Skip to content

Instantly share code, notes, and snippets.

View mariotaku's full-sized avatar
📺
Hacking my TV now

Mariotaku mariotaku

📺
Hacking my TV now
2.2k followers · 38 following
View GitHub Profile
@throwaway96
throwaway96 / wta.md
Last active July 2, 2024 01:07
LG WTA backdoor/vulnerability guide

WTA backdoor/vulnerability

Overview

There is a vulnerability/backdoor in webOS 5+ that allows you to easily run arbitrary commands as root during the boot process. The easiest way to exploit it simply involves putting a file on a USB drive and having it connected to your TV while it boots. There are two other methods that are more complex and require additional exploits.

@throwaway96
throwaway96 / crashd.md
Last active July 2, 2024 13:09
crashd instructions

News

New exploit for webOS 3.5+: DejaVuln (2024-04-21)

See dejavuln-autoroot for a simpler exploit that works on webOS 3.5+ TVs (i.e., models from 2017 and later). It is unpatched as of 2024-04-21 and does not require Developer Mode or even a network connection—just a USB drive.

Otherwise:

  • If you have a webOS 5–8 TV with old enough firmware, WTA (which does not require Dev Mode) will still work.
  • If you have a webOS 4.x TV, you can also try CVE-2023-6319, which is unpatched on the latest (final?) firmware for webOS 4.0 (2018) models.
  • While there will eventually be fully software-based exploits released for older models, they can currently be rooted via NVM.
@throwaway96
throwaway96 / notes.md
Last active July 2, 2024 13:12
Enabling debug and getting root on LG webOS by modifying NVM

Warnings

What you do with this information is your own responsibility. If you brick your TV trying this, it's not my fault. You should probably have some electronics experience if you want to attempt this.

This is going to involve opening your TV and attaching wires to the pins of an integrated circuit. If you're not comfortable with that, this is not for you.

This document is a work in progress.

debugstatus

LG TVs since at least the era of NetCast and "Global Platform" (webOS predecessors) have had the notion of a debug level, generally called "debugstatus". There are three modes: DEBUG, EVENT, and RELEASE. TVs normally operate in RELEASE mode. DEBUG mode enables a variety of logging and other debugging features in webOS, including access to the bootloader console and debug menus via serial. EVENT is similar to DEBUG, although it may not enable as much logging and has other relatively minor differences.

@Informatic
Informatic / README.md
Last active June 26, 2024 02:56
openlgtv webOS hacking notes

This is just a dump of some interesting undocumented features of webOS (3.8 specifically, on early 2018 4k LG TV) and other development-related tips.

Homebrew app ideas

@avoidik
avoidik / README.md
Last active June 29, 2024 02:04
Migrate Raspberry Pi from SD to USB

Raspberry Pi from SD to USB

How to switch over from SD-card to USB-attached device (USB thumbstick, USB enclosed SSD or HDD, etc.) to have more durable storage option.

Steps

  1. Connect USB device to your RPI

  2. Make sure USB device visible by the system

@DhavalKapil
DhavalKapil / ELF-symbol-resolution.md
Created April 25, 2018 03:30

ELF

ELF Header

The first portion of any ELF file is the ELF header. This generally provides offsets to other headers (program headers and section headers) within an ELF.

typedef struct {
  unsigned char e_ident[EI_NIDENT];
 uint16_t e_type;
@plantvsbirds
plantvsbirds / findTwitterIdsOnTwitterPage.js
Last active January 8, 2020 10:28
/*------------------------get Twitter Ids on page ---------------------
| Find twitter IDs of people on page(intended for blocking multiple
users) bookmarklet inspired by @mariotaku 's wtb
| Author: Hong Lin <plantvsbird@gmail.com>
License: MIT
| See comments below for usage thx.
@ikew0ng
ikew0ng / ViewPagerUtils.java
Created October 1, 2013 14:20
获取ViewPager特定位置的Fragment
import android.support.v4.app.Fragment;
import android.support.v4.app.FragmentManager;
import android.support.v4.app.FragmentStatePagerAdapter;
import android.support.v4.view.ViewPager;
/**
* Created by Chaojun Wang on 5/6/14.
*/
public class ViewPagerUtils {
private ViewPagerUtils() {}
@aras-p
aras-p / preprocessor_fun.h
Last active June 21, 2024 12:20
Things to commit just before leaving your job
// Just before switching jobs:
// Add one of these.
// Preferably into the same commit where you do a large merge.
//
// This started as a tweet with a joke of "C++ pro-tip: #define private public",
// and then it quickly escalated into more and more evil suggestions.
// I've tried to capture interesting suggestions here.
//
// Contributors: @r2d2rigo, @joeldevahl, @msinilo, @_Humus_,
// @YuriyODonnell, @rygorous, @cmuratori, @mike_acton, @grumpygiant,
@uhfx
uhfx / gist:3922268
Last active July 22, 2023 15:01
Twitter公式/非公式クライアントのコンシューマキー

Twitter公式クライアントのコンシューマキー

Twitter for iPhone

Consumer key: IQKbtAYlXLripLGPWd0HUA
Consumer secret: GgDYlkSvaPxGxC4X8liwpUoqKwwr3lCADbz8A7ADU

Twitter for Android

Consumer key: 3nVuSoBZnx6U4vzUxf5w
Consumer secret: Bcs59EFbbsdF6Sl9Ng71smgStWEGwXXKSjYvPVt7qys

Twitter for iPad

Consumer key: CjulERsDeqhhjSme66ECg