Skip to content

Instantly share code, notes, and snippets.

View richinseattle's full-sized avatar

richinseattle

View GitHub Profile
@richinseattle
richinseattle / strawberry.txt
Created November 21, 2024 05:47
Getting Claude to teach us how to prompt it when it fails simple questions
user: how many letters are in the word strawberry?
assistant: The word "strawberry" has 10 letters: s-t-r-a-w-b-e-r-r-y
user: how many of those are the letter r?
assistant: In the word "strawberry" there are 2 letters "r"
user: why did you say there are only two?
@richinseattle
richinseattle / bsky_did_logger.sh
Created November 18, 2024 09:41
Cache all Bluesky DID -> Handle mappings
while true; do timeout 5 websocat "wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=app.bsky.feed.post" | grep '"handle"' > /tmp/jetstream.log 2>/dev/null | grep -v Terminated ; head -n -1 /tmp/jetstream.log | jq '.identity | .did, .handle | values' | tr -d '"' | paste -d " " - - | while read did handle; do echo -e "$did -> $handle"; redis-cli SET $handle $did > /dev/null ; redis-cli SET $did $handle > /dev/null; done ; done

Patching the IDA Pro 9.0 BETA

Note

Obligatory disclaimer: this is for educational purposes only. I am not responsible for any damages caused by following this guide, or using any of the script(s) herein.

This guide prioritizes arm64 macOS, but may also work for other platforms.


Step 1 - Patching dylibs

@richinseattle
richinseattle / cups-browsed.md
Created September 27, 2024 00:34 — forked from stong/cups-browsed.md
CUPS disclosure leaked online. Not my report. The original author is @evilsocket

Original report

  • Affected Vendor: OpenPrinting
  • Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
  • Affected Version: All versions <= 2.0.1 (latest release) and master.
  • Significant ICS/OT impact? no
  • Reporter: Simone Margaritelli [evilsocket@gmail.com]
  • Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:
@richinseattle
richinseattle / gist:815106f878a64adde45fcf4183e4cc8c
Created July 22, 2024 06:40 — forked from shinyquagsire23/gist:ab6f7c0f9b6514b6b54d69b9a57646be
Enabling USB device mode on Intel devices (Tweet archive)
https://twitter.com/ShinyQuagsire/status/1536432635643211777 12:37 PM · Jun 13, 2022
-----
I figured out how to enable USB device mode on my XPS 13 (9350) 🎉
Though for some ungodly reason, it uses the right-side full USB port. So a crossover cable is required.
-----
https://twitter.com/ShinyQuagsire/status/1536434057671716864 12:43 PM · Jun 13, 2022
-----
@richinseattle
richinseattle / llama-3-70B-qlora.yaml
Created June 1, 2024 11:13 — forked from mtisz/llama-3-70B-qlora.yaml
Axolotl Config for Llama-3-70B QLoRA
base_model: meta-llama/Meta-Llama-3-70B
model_type: LlamaForCausalLM
tokenizer_type: AutoTokenizer
load_in_8bit: false
load_in_4bit: true
strict: false
datasets:
- path: /home/migel/ai_datasets/tess-v1.5b-chatml.jsonl
rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
rem https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/set-mppreference
rem To also disable Windows Defender Security Center include this
rem reg add "HKLM\System\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "4" /f
rem 1 - Disable Real-time protection
reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
@richinseattle
richinseattle / hint_calls.py
Created May 18, 2024 03:47 — forked from Dump-GUY/hint_calls.py
Modified version of Willi Ballenthin IDA Plugin hint_calls.py ported to support Python2/3 and IDA>=7.4 (tested IDA 7.7, 8.4)
'''
IDA plugin to display the calls and strings referenced by a function as hints.
Installation: put this file in your %IDADIR%/plugins/ directory.
Author: Willi Ballenthin <william.ballenthin@fireeye.com>
Licence: Apache 2.0
'''
import idc
import idaapi
import idautils
@richinseattle
richinseattle / weggli.bat
Created March 30, 2024 12:14
Run all raptor's weggli rules on current directory from cmd.exe
REM buffer overflows
REM call to unbounded copy functions (CWE-120, CWE-242, CWE-676)
weggli.exe -R "func=^gets$" "{$func();}" .
weggli.exe -R "func=st(r|p)(cpy|cat)$" "{$func();}" .
weggli.exe -R "func=wc(s|p)(cpy|cat)$" "{$func();}" .
weggli.exe -R "func=sprintf$" "{$func();}" .
weggli.exe -R "func=scanf$" "{$func();}" .
@richinseattle
richinseattle / static_scan.md
Last active November 30, 2023 23:04
Static analysis queries for semgrep, weggli, and others