Skip to content

Instantly share code, notes, and snippets.

View olivierlemoal's full-sized avatar

Olivier Le Moal olivierlemoal

View GitHub Profile
View usb-diag.patch
diff --git a/rootdir/etc/init.qcom.usb.rc b/rootdir/etc/init.qcom.usb.rc
index bb37a28..ccb5514 100644
--- a/rootdir/etc/init.qcom.usb.rc
+++ b/rootdir/etc/init.qcom.usb.rc
@@ -75,6 +75,7 @@ on boot
mkdir /config/usb_gadget/g1/functions/audio_source.gs3
mkdir /config/usb_gadget/g1/functions/midi.gs5
mkdir /config/usb_gadget/g1/functions/ffs.adb
+ mkdir /config/usb_gadget/g1/functions/diag.diag
mkdir /config/usb_gadget/g1/functions/gsi.rmnet
View pinning.js
// start with:
// frida -U -l pinning.js -f [APP_ID] --no-pause
Java.perform(function () {
console.log('* Injecting hooks into common certificate pinning methods *')
var X509TrustManager = Java.use('');

display-switch install and config

yay -S display-switch-git
  • doc :
  • Note that the preferred way is to have this app installed on both computers. Switching "away" is problematic: if the other computer has put the monitors to sleep, they will switch immediately back to the original input.
View gist:93a57b978054649eed8bd5b3bd56532c
adb shell
$ su
$ setprop sys.usb.config diag,adb
# Setup scat
$ python -t qc -u -a 001:042 -i 0
import hashlib
from multiprocessing import Pool, cpu_count
from binascii import unhexlify
# Retrieves DATALOCK values with AT^NVRDEX=50502,0,128
# Worst case scenario takes 44s on i7-7700K
def test_code(params):
text1, text2, min_code, max_code = params
for i in range(min_code, max_code):
olivierlemoal / cross_debug.txt
Last active March 17, 2020 16:14
Cross debugging ARM
View cross_debug.txt
pacman -S qemu-arch-extra
yay -S gdb-multiarch
get ARM libs from and extract usr/ :
tar -xvpf glibc-2.30-3-armv7h.pkg.tar.xz usr
$ qemu-arm -L usr -g 12345 ./a.out &
$ gdb-multiarch ./a.out
(gdb) set arch arm
The target architecture is assumed to be mips
olivierlemoal / gist:363786f98abd5cbce539fc045fd8e369
Last active March 17, 2020 12:10
buildroot ARM QEMU image
View gist:363786f98abd5cbce539fc045fd8e369
git clone
cd buildroot
git checkout 2020.02
make qemu_arm_versatile_defconfig
make menuconfig # add packages (dropbear ...)
File sharing
View qemu
sudo qemu-system-x86_64 -drive file=amf_apl-gw,if=virtio,cache=off -m 1024 -enable-kvm -cpu host -vga virtio -device virtio-net,netdev=network0 -netdev tap,id=network0,ifname=tap0,script=no,downscript=no -runas $(whoami)
run as sudo to let qemu create tap devices, but use -runas user to drop privileges
Mutiple cores :
-smp cores=n
Telnet monitor
-monitor telnet:,server,nowait;
olivierlemoal /
Last active November 1, 2022 05:19
Security tools

Reverse / Debugging

  • Instrumentation
    • LIEF - Library to Instrument Executable Formats
    • Frida - Dynamic instrumentation toolkit
  • Binary analysis
    • Kaitai - A new way to develop parsers for binary structures.
    • binwalk - Firmware Analysis Tool
    • UEFItools - Working with UEFI firmware images
  • 010 Editor - Professional Text/Hex Editor with Binary Templates
olivierlemoal /
Last active July 15, 2022 10:38
HOWTO setup Transparent proxy