Skip to content

Instantly share code, notes, and snippets.

Avatar
🌍
Hack the planet!

David Buchanan DavidBuchanan314

🌍
Hack the planet!
View GitHub Profile
@DavidBuchanan314
DavidBuchanan314 / widevine_fixup.py
Last active March 16, 2023 12:24
Patch aarch64 widevine blobs from ChromeOS to work on non-ChromeOS linux, including platforms with 16K page size like Apple Silicon / Asahi Linux
View widevine_fixup.py
"""
MIT License
Copyright (c) 2023 David Buchanan
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
View fake_widevine.js
// ==UserScript==
// @name Fake Widevine
// @namespace http://tampermonkey.net/
// @version 0.1
// @description Fake the presence of a functional Widevine CDM - enough to get the spotify UI to launch, so you can pick another playback device.
// @author David Buchanan
// @match https://open.spotify.com/*
// @icon https://www.google.com/s2/favicons?sz=64&domain=spotify.com
// @grant none
// ==/UserScript==
View pygame_rotation_test.py
import pygame
WHITE = (0xff, 0xff, 0xff)
pygame.init()
screen = pygame.display.set_mode((128, 128))
clock = pygame.time.Clock()
arrow_surface = pygame.surface.Surface((64, 64))
pygame.draw.aaline(arrow_surface, WHITE, (32, 0), (32, 64))
@DavidBuchanan314
DavidBuchanan314 / figlett.py
Last active January 8, 2023 04:41
Demo of rendering TrueType fonts in the terminal, in a figlet-like way. (p.s. it segfaults occasionally, lol)
View figlett.py
import cairocffi
import pangocffi
import pangocairocffi
import sys
import os
try:
width, height = os.get_terminal_size().columns, 1024
except OSError:
# There doesn't seem to be a neat way of figuring out the size of some text without
View linux_syscall_hook_by_chatgpt.c
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/syscalls.h>
#include <linux/kallsyms.h>
/* Function that replaces the original setuid syscall.
* It behaves the same as the original syscall, except it also
* checks if the provided uid is 0 (root), and if so,
* it grants the calling process root privileges.
*/
View parse_bin_string.c
#include <stdio.h>
#define IS_DIG(x) (((x)|1)=='1')
#define SLEN(s) ((sizeof s)-1)
#define RIDX(s,x) ((x)<SLEN(s)?s[SLEN(s)-1-(x)]:0)
#define CNT(s,x,n) ((x)<n?IS_DIG(RIDX(s,(x))):0)
#define CNT4(s,x,n) (CNT(s,x+0,n)+CNT(s,x+1,n)+CNT(s,x+2,n)+CNT(s,x+3,n))
#define CNT16(s,x,n) (CNT4(s,x+0,n)+CNT4(s,x+4,n)+CNT4(s,x+8,n)+CNT4(s,x+12,n))
#define CNT64(s,x,n) (CNT16(s,x+0,n)+CNT16(s,x+16,n)+CNT16(s,x+32,n)+CNT16(s,x+48,n))
#define VAL(s,x) ((RIDX(s,x)=='1')<<(CNT64(s,0,x)))
#define VAL4(s,x) (VAL(s,x+0)+VAL(s,x+1)+VAL(s,x+2)+VAL(s,x+3))
View 00_writeup.md

MD5 Collision with CRC32 Preimage

Here's the scenario: We want to craft two different messages with the same MD5 hash, and a specific CRC32 checksum, simultaneously.

In other words, we want an MD5 collision attack and a CRC32 preimage attack.

This might seem like a contrived scenario, but it's exactly the one I faced while producing my PNG hashquine (Yes OK maybe that's also a contrived scenario, cut me some slack).

On its own, a CRC32 preimage attack is trivial. You can craft a 4-byte suffix that gives any message a specific checksum, calculated using a closed-form expression (which I am too lazy to derive, not even with assistance from Z3). It's not an attack per-se, since CRC32 was never meant to be cryptograpically secure in the first place.

View gzip_swar_life.py
import os
import sys
"""
This (pure!) python script streams a gzip-compressed YUV4MPEG video to stdout.
It easily runs at 1080p60fps on my machine.
Pipe it into a media player like this:
python3 gzip_swar_life.py | mbuffer | gunzip - | mpv -
View swar_life.py
import os
import sys
"""
This (pure!) python script streams a YUV4MPEG format video to stdout. It easily
runs at 1080p60fps on my machine.
Pipe it into a media player like this:
python3 swar_life.py | mpv -
View periodict_table_golf.py
import inspect
# helper function to visualise the results
def print_table(width, height, function):
grid = [[" "]*(width + 1) for _ in range(10)]
for n in range(1, 118+1):
y, x = function(n)
grid[y][x] = str(n).ljust(3)
for x in range(1, width+1):