Skip to content

Instantly share code, notes, and snippets.

View dweinstein's full-sized avatar

David Weinstein dweinstein

704 followers · 1.2k following
View GitHub Profile
@yrp604
yrp604 / safe-stack-notes.md
Last active March 29, 2017 01:20
Safe Stack Notes

Note: I've only briefly read the related CPI paper (PDF), this is just initial impressions after playing around with it a bit.

All the code and binaries I used can be downloaded here. Note that I removed -DFORTIFY_SOURCE=2 to make the examples a bit simpler.

-fsanitize=safe-stack basically seems to move stack based buffers off the actual stack, onto another segment of memory (I'll call it the fake stack). The actual stack then stores references to this segment. For example:

char buf[20];
printf("%p\n", buf);
@dweinstein
dweinstein / LICENSE
Last active March 30, 2016 17:10
mega rename class based on source, etc.
The MIT License (MIT)
Copyright (c) 2015 David Weinstein
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
@dweinstein
dweinstein / note.md
Last active March 24, 2016 18:37
EHCI Extension Pack, USB, VirtualBox

so I learned two things with usb on virtualbox (OS X):

    1. it sucks, 2) it sucks less if you enable the extension pack for ehci:
  • w/ out ehci I could not install a 28 MB APK from within boot2docker. maybe if I was willing to wait long enough but AFAICT it would not complete.

± % docker run --privileged -v=/dev/bus/usb:/dev/bus/usb --rm -t -i -v pwd:/provision analysis /bin/bash

  • w/out EHCI
@ralphtheninja
ralphtheninja / JOBS.md
Last active April 28, 2021 00:38
Use JOBS=max to speed up native node modules

When npm installs native node modules it uses node-gyp to compile code. This is the seam node uses for targeting different operating systems, e.g. OS X, linux, Windows etc.

By default node-gyp compiles using one core and if you have more than one you probably want to utilize that power to speed up compile time. The way node-gyp handles this is by using the JOBS environment variable, which sets the jobs variable here. This piece of code then checks the value of jobs to determine how many cores to use.

Note that if the value of JOBS is max then all cores will be used. So lets try this on leveldown. First lets check that JOBS isn't set yet:

lms@ux301|01:34|~/src/leveldb-repos/leveldown (master) $ echo $JOBS
@rongarret
rongarret / gist:d8987c9cd57bd768e1de
Last active August 29, 2015 14:17
Safari FILE: scheme security hole
It appears that Safari does not enforce any kind of access
restrictions for XMLHTTPRequests on FILE: scheme URLs. As a
result, any HTML file on the local file system that is opened in
Safari can read any file that the user has access to (and, of
course, it can upload those files too). Here's a little
proof-of-concept. Copy and paste this into a local HTML file and
open it in Safari. It will display the contents of /etc/passwd.
<script src=https://code.jquery.com/jquery-2.1.3.min.js></script>
<script>
@deanlandolt
deanlandolt / gist:849eb63d28f7e7bb8c97
Created March 12, 2015 16:57
tuples/test
var test = require('tape');
var bytewise = require('bytewise');
var encode = bytewise.encode;
var MIN = bytewise.MIN;
var MAX = bytewise.MAX;
test('tuple queries', function (t) {
var yearly = tuples('reports', 'yearly');
// component keys of the tuple space query are available by index
@Fuzion24
Fuzion24 / Patching-CVE-2015-1474.md
Last active September 25, 2015 01:21
Patching CVE-2015-1474 -- Remotely exploitable graphics buffer overflow on my Nexus device (N5 5.0.1)

This is a brief guide on how I patched the CVE-2015-1474 for my Nexus 5 - 5.0.1. This involes downloading and building AOSP with the patch for the vuln applied. I have attached a pre-built patched version of libui.so for the Nexus5 5.0.1 in the case you are too lazy to build it yourself (and you trust me).

Building patched libui for your nexus device

repo init -u https://android.googlesource.com/platform/manifest -b android-5.0.1_r1
repo sync -j16

cd frameworks/native
# https://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091%5E%21/#F0
git cherry-pick 2bc5e811a817a8c667bca4318ae98582b0ee6dc6
@alexlafroscia
alexlafroscia / agnoster-custom.zsh-theme
Last active April 27, 2017 00:01
Custom Agnoster Theme
# vim:ft=zsh ts=2 sw=2 sts=2
#
# agnoster's Theme - https://gist.github.com/3712874
# A Powerline-inspired theme for ZSH
#
# # README
#
# In order for this theme to render correctly, you will need a
# [Powerline-patched font](https://github.com/Lokaltog/powerline-fonts).
#
@Fuzion24
Fuzion24 / AddJavascript.md
Created November 14, 2014 05:20

Android 5.0

I/chromium( 6890): [INFO:CONSOLE(37)] "AddJavascriptInterface: top[Android]: com.WebAppInterface@3847a08c - 
error: Access to java.lang.Object.getClass is blocked", source: http://[REDACTED].com/ (37)

For applications targeting Android >= 5.0, you can enumerate the methods available from inside javascript. "Enumeration of methods will be enabled for applications targeting API levels newer than KitKat (to preserve compatibility with older apps)."

@kacole2
kacole2 / CSS
Created November 3, 2014 13:42
Phonegap Cordova Geolocation with Google Maps Javascript API v3
* {
-webkit-tap-highlight-color: rgba(0,0,0,0); /* make transparent link selection, adjust last value opacity 0 to 1.0 */
}
html, body {
width: 100%;
height: 100%;
padding-top: 10%;
}