Initial configuration. "Current image" pointer is an abstraction for the image currently used by qemu to run a given domain.
Current image
|
v
+-----------------+
| disk.qcow2 |
Davide Guerri dguerri
dguerri
/ upwned247.php
Created
December 9, 2023 12:35
— forked from Wack0/upwned247.php
UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision/others IoT webcams : remote code exec: reverse shell PoC. (works only in qemu usermode)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Updated version, 2016-12-02: fixed shellcode so it *actually* works on QEMU | |
| usermode emulation (seems I pushed an old version), and removed debug output. | |
| ------------------------- | |
| NB: THIS PoC ONLY WORKS IN QEMU USERMODE EMULATION! | |
| If anyone wants to fix this, go ahead (no pun intended). | |
| However, I don't have a vulnerable product and am unwilling to acquire one. |
dguerri
/ gist:90a4ffbad1a23122a3f23797372f98f6
Created
July 5, 2021 19:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Read current external display brightness | |
| data[0] = 0x82; | |
| data[1] = 0x01; | |
| data[2] = BRIGHTNESS; | |
| err = IOAVServiceWriteI2C(avService, 0x37, 0x00, data, 3); | |
| if (err) { | |
| NSLog(@"Something went wrong: %s", mach_error_string(err)); | |
| return 1; | |
| } |
dguerri
/ ddc-test.m
Last active
July 2, 2021 09:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /****************************************************************************************************** | |
| DISCLAIMER: I am not responsible of any damage caused by running this script, use it at your own risk! | |
| *******************************************************************************************************/ | |
| @import Darwin; | |
| @import Foundation; | |
| @import IOKit; | |
| // clang -fmodules -o ddc-test ddc-test.m && ./ddc-test 50 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // clang -Wall -fmodules -framework Foundation i2c-rw.m -o ./i2c-rw && sudo ./i2c-rw | |
| @import Darwin; | |
| @import Foundation; | |
| @import IOKit; | |
| typedef CFTypeRef IOAVServiceRef; | |
| extern IOAVServiceRef IOAVServiceCreate(CFAllocatorRef allocator); | |
| extern IOReturn IOAVServiceReadI2C(IOAVServiceRef service, uint32_t chipAddress, | |
| uint32_t offset, void *outputBuffer, |
dguerri
/ qnap-clientenc-decrypt.sh
Last active
September 25, 2023 09:01
Quick shell script to decrypt client-side encrypted file using QNAP HBS *Sync* jobs. Only work with version 2 files - Doesn't work with QNAP HBS Backup jobs!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -ue | |
| [ "$#" -lt 2 ] && { echo "Syntax: $0 <filename> <key>"; exit 1; } | |
| filename="$1" | |
| key="$2" | |
| # Compose the key by repeating the user input until we have 32 characters (64 hex digits) |
dguerri
/ copy_dependencies.sh
Last active
May 2, 2016 18:06
Copy applications and their dependencies (e.g. for chroot envs)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Copy applications and their dependencies (e.g. for chroot envs) | |
| # | |
| # | |
| # Copyright Davide Guerri <davide.guerri@gmail.com> | |
| # | |
| # Licensed to the Apache Software Foundation (ASF) under one | |
| # or more contributor license agreements. See the NOTICE file | |
| # distributed with this work for additional information |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # (c) 2013, Cove Schneider | |
| # (c) 2014, Joshua Conner <joshua.conner@gmail.com> | |
| # (c) 2014, Pavel Antonov <antonov@adwz.ru> | |
| # (c) 2015, Davide Guerri <davide.guerri@gmail.com> | |
| # | |
| # This file is part of Ansible, | |
| # | |
| # Ansible is free software: you can redistribute it and/or modify |
dguerri
/ keybase.md
Created
December 4, 2014 21:56
I hereby claim:
- I am dguerri on github.
- I am dguerri (https://keybase.io/dguerri) on keybase.
- I have a public key whose fingerprint is 7F4E A5B5 E85D 6EBA 9818 80DC 82F4 194D 4E56 C921
To claim this, I am signing this object:
dguerri
/ gist:6668397
Created
September 23, 2013 09:43
Simple LibVirt//KVM backup with memory dump.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # VirSH Simple Backup (davide.guerri@gmail.com) | |
| # | |
| # Version 1.0.1 - 20130301 (1362127750) | |
| # | |
| VIRSH="/usr/bin/virsh" | |
| QEMU_IMG="/usr/bin/qemu-img" | |
| backup_dir="/backups" |
NewerOlder