Skip to content

Instantly share code, notes, and snippets.

😎
Focusing

Sabri pwnsdx

😎
Focusing
Block or report user

Report or block pwnsdx

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@pwnsdx
pwnsdx / disable.sh
Last active Sep 15, 2019
Disable bunch of #$!@ in Sierra (Version 2.1)
View disable.sh
#!/bin/bash
# IMPORTANT: You will need to disable SIP aka Rootless in order to fully execute this script, you can reenable it after.
# WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars.
# Get active services: launchctl list | grep -v "\-\t0"
# Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents
# Agents to disable
TODISABLE=('com.apple.security.keychainsyncingoveridsproxy' 'com.apple.personad' 'com.apple.passd' 'com.apple.screensharing.MessagesAgent' 'com.apple.CommCenter-osx' 'com.apple.Maps.mapspushd' 'com.apple.Maps.pushdaemon' 'com.apple.photoanalysisd' 'com.apple.telephonyutilities.callservicesd' 'com.apple.AirPlayUIAgent' 'com.apple.AirPortBaseStationAgent' 'com.apple.CalendarAgent' 'com.apple.DictationIM' 'com.apple.iCloudUserNotifications' 'com.apple.familycircled' 'com.apple.familycontrols.useragent' 'com.apple.familynotificationd' 'com.apple.gamed' 'com.apple.icloud.findmydeviced.findmydevi
@pwnsdx
pwnsdx / nosleep.sh
Last active Sep 14, 2019
Completely disable sleep on any Mac
View nosleep.sh
# Useful to prevent Macbooks to go to sleep when closing the lid instead of running tools that requires a Kernel Extension (e.g. InsomniaX) and more
# Before doing anything, save your current configuration using
pmset -g
# To disable sleep
sudo pmset -a sleep 0; sudo pmset -a hibernatemode 0; sudo pmset -a disablesleep 1;
# And to go back to normal
sudo pmset -a sleep 1; sudo pmset -a hibernatemode [original hibernatemode value]; sudo pmset -a disablesleep 0;
@pwnsdx
pwnsdx / uninstall_vmware.sh
Last active Sep 13, 2019 — forked from boneskull/uninstall_vmware.sh
Completely uninstall VMWare on macOS
View uninstall_vmware.sh
#!/usr/bin/env bash
# Usage: bash uninstall_vmware.bash
remove() {
entry="$1"
echo -ne "Removing $entry ["
sudo rm -rf "$entry"
if [[ ! -e "$entry" ]]; then
echo -ne "OK"
@pwnsdx
pwnsdx / 62078.md
Last active Sep 4, 2019
How to finally disable this ******* Wi-Fi Sync port (62078) on iOS (testers wanted)
View 62078.md

Hi there,

Why should I disable this port?

Apple enable this port by default if you want Wi-Fi Sync. The problem is, I (and probably you) never used this so this port should not be open. Enabling this port by default is a security risk as there is always an undocumented service (lockdownd) listening on this port.

This is an non-exhaustive list of what you are exposing to if you don't close this port:

  • If an attacker get the pairing keys of your iDevice, he can dump the whole content of your device transparently as soon as he is on the same network as you (at Home, Work, in a Café, in a Fast Food etc) or if he have access to your cellular network (yes, the port is open on all interfaces including cellular) e.g. if the NSA have access to AT&T network or if DGSE have access to Orange network (which is true: http://www.france24.com/fr/20140320-dgse-renseignement-espionage-nsa-donnees-operateur-orange-snowden/ ) or even if your neighbor have set up a IMSI-Catcher.
  • It make the iOS device easily identifiab
View safari-reaper.html
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
background: repeat url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/7QCIUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAGscAVoAAxslRxwCAAACAAAcAnQAV8KpIENoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbGQgLSBodHRwOi8vd3d3LnJlZGJ1YmJsZS5jb20vcGVvcGxlL0NoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAA
View firefox-reaper.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Firefox DoS ❄️</title>
</head>
<body>
</body>
<script>
@pwnsdx
pwnsdx / org.nsa.pf.rules
Last active Aug 30, 2019
OS X Firewall Packet Filter (pfctl): Killswitch + Protection
View org.nsa.pf.rules
# Put this file in /etc/pf.anchors/
# Options
set block-policy drop
set fingerprints "/etc/pf.os"
set ruleset-optimization basic
set skip on lo0
# Interfaces
inet_define = "en0"
View iremember.js
// How to:
// 1) Login into https://icloud.com
// 2) Open the developer tools and execute this code in the console
// See more @ https://medium.com/bugbountywriteup/how-apple-stored-all-your-email-metadata-for-years-on-their-servers-2a61b1a3232d
const _API_URL='https://p18-mailws.icloud.com/wm/recents';
const _requestContacts = () => {
console.warn('Requesting your contacts...');
return fetch(_API_URL, {
method: 'POST',
headers: {
@pwnsdx
pwnsdx / gist:d127873e24cef159d4d603accaf37ee4
Last active Aug 13, 2019 — forked from tonymtz/gist:714e73ccb79e21c4fc9c
Uninstall XQuartz.app from OSX Yosemite/El Capitan/Sierra
View gist:d127873e24cef159d4d603accaf37ee4
launchctl unload /Library/LaunchAgents/org.macosforge.xquartz.startx.plist && \
sudo launchctl unload /Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist && \
sudo rm -rf /opt/X11* /Library/Launch*/org.macosforge.xquartz.* /Applications/Utilities/XQuartz.app /etc/*paths.d/*XQuartz && \
sudo pkgutil --forget org.macosforge.xquartz.pkg && \
rm -rf ~/.serverauth* && rm -rf ~/.Xauthorit* && rm -rf ~/.cache && rm -rf ~/.rnd && \
rm -rf ~/Library/Caches/org.macosforge.xquartz.X11 && rm -rf ~/Library/Logs/X11
@pwnsdx
pwnsdx / Tutorial.md
Last active Jul 31, 2019
How to secure correctly your OpenVPN connection
View Tutorial.md

Hi there,

How to secure correctly your OpenVPN connection you said?

Yes! This little code snippet will improve drasticaly the strength of your OpenVPN connection while keeping very good performances. You just have to add the code available below at the end of you configuration file.

Important precisions

  • It may not work everywhere. @Korben (Twitter) got a problem because his server does not support ECDHE, if you can't use this configuration then try to change ECDHE by DHE in the tls-cipher parameters. It should works but it will consume more battery if you are on a mobile/laptop because it will not use Elliptic curves to exchange the key.
  • You should check if your processor have AES-NI instructions. If yes then the key exchange should be protected from SPA (Simple Power Analysis) and DPA (Differencial Power Analysis) attacks + AES will be a lot faster.
You can’t perform that action at this time.