Blake Burkhart bburky

## container.rsc
# Run the Tailscale Docker container on a Mikrotik router

# Based on Mikrotik container documentation:
# https://help.mikrotik.com/docs/display/ROS/Container

# Tailscale container documentation:
# https://hub.docker.com/r/tailscale/tailscale

# Tested on an hAP AX^3 with RouterOS 7.7

## ssd1306_nametag.ino
#include <SPI.h>
#include <Wire.h>

#include <Adafruit_GFX.h>
#include <Adafruit_SSD1306.h>

#define SCREEN_WIDTH 128 // OLED display width, in pixels
#define SCREEN_HEIGHT 64 // OLED display height, in pixels

// Declaration for an SSD1306 display connected to I2C (SDA, SCL pins)

## default.yaml
# FIPS enabled Fedora 34 Lima VM configuration
# Based based on https://github.com/lima-vm/lima/blob/master/examples/fedora.yaml

# Create the VM and restart the VM after initial creation to finish FIPS mode setup:
#   limactl start --tty=false default.yaml && limactl stop default && limactl start default
# Test FIPS:
#   lima fips-mode-setup --check
# Use it:
#   lima nerdctl run --rm -it busybox

## script.js
// ==UserScript==
// @name        Open Google Apps scripts in new tab on middle click
// @namespace   https://bburky.com/
// @match       https://script.google.com/*
// @grant       none
// @version     1.0
// @author      -
// @description Note: broken on non-apps script links (docs scripts, etc). Only works with middle click (not cmd-click).
// @inject-into content
// ==/UserScript==

## GameOverlayRenderer.js
// Inject Steam GameOverlayRenderer DLL into a game
//
// Inspired by https://gist.github.com/Andon13/d439d5334d8173e5b959f383f1c49b03
//
// Must be run during process initialization, cannot be run after the game is
// started.
//
// GameOverlayRenderer will use an appid from the SteamGameId environment
// variable. This is injected too. GameOverlayRenderer does not support
// steam_appid.txt, but this script will parse the file to discover the appid.

## README.md

      
              3 files
            
          
              0 forks
            
          
                0 comments
              
            
              1 star
            
          
                bburky
                / README.md
            
            
              Last active
              October 24, 2023 12:36
            
              
                SECCOMP_RET_USER_NOTIF based Frida syscall tracer
              
          
    Proof of concept SECCOMP_RET_USER_NOTIF based Frida syscall tracer

A hacked up version of https://man7.org/tlpi/code/online/dist/seccomp/seccomp_user_notification.c.html running inside Frida.
installFilter() should be called on the main thread of the application. It's not possible to install the seccomp filter from rpc.exports.init() because it runs on a Frida thread.
installFilter() sets NO_NEW_PRIVS (required if non-root), installs the seccomp filter to trigger notifications, then creates a pthread to watch for notifications. Upon notifications a callback into Frida is invoked.
When the callback fires, it won't be on the thread that invoked the syscall. I'm not actually sure how to use Frida interact with the suspended thread. Don't know how to get a backtrace on it or execute code on it. Might be possible to set a temporary interceptor on it's EIP.

  
## Dockerfile
FROM alpine
RUN apk --no-cache add procps

RUN env
# The environment of RUN commands may have a few interesting extra values in
# it, but shouldn't ever have environment variables from the host environment.

# Makisu don't actually clean this environment though, so all variables are
# easily accessible here.

## k8s-diff.py
#!/usr/bin/env python3
# Offline `kubectl diff` style tool (does not use cluster state). Diff two
# local files containing templated manifests (e.g. kustomize or helm output).
#
# Resources in each file are matched by api, kind, namespace and name. This is
# also shown in the filename fields of the diff output.
#
# Usage:
#   k8s-diff.py old-manifests.yaml new-manifests.yaml
#   kustomize build . | k8s-diff.py /tmp/old-manifests.yaml -

## epub-fts5.sh
#!/bin/sh
# Update index:
#   epub-fts5.sh
# FTS5 query (avoid single quotes, there's no escaping): https://www.sqlite.org/fts5.html#full_text_query_syntax
#   epub-fts5.sh foo OR bar NOT baz
#   epub-fts5.sh '"foo bar"'
#   epub-fts5.sh 'NEAR(foo bar)'

EPUB_PATH=$HOME/path/to/your/epub/library

## gdb.py
import gdb
import sys

# Uses avr-gdb's built-in `target sim` simulator
# Requires avr-gdb to be built with Python support
# Run `source gdb.py` inside GDB to run

# firmware.elf must be built with debug symbols (a .hex file could be used if you memory addresses were manually specified)

def onI2CReceive():
	# Run the Tailscale Docker container on a Mikrotik router

	# Based on Mikrotik container documentation:
	# https://help.mikrotik.com/docs/display/ROS/Container

	# Tailscale container documentation:
	# https://hub.docker.com/r/tailscale/tailscale

	# Tested on an hAP AX^3 with RouterOS 7.7
	#include <SPI.h>
	#include <Wire.h>

	#include <Adafruit_GFX.h>
	#include <Adafruit_SSD1306.h>

	#define SCREEN_WIDTH 128 // OLED display width, in pixels
	#define SCREEN_HEIGHT 64 // OLED display height, in pixels

	// Declaration for an SSD1306 display connected to I2C (SDA, SCL pins)
	# FIPS enabled Fedora 34 Lima VM configuration
	# Based based on https://github.com/lima-vm/lima/blob/master/examples/fedora.yaml

	# Create the VM and restart the VM after initial creation to finish FIPS mode setup:
	# limactl start --tty=false default.yaml && limactl stop default && limactl start default
	# Test FIPS:
	# lima fips-mode-setup --check
	# Use it:
	# lima nerdctl run --rm -it busybox
	// ==UserScript==
	// @name Open Google Apps scripts in new tab on middle click
	// @namespace https://bburky.com/
	// @match https://script.google.com/*
	// @grant none
	// @version 1.0
	// @author -
	// @description Note: broken on non-apps script links (docs scripts, etc). Only works with middle click (not cmd-click).
	// @inject-into content
	// ==/UserScript==
	// Inject Steam GameOverlayRenderer DLL into a game
	//
	// Inspired by https://gist.github.com/Andon13/d439d5334d8173e5b959f383f1c49b03
	//
	// Must be run during process initialization, cannot be run after the game is
	// started.
	//
	// GameOverlayRenderer will use an appid from the SteamGameId environment
	// variable. This is injected too. GameOverlayRenderer does not support
	// steam_appid.txt, but this script will parse the file to discover the appid.
	FROM alpine
	RUN apk --no-cache add procps

	RUN env
	# The environment of RUN commands may have a few interesting extra values in
	# it, but shouldn't ever have environment variables from the host environment.

	# Makisu don't actually clean this environment though, so all variables are
	# easily accessible here.
	#!/usr/bin/env python3
	# Offline `kubectl diff` style tool (does not use cluster state). Diff two
	# local files containing templated manifests (e.g. kustomize or helm output).
	#
	# Resources in each file are matched by api, kind, namespace and name. This is
	# also shown in the filename fields of the diff output.
	#
	# Usage:
	# k8s-diff.py old-manifests.yaml new-manifests.yaml
	# kustomize build . \| k8s-diff.py /tmp/old-manifests.yaml -
	#!/bin/sh
	# Update index:
	# epub-fts5.sh
	# FTS5 query (avoid single quotes, there's no escaping): https://www.sqlite.org/fts5.html#full_text_query_syntax
	# epub-fts5.sh foo OR bar NOT baz
	# epub-fts5.sh '"foo bar"'
	# epub-fts5.sh 'NEAR(foo bar)'

	EPUB_PATH=$HOME/path/to/your/epub/library
	import gdb
	import sys

	# Uses avr-gdb's built-in `target sim` simulator
	# Requires avr-gdb to be built with Python support
	# Run `source gdb.py` inside GDB to run

	# firmware.elf must be built with debug symbols (a .hex file could be used if you memory addresses were manually specified)

	def onI2CReceive():