Skip to content

Instantly share code, notes, and snippets.

View kylemanna's full-sized avatar

Kyle Manna kylemanna

View GitHub Profile
@smx-smx
smx-smx / XZ Backdoor Analysis
Last active June 2, 2024 07:22
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@q3k
q3k / hashes.txt
Last active May 16, 2024 16:49
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'
@osy
osy / tpm-rant.md
Last active June 3, 2024 01:13
TPM provides zero practical security

TPM provides zero practical security

TPM (Trusted Platform Module) is as useful for preventing real attackers as the TSA is at preventing real terrorists. The architecture is fundamentally flawed and most existing implementations are completely broken. I thought this argument was settled decades ago[1] when "trusted computing" was introduced mostly as a way to provide DRM and ownership capabilities to organizations. It has largely failed to impact the consumer market when it was introduced back in the early 2000s. However, recently there seems to be a movement by certain parties to reintroduce this failed product back to the market. Microsoft argues that in order to use Windows 11, you need TPM 2.0 compatible hardware because[2]:

The Trusted Platform Module(TPM) requirement ena

@7enderhead
7enderhead / 6x4.py
Created April 1, 2023 18:45
Create BIOS Master Password for Fujitsu Laptops (6x4 Digit Version) - Python 3 Compatible
#!/usr/bin/python
# Copyright 2009: dogbert <dogber1@gmail.com>
# Copyright 2023: 7enderhead (https://github.com/7enderhead/)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
@zengxinhui
zengxinhui / convert2arch_x64.sh
Last active May 13, 2024 08:18
Replace Oracle Cloud Linux with Arch Linux remotely
[09/23/2023]
Refs:
1. http://mirror.cs.pitt.edu/archlinux/iso/2023.09.01/archlinux-bootstrap-2023.09.01-x86_64.tar.gz
2. https://dl-cdn.alpinelinux.org/alpine/v3.18/releases/x86_64/alpine-virt-3.18.0-x86_64.iso
3. https://wiki.alpinelinux.org/wiki/Replacing_non-Alpine_Linux_with_Alpine_remotely
4. https://wiki.archlinux.org/index.php/installation_guide#Configure_the_system
See also:
1. Convert to Debian https://gist.github.com/zengxinhui/ee0ad6b7c7f99e2ead6cd0d2bd6641fd

Python Flatbuffer Object -> JSON

Crude proof of concept, criticism welcome.

Usage

$ flatc --python monster.fbs
$ python3 ./python-flatbuffer-to-json.py
FIXME: Equipped is a table

{"color": 0, "equipped": null, "hp": 300, "inventory": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9], "mana": 150, "name": "Orc", "path": [], "pos": {"x": 1.0, "y": 2.0, "z": 3.0}, "weapons": [{"damage": 3, "name": "Sword"}, {"damage": 5, "name": "Axe"}]}

#!/usr/bin/env bash
#export GIT_TRACE=1
#export GIT_CURL_VERBOSE=1
set -ex
lfs_explode() {
cd "$i"
while true; do
def jobName = "job/staging"
def maxNumber = 400
// delete all builds before maxNumber
Jenkins.instance.getItemByFullName(jobName).builds.findAll { it.number <= maxNumber }.each {
it.delete()
}
@Francesco149
Francesco149 / docker-cross-device-link.md
Last active October 27, 2023 08:51
docker error creating new backup file '/var/lib/dpkg/status-old': Invalid cross-device link
# $Id$
# Maintainer: Tom Gundersen <teg@jklm.no>
# Contributor: Travis Willard <travis@archlinux.org>
pkgname=nss-mdns
pkgver=0.14.1
pkgrel=1
pkgdesc="glibc plugin providing host name resolution via mDNS"
arch=('x86_64')
url="http://0pointer.de/lennart/projects/nss-mdns/"