chntpw -e /media/windows/Windows/System32/config/SYSTEM
in chntpw:
cd ControlSet001\Services\BTHPORT\Parameters\Keys\{computer-bluetooth-mac}
hex {device-bluetooth-id}
Take the output of the hexdump, remove spaces and insert as-is in
FROM greyltc/archlinux-aur | |
ARG VSCODE_USER="user" | |
ARG VSCODE_PASS="password" | |
RUN pacman -Sy --noconfirm zsh openssh alsa-lib | |
RUN aur-install visual-studio-code-bin | |
RUN useradd "$VSCODE_USER" --system --shell /usr/bin/zsh --create-home | |
RUN echo "$VSCODE_USER:$VSCODE_PASS" | chpasswd |
chntpw -e /media/windows/Windows/System32/config/SYSTEM
in chntpw:
cd ControlSet001\Services\BTHPORT\Parameters\Keys\{computer-bluetooth-mac}
hex {device-bluetooth-id}
Take the output of the hexdump, remove spaces and insert as-is in
The X230 I use for playing with Coreboot has a Intel Corporation 82579LM ethernet card with WoL support. Problem is, when the laptop is woken up via a WoL packet, the e1000e driver in linux is not able to bring up the network card correctly.
As highlighted on this Arch forums post, the problem can be solved resetting the PCI device before the driver is loaded. This mkinitcpio hook does exactly that if you add reset-e1000e
as the first hook in your HOOKS
list. Don't forget to rebuild your initrd.
#! /bin/python3 | |
import os | |
from urllib.parse import unquote | |
import httpx | |
import lxml.html | |
unit_id = 100009140 # Numeric unit id, can be found in URL as "id" parameter | |
cookies = {'ASP.NET_SessionId': ''} # Alphanumeric cookie |
WPAD is the Windows Proxy Auto Discovery service, used since Windows 95, IIRC, to automatically discover network configurations. Since Windows 10 Microsoft decided for some reason that users shall NOT be allowed to disable this (mostly) useless and problematic service.
Problem is: on my laptop this feature used up to 20% of the CPU while doing nothing at all due to some bug I don't want to dig into. The best part is that it often triggered after disconnection from a wireless network. Discovering proxies makes lot of sense once you are NOT connected to any network, huh? Also, there were multiple vulnerabilities related to this service and cute tools such as Responder leverage on it.
The service can still be disabled writing in the registry, but it will be randomly re-enabled by windows after upda
#! /bin/python | |
import json | |
import random | |
import re | |
import string | |
import time | |
import urllib.parse | |
from threading import Thread | |
from time import sleep, time_ns |
#!/usr/bin/python3 | |
# Author: ceres-c 2019-12-29 | |
# Authenticate to ICODE SLI tags | |
import hid | |
# Global defines & commands | |
password = [0x00, 0x00, 0x00, 0x00] # You have to find it yourself, try to search online in german ;-) |
FROM base/devel:latest | |
MAINTAINER federico@ceres-c.it | |
# update system | |
RUN \ | |
pacman -Syyu --noconfirm | |
# install basic dependencies | |
RUN \ |
#!/usr/bin/python3 | |
# Author: ceres-c 2019-01-06 | |
# Updates recursively cue files to reflect track's title present in flac files. | |
import os | |
from mutagen.flac import FLAC | |
def cueupdater (path, cuefile): | |
title = None |
#!/usr/bin/python3 | |
''' | |
author: ceres-c | |
usage: ./frida-extract-keystore.py | |
Once the keystore(s) have been exported you have to convert them to PKCS12 using keytool | |
''' | |
import frida, sys, time |