Skip to content

Instantly share code, notes, and snippets.

View felixgr's full-sized avatar

Felix Gröbert felixgr

87 followers · 0 following
View GitHub Profile
@felixgr
felixgr / dissect_dns.sh
Created January 15, 2018 14:23
Dissect DNS packet using tshark Raw
~ $ curl -s 'https://dns.google.com/resolve?name=google.com&type=1&encoding=raw' | \
od -Ax -tx1 -v | text2pcap -q -u53,53 - /dev/stdout | tshark -nr /dev/stdin -V -O dns
Frame 1: 86 bytes on wire (688 bits), 86 bytes captured (688 bits)
Ethernet II, Src: 0a:01:01:01:01:01 (0a:01:01:01:01:01), Dst: 0a:02:02:02:02:02 (0a:02:02:02:02:02)
Internet Protocol Version 4, Src: 10.1.1.1 (10.1.1.1), Dst: 10.2.2.2 (10.2.2.2)
User Datagram Protocol, Src Port: 53 (53), Dst Port: 53 (53)
Domain Name System (response)
Transaction ID: 0x0000
Flags: 0x8180 Standard query response, No error
1... .... .... .... = Response: Message is a response
@felixgr
felixgr / hidnative.c
Created May 27, 2017 07:37
Remove Caps Delay MBP15 Touchbar Late 2016
// Build:
// clang hidnative.c -o hidnative -framework IOKit -framework CoreFoundation
//
// Run:
// sudo ./hidnative
#include <IOKit/hid/IOHIDManager.h>
#include <IOKit/hid/IOHIDKeys.h>
#include <IOKit/IOKitLib.h>
#include <CoreFoundation/CoreFoundation.h>
@felixgr
felixgr / dissect_tls.sh
Created October 2, 2016 14:11
Dissect Raw TLS data with tshark / Wireshark
#!/bin/sh
od -Ax -tx1 -v /tmp/data | text2pcap -q -T443,443 - /tmp/out.pcap
tshark -nr /tmp/out.pcap -V -O ssl | grep "Secure Sockets Layer" -A10000
@felixgr
felixgr / no-ligatures.css
Last active June 20, 2016 13:05
Disable ligatures in Menlo for Powerline in Chrome Secure Shell
x-screen {
font-feature-settings:"liga" 0;
}
@felixgr
felixgr / repro.c
Last active August 29, 2015 14:22
Capstone Fuzzing Harness
#include <stdio.h>
#include <stdlib.h>
#include <inttypes.h>
#include <capstone.h>
struct platform {
cs_arch arch;
cs_mode mode;
char *comment;
};