I hereby claim:
- I am Siguza on github.
- I am siguza (https://keybase.io/siguza) on keybase.
- I have a public key whose fingerprint is 6393 3A9D E301 7C59 ADE5 3EBB 1591 E8CA 0BCA 036F
To claim this, I am signing this object:
Siguza Siguza
Siguza
/ RealDarkStackOverflow.user.js
Created
October 25, 2015 13:22
— forked from Tiny-Giant/RealDarkStackOverflow.user.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Stack Overflow Real Dark | |
| // @namespace http://github.com/TinyGiant/ | |
| // @description Real dark styling for Stack Overflow and some Stack Exchange sites | |
| // @author @TinyGiant | |
| // @run-at document-start | |
| // @version 1.0.1.0 | |
| // @include /^https?:\/\/.*\.?stack(overflow|exchange).com/.*$/ | |
| // ==/UserScript== |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * t2048.c - 2048 for some TI calculators | |
| * | |
| * Copyright (c) 2014 Siguza | |
| * | |
| * Tested on TI-89 Titanium only. According to headers, it should work on TI-92 and Voyage 200 as well, but no promises. | |
| * To be compiled with ti-gcc - as far as I remember, TI's own C compiler can't handle this. | |
| * | |
| * Licensed under MIT, i.e. feel free to use and redistribute at will, but I'd appreciate some credit. :) | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * img3ex.c - Extract Img3 files from any binary blob, e.g. a /dev/disk* dump. | |
| * | |
| * Placed in the Public Domain, do whatever you want with it. No warranty of any kind. | |
| * | |
| * Compile with: cc -o img3ex -std=c11 -Wall -O3 img3ex.c | |
| */ | |
| #include <errno.h> // errno | |
| #include <fcntl.h> // open, O_RDONLY |
Siguza
/ build_libimobiledevice.sh
Last active
April 22, 2021 23:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Moved here: https://github.com/Siguza/ios-build/blob/master/libimobiledevice/build.sh |
Siguza
/ keybase.md
Created
August 9, 2017 14:54
Siguza
/ zIVA_tfp0.md
Last active
April 22, 2021 23:38
Sadly I don't have a dev device on iOS 10, but for anyone playing around with zIVA caring about the kernel task port:
Starting with iOS 10.3 (and macOS 10.12.4), Apple changed convert_port_to_locked_task (and a few other port-to-something conversion functions) to blacklist the kernel task by means of a direct check. As a result, you can still obtain the kernel task port, but almost all APIs will simply treat it like MACH_PORT_NULL, thus rendering it useless. The check is a simple pointer comparison though, so it can be circumvented by just remapping the task struct at an additional virtual address and creating a new port from that with a ROP equivalent of:
vm_map_remap(
kernel_map,
&remap_addr,
sizeof(task_t),
0,
VM_FLAGS_ANYWHERE | VM_FLAGS_RETURN_DATA_ADDR,
Siguza
/ dpkg_merge.c
Created
October 6, 2017 09:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Siguza | |
| // Treat as public domain. | |
| #include <ctype.h> // isspace | |
| #include <stdlib.h> // malloc, free, | |
| #include <string.h> // strlen, strncmp, strstr | |
| // Turn delimiter tokens into null terminators and | |
| // create array of pointers to each new string. | |
| static void destructive_split(char *str, const char *delim, char ***out, size_t *outlen) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Moved here: https://github.com/Siguza/misc/blob/master/dsc_syms.c |
Siguza
/ PayPalPhishing.md
Created
February 15, 2018 15:02
Not long ago I tweeted about some PayPal phishing mails I got, which appeared to use hacked websites for their cause, and of which all traces were gone 24h after my initial recon.
Well, I got another such mail:
Return-Path: <rcp133066@jmenviro.com>
X-Original-To: Contact@siguza.net
Delivered-To: siguza@siguza.net
Received: from linuxhosting09.rediff.com (host152-150.mxout.rediffmailpro.com [119.252.152.150])
Siguza
/ JBdetection.md
Created
March 18, 2018 03:19
The controversy of jailbreak detection has been brought up multiple times in my Twitter feed, so in order to not have to repeat myself, I'll write my thoughts down here.
One day I'll hopefully get round to set up a realistic blog and then I'll move this there, but for now I'll just dump it here on GitHub.
Hi. I'm Siguza, and among other things I write exploits for a hobby and help make jailbreaks. One of the reasons I do that is because I believe we should have the ability to run whatever we want on our iDevices, just as we do with laptops and desktop computers. Now, a lot of app developers however seem to despise jailbreaks, and try to make their apps refuse service on jailbroken devices. I think that firstly sucks big time, and secondly always misses the point. From what I gathered, the two arguments for using jailbreak detection seem to be:
- "J
OlderNewer