Cameron Lowell Palmer palmerc
palmerc
/ apollo.txt
Created
September 29, 2019 13:07
— forked from littlelailo/apollo.txt
Apple Bootrom Bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This bug was also called moonshine in the beginning | |
| Basically the following bug is present in all bootroms I have looked at: | |
| 1. When usb is started to get an image over dfu, dfu registers an interface to handle all the commands and allocates a buffer for input and output | |
| 2. if you send data to dfu the setup packet is handled by the main code which then calls out to the interface code | |
| 3. the interface code verifies that wLength is shorter than the input output buffer length and if that's the case it updates a pointer passed as an argument with a pointer to the input output buffer | |
| 4. it then returns wLength which is the length it wants to recieve into the buffer | |
| 5. the usb main code then updates a global var with the length and gets ready to recieve the data packages | |
| 6. if a data package is recieved it gets written to the input output buffer via the pointer which was passed as an argument and another global variable is used to keep track of how many bytes were recieved already | |
| 7. if all the data was recieved th |
palmerc
/ userpic.sh
Last active
March 19, 2024 13:02
— forked from acidprime/userpic.sh
Updating a user's picture from a script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| declare -x USERNAME="$1" | |
| declare -x USERPIC="$2" | |
| declare -r DSIMPORT_CMD="/usr/bin/dsimport" | |
| declare -r ID_CMD="/usr/bin/id" |