Skip to content

Instantly share code, notes, and snippets.

Avatar

Lance R. Vick lrvick

View GitHub Profile
@lrvick
lrvick / github-troll.md
Last active Oct 30, 2020
Trolling Github's DMCA repo with their own security flaws.
View github-troll.md
View diff.txt
--- iso1
+++ iso2
├── isoinfo -l -i {} -R
│ @@ -1,11 +1,11 @@
│ Directory listing of /
│ dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 29 02] .
│ -dr-xr-xr-x 2 0 0 2048 Oct 16 2020 [ 29 02] ..
│ +dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 29 02] ..
│ dr-xr-xr-x 3 0 0 2048 Oct 16 2020 [ 30 02] boot
View gist:83782b75801c6de6d48bac856c7888ae
--- rc11-a/airgap_x86_64.iso
+++ rc11-b/airgap_x86_64.iso
├── isoinfo -l -i {} -R
│ @@ -1,11 +1,11 @@
│ Directory listing of /
│ dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 29 02] .
│ -dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 29 02] ..
│ +dr-xr-xr-x 2 0 0 2048 Oct 14 2020 [ 29 02] ..
│ dr-xr-xr-x 3 0 0 2048 Oct 14 2020 [ 30 02] boot
@lrvick
lrvick / qubes_tldr.md
Last active Jun 1, 2020
QubesOS TL;DR Setup
View qubes_tldr.md

QubesOS TL;DR Setup

Requirements

  1. UI enforcing GnuPG HSM with sig subkey installed
    • Examples: Yubikey, Ledger, Trezor
  2. Public key matching device in step #1 on flash drive
  3. TOTP/HTOP capable Personal HSM
    • Examples: Nitrokey, Librem Key
  4. PC with TPM verified coreboot-heads firmware installed
@lrvick
lrvick / aws-set-creds.sh
Last active Apr 13, 2020
Decrypt and format downloaded+gpg encrypted amazon credentials file to ramfile and export to current shell.
View aws-set-creds.sh
#!/bin/bash
set -e
# Usage: source <(aws-set-creds aws-access-keys.example.asc)
in_file=${1?}
out_file=$(mktemp -p /dev/shm/)
creds=$(gpg -d ${in_file} 2>&1)
aws_access_key_id=$(printf "$creds" | tail -n1 | cut -d ',' -f1)
aws_secret_access_key=$(printf "$creds" | tail -n1 | cut -d ',' -f2 | sed -e 's/\r//g' )
@lrvick
lrvick / .mflogall
Created Mar 10, 2020
#! wall of shame - episode 1 - shananalla88
View .mflogall
This file has been truncated, but you can view the full file.
## email: jasdmnsad82737hjnjzx@pay-mon.com
mf-74 :: Aladdin.2019.AQ.mkv :: 168.29 mb :: auykcyd3huoaq3b
mf-74 :: Anno.1790.S01E01.SUBBED.720p.HDTV.x264-CBFM.AQ.mkv :: 52.98 mb :: dlv83cw06yifsta
mf-74 :: Anno.1790.S01E02.SUBBED.720p.HDTV.x264-CBFM[eztv].AQ.mkv :: 48.70 mb :: tlu06gwwgmymos5
mf-74 :: Anno.1790.S01E03.SUBBED.720p.HDTV.x264-CBFM[eztv].AQ.mkv :: 46.85 mb :: 3p41dgxmavif0oi
mf-74 :: Anno.1790.S01E04.SUBBED.720p.HDTV.x264-CBFM[eztv].AQ.mkv :: 41.78 mb :: dkt9z3jadtbz6y4
mf-74 :: Anno.1790.S01E05.SUBBED.1080p.HDTV.H264-CBFM.AQ.mkv :: 45.29 mb :: 9oto04zylyzoz5c
mf-74 :: Anno.1790.S01E06.SUBBED.720p.HDTV.x264-CBFM[eztv].AQ.mkv :: 53.83 mb :: vz63781z99k3kgh
mf-74 :: Anno.1790.S01E07.SUBBED.720p.HDTV.x264-CBFM[eztv].AQ.mkv :: 52.20 mb :: epv31b3lm931hw8
View apv-coral-proprietary-blobs.txt
product/app/QtiTelephonyService/QtiTelephonyService.apk
product/app/datastatusnotification/datastatusnotification.apk
product/app/uceShimService/uceShimService.apk
product/etc/permissions/com.qualcomm.qcrilmsgtunnel.xml
product/etc/permissions/com.qualcomm.qti.imscmservice-V2.0-java.xml
product/etc/permissions/com.qualcomm.qti.imscmservice-V2.1-java.xml
product/etc/permissions/com.qualcomm.qti.imscmservice-V2.2-java.xml
product/etc/permissions/embms.xml
product/etc/permissions/qcrilhook.xml
product/etc/permissions/telephonyservice.xml
@lrvick
lrvick / find_duplicate_blobs.sh
Created Mar 2, 2020
Find blobs in the factory android vendor partition that duplicate blobs in AOSP by examining build errors.
View find_duplicate_blobs.sh
device="coral"
set -x
while true; do
duplicate=$( \
make DEVICE=${device} build \
| grep -A1 'FAILED:' \
| grep 'error:' \
| awk -F"', previously defined" '{print $1}' \
| awk -F"out/target/product/${device}/" '{print $2}' \
@lrvick
lrvick / FIRMWARE
Created Nov 17, 2019
xlitespro firmware dir
View FIRMWARE
├── R9MLite-ACCESS
│   └── v1.1.2
│   ├── R9M_Lite_FCC.frk
│   ├── R9M_Lite_FLEX.frk
│   └── R9M_Lite_LBT.frk
├── XliteSPro
│   ├── 190605
│   │   ├── firmware_xlites-pro-s_190605.bin
│   │   ├── PMU
│   │   │   └── PMU.frsk
@lrvick
lrvick / production_engineering.md
Created Nov 13, 2019
Production engineering recommendations
View production_engineering.md

Production Engineering

Overview

The goal of this document is to outline strict processes those that have access to PRODUCTION systems MUST follow.

It is intended to mitigate most classes of known threats while still allowing for high productivity via compartmentalization.

You can’t perform that action at this time.