf (Create wsl.conf file and add the first line).
3. echo "generateResolvConf = false" | sudo tee -a wsl.conf (Append wsl.conf the next line).
4. wsl --terminate Debian (Terminate WSL in Windows cmd, in case is Ubuntu not Debian).
5. cd ~/../../etc (go to etc folder in WSL).
6. sudo rm -Rf resolv.conf (Delete the resolv.conf file).
7. In windows cmd, ps or terminal with the vpn connected do: Get-NetIPInterface or ipconfig /all for get the dns primary and
secondary.

DannyHinshaw

# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.pem with the following command:
#    openssl req -new -x509 -keyout key.pem -out server.pem -days 365 -nodes
# run as follows:
#    python simple-https-server.py
# then in your browser, visit:
#    https://localhost:4443


import http.server

munificent

#include <time.h> //  Robert Nystrom
#include <stdio.h> // @munificentbob
#include <stdlib.h> //     for Ginny
#define  r return    //    2008-2019
#define  l(a, b, c, d) for (i y=a;y\
<b; y++) for (int x = c; x < d; x++)
typedef int i;const i H=40;const i W
=80;i m[40][80];i g(i x){r rand()%x;
}void cave(i s){i w=g(10)+5;i h=g(6)
+3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u