ceres-c

FROM greyltc/archlinux-aur:latest

ARG VSCODE_USER="user"
ARG VSCODE_PASS="password"

RUN pacman -Sy --noconfirm openssh alsa-lib jdk11-openjdk tmux sshfs zsh nano noto-fonts noto-fonts-emoji ttf-linux-libertine
RUN aur-install visual-studio-code-bin burpsuite-pro

RUN useradd "$VSCODE_USER" --system --create-home
RUN echo "$VSCODE_USER:$VSCODE_PASS" | chpasswd

ceres-c

chntpw -e /media/windows/Windows/System32/config/SYSTEM

in chntpw:

cd ControlSet001\Services\BTHPORT\Parameters\Keys\{computer-bluetooth-mac}
hex {device-bluetooth-id}

Take the output of the hexdump, remove spaces and insert as-is in

ceres-c

The X230 I use for playing with Coreboot has a Intel Corporation 82579LM ethernet card with WoL support. Problem is, when the laptop is woken up via a WoL packet, the e1000e driver in linux is not able to bring up the network card correctly.

As highlighted on this Arch forums post, the problem can be solved resetting the PCI device before the driver is loaded. This mkinitcpio hook does exactly that if you add reset-e1000e as the first hook in your HOOKS list. Don't forget to rebuild your initrd.

ceres-c

#! /bin/python3

import os
from urllib.parse import unquote

import httpx
import lxml.html

unit_id = 100009140 # Numeric unit id, can be found in URL as "id" parameter
cookies = {'ASP.NET_SessionId': ''} # Alphanumeric cookie

ceres-c

Disabling WPAD

WPAD is the Windows Proxy Auto Discovery service, used since Windows 95, IIRC, to automatically discover network configurations. Since Windows 10 Microsoft decided for some reason that users shall NOT be allowed to disable this (mostly) useless and problematic service.

Problem is: on my laptop this feature used up to 20% of the CPU while doing nothing at all due to some bug I don't want to dig into. The best part is that it often triggered after disconnection from a wireless network. Discovering proxies makes lot of sense once you are NOT connected to any network, huh? Also, there were multiple vulnerabilities related to this service and cute tools such as Responder leverage on it.

Killing WPAD

The service can still be disabled writing in the registry, but it will be randomly re-enabled by windows after upda

ceres-c

#! /bin/python

import json
import random
import re
import string
import time
import urllib.parse
from threading import Thread
from time import sleep, time_ns

ceres-c

#!/usr/bin/python3

# Author: ceres-c 2019-12-29

# Authenticate to ICODE SLI tags

import hid

# Global defines & commands
password = [0x00, 0x00, 0x00, 0x00] # You have to find it yourself, try to search online in german ;-)

ceres-c

FROM base/devel:latest

MAINTAINER federico@ceres-c.it

# update system
RUN \
      pacman -Syyu --noconfirm

# install basic dependencies
RUN \

ceres-c

#!/usr/bin/python3

# Author: ceres-c 2019-01-06
# Updates recursively cue files to reflect track's title present in flac files.

import os
from mutagen.flac import FLAC

def cueupdater (path, cuefile):
	title = None

ceres-c

#!/usr/bin/python3

'''
author: ceres-c
usage: ./frida-extract-keystore.py
       Once the keystore(s) have been exported you have to convert them to PKCS12 using keytool
'''

import frida, sys, time