I hereby claim:
- I am cji on github.
- I am cjingram (https://keybase.io/cjingram) on keybase.
- I have a public key ASAM8H3RQ4-phq9lkv0UQEqX1eysqbP-7ynOEwOvLFGZbQo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
* Default Layer: | |
* ,-----------------------------------------------------------------------------------. | |
* | Tab | Q | W | E | R | T | Y | U | I | O | P | Bksp | | |
* |------+------+------+------+------+-------------+------+------+------+------+------| | |
* | Esc | A | S | D | F | G | H | J | K | L | ; | " | | |
* |------+------+------+------+------+------|------+------+------+------+------+------| | |
* | Shift| Z | X | C | V | B | N | M | , | . | / |Enter | | |
* |------+------+------+------+------+------+------+------+------+------+------+------| | |
* | Lite | Ctrl | Alt | GUI |Lower | Space |Raise | Left | Down | Up |Right | | |
* `-----------------------------------------------------------------------------------' |
*************** | |
*** 131,136 **** | |
--- 131,158 ---- | |
0xFFFFFFF007194BBC, // KSYMBOL_SLEH_SYNC_EPILOG // look for xrefs to "Unsupported Class %u event code." | |
}; | |
+ uint64_t ksymbols_ipad_mini_2_wifi_15b202[] = { | |
+ 0xFFFFFFF0074947EC, // KSYMBOL_OSARRAY_GET_META_CLASS, | |
+ 0xFFFFFFF007523A98, // KSYMBOL_IOUSERCLIENT_GET_META_CLASS | |
+ 0xFFFFFFF007525240, // KSYMBOL_IOUSERCLIENT_GET_TARGET_AND_TRAP_FOR_INDEX |
Open the debugger VM's .vmx file. delete the existing serial0 lines (used for printing, not needed) add these lines:
serial0.present = "TRUE"
serial0.pipe.endPoint = "client"
serial0.fileType = "pipe"
serial0.yieldOnMsrRead = "TRUE"
serial0.tryNoRxLoss = "FALSE"
serial0.startConnected = "TRUE"
#!/usr/bin/env python3 | |
# | |
# Exploit for "assignment" of GoogleCTF 2017 | |
# | |
# CTF-quality exploit... | |
# | |
# Slightly simplified and shortened explanation: | |
# | |
# The bug is a UAF of one or both values during add_assign() if a GC is | |
# triggered during allocate_value(). The exploit first abuses this to leak a |
* install Docker for Mac | |
* clone the repo https://github.com/wurstmeister/kafka-docker | |
* cd kafka-doctor | |
* docker-compose up | |
* docker-compose scale kafka=3 | |
* `docker network inspect kafkadocker_default` and get the Default Gateway to use as the IPs below | |
* ./start-kafka-shell.sh 172.18.0.1 172.18.0.1:2181 | |
$KAFKA_HOME/bin/kafka-topics.sh --create --topic topic \ | |
--partitions 4 --zookeeper $ZK --replication-factor 2 |
Bringing machine 'default' up with 'virtualbox' provider... | |
==> default: Importing base box 'precise32'... | |
==> default: Matching MAC address for NAT networking... | |
==> default: Setting the name of the VM: thug-vagrant | |
==> default: Clearing any previously set network interfaces... | |
==> default: Available bridged network interfaces: | |
1) en0: Wi-Fi (AirPort) | |
2) en1: Thunderbolt 1 | |
3) en2: Thunderbolt 2 | |
4) bridge0 |
I hereby claim:
To claim this, I am signing this object:
defaults write com.apple.mail DisableInlineAttachmentViewing -bool yes |
#!/usr/bin/env python | |
# unfairway.py | |
# expects the file from the app's Documents directory to be in the same path as the script | |
# transfer the profile_1.json.a and .md5 files back to the device and re-run the app | |
import hashlib | |
import json | |