Skip to content

Instantly share code, notes, and snippets.

Mostly on these days...

David Weinstein dweinstein

Mostly on these days...
View GitHub Profile
dweinstein / xctesting_in_repl_or_script.swift
Last active Sep 6, 2018 — forked from lzell/xctesting_in_repl_or_script.swift
Using XCTest in the swift repl or standalone script
View xctesting_in_repl_or_script.swift
// Start repl with:
// $ xcrun swift -F xcrun swift -F /Applications/
// Or run as script:
// $ xcrun swift -F xcrun swift -F /Applications/ %
import Foundation
if dlopen("/Applications/", RTLD_NOW) == nil {


  • Pairing an iOS device to a host (computer running iTunes) gives that host significant access to data on the iOS device and requires connecting the unlocked iOS device to a host over USB
  • Once paired, that host (or another host that has stolen its pairing record) can access significant amounts of user personal data from the iOS device over USB and Wi-Fi through the and lockdown services
  • These services will not return user data files that are encrypted and locked by iOS Data Protection but the files returned by file_relay are not protected by iOS Data Protection and do include significant amounts of personal user data that would otherwise be encrypted in iTunes encrypted backups ("Encrypt Backup" is enabled)
  • The service is not used or referenced by any public Apple software so its intended client software is unknown outside of Apple
  • Apple released a [Knowledge Base article](
View sepsplit.c
* SEP firmware split tool
* Copyright (c) 2017 xerub
#include <fcntl.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
dweinstein / glibc-ghost-cve-2015-0236.c
Last active Feb 17, 2016 — forked from koelling/gist:ef9b2b9d0be6d6dbab63
glibc GHOST PoC for CVE-2015-0235
View glibc-ghost-cve-2015-0236.c
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#define CANARY "in_the_coal_mine"
struct {
char buffer[1024];
dweinstein /
Created Feb 1, 2016 — forked from ursachec/
libevent build script for iOS
set -u
# Setup architectures, library name and other vars + cleanup from previous runs
ARCHS=("armv7" "armv7s" "i386")
SDKS=("iphoneos" "iphoneos" "macosx")
dweinstein /
Created Jan 28, 2016 — forked from f1sherman/
Port Forwarding Example in OS X El Capitan

Add the following to /etc/pf.anchors/myname:

rdr pass on lo0 inet proto tcp from any to any port 80 -> port 4000
rdr pass on lo0 inet proto tcp from any to any port 443 -> port 4001

Add the following to /etc/pf-myname.conf:

rdr-anchor "forwarding"
load anchor "forwarding" from "/etc/pf.anchors/myname"
View .slate
# -------------------------------------------------------------------
# See
config defaultToCurrentScreen true
config secondsBeforeRepeat 0.4
config secondsBetweenRepeat 0.1
config keyboardLayout "qwerty"
config nudgePercentOf screenSize
config resizePercentOf screenSize
View agnoster-custom.zsh-theme
# vim:ft=zsh ts=2 sw=2 sts=2
# agnoster's Theme -
# A Powerline-inspired theme for ZSH
# In order for this theme to render correctly, you will need a
# [Powerline-patched font](
dweinstein /
Last active Aug 29, 2015 — forked from heapwolf/
general heuristics for ranking package quality node npm


Has CI

Tests pass

Total number of breaking commits

Number of dependencies

Average age of issue

Frequency of issues fixed

Average response time of issues fixed to bugs filed

Last commit

View AndroidManifestFuzzer
#Basic set up for an Application AndroidManifest Fuzzer
#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
#this file reproduces the bug mentioned here
#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
#NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue
You can’t perform that action at this time.