FreddieOliveira

Docker on Android 🐋📱

Edit 🎉

All packages, except for Tini have been added to termux-root. To install them, simply pkg install root-repo && pkg install docker. This will install the whole docker suite, left only Tini to be compiled manually.

---

Summary

chtzvt

# Charlton Trezevant's Zoomin DNSMasq Config - Version 1.0

# Having a large local cache speeds up subsequent DNS queries significantly (from several hundred msec to around 25-30)
# You may need to adjust this depending on the amount of free space you have
cache-size=10000 
# This ensures local reverse lookup queries are never sent upstream (e.g. dig +noall +answer -x 10.0.1.1)
bogus-priv
# Names without a dot or other domain part will also not be forwarded upstream
domain-needed
# We won't need dnsmasq to overwrite the system's resolv.conf, as we have our own cache.

egirault

Dumping the flash of the Syscan 2015 badge

The badge of the Syscan 2015 conference included an ARM-based STM32F030R8 processor running some challenges. Although SWD pins are accessible on the badge, some have noted that the STM32 is readout-protected, meaning that it will refuse to dump its flash memory.

Fortunately, two researchers (Johannes Obermaier and Stefan Tatschner) recently published a paper at the WOOT '17 conference, in which they reveal a vulnerability allowing to bypass the readout protection. Their technique allows to dump the flash one DWORD at a time, rebooting the CPU between each access.

I implemented this attack using a BusPirate and the PySWD module. Here is a quick'n dirty PoC to