stek29

from PIL import Image
import struct

# https://msdn.microsoft.com/en-us/library/windows/desktop/dd390989(v=vs.85).aspx
red_mask = 0xF800;
green_mask = 0x7E0;
blue_mask = 0x1F;

def rgb565pixunpack(pixel):
    r = (pixel & red_mask) >> 11;

stek29

// based on ian beer's code
// just use https://github.com/bazad/x18-leak , it's way cleaner

// by stek29
// see bazad's writeup: http://bazad.github.io/2018/04/kernel-pointer-crash-log-ios

#if 0
From https://gist.github.com/stek29/e68e9eae382b975093252d6117b6b501

Finding Lel0_synchronous_vector_64_long:

stek29

This Gist provides examples of providing global IPv6 addresses inside OpenVPN tunnel.

If you have /48 subnet which is most likely routed prefix, see https://community.openvpn.net/openvpn/wiki/IPv6 If you have /64 subnet which is most likely link prefix, see openvpn-link64-v6-over-v4.md file If you have some other configuration (i.e. just /124 -- digitalocean, i'm looking at you), or just want to use weirdest config ever, see openvpn-nat6.md (which is yet to be created)

All configurations I've tested work great on Windows, Linux, iOS and Android. For macOS, either use Viscosity (paid), or see Tunnelblick/Tunnelblick#452 for Tunnelblick.

stek29

from Crypto.Hash import SHA
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA
from base64 import urlsafe_b64encode
from requests import get


def get_version_signature(version, private_key):
    signed_data = b'TelegramBeta_%x'%int(version)

stek29

openconnect vpn server

stek29 May 21 2018

Installing ocserv

Older version (0.10.11) is avaliable in ubuntu repos and it seems to work fine,
but I've built 0.12.1 from sources. This is not neccessary, but might be useful.
Describing building from source is out of scope of these instructions.

stek29

set scnds to (time of (current date))
set timeOfDay to item ((scnds div 21600 as integer) + 1) of {"night", "morning", "afternoon", "evening"}
set userName to (item 1 of (words of (long user name of (system info))))
say "Good " & timeOfDay & ", " & userName & "." using "Alex" speaking rate 170 modulation 70 pitch 39

stek29

// File:
// click.m
//
// stek29 2015
//
// Compile with:
// cc -o click click.m -framework ApplicationServices -framework Foundation
//
// Usage:
// ./click x_cord y_cord

stek29

/*
 * Copyright 2017 Adam H. Leventhal. All Rights Reserved.
 */

#include <unistd.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>

stek29

// a bit more annotated stage2 (from fakeobj/addrof to rw)
// source: https://github.com/phoenhex/files/blob/master/exploits/ios-11.3.1/pwn_i8.js

// useful resources:
// webkit sources, lol
// http://phrack.org/papers/attacking_javascript_engines.html -- bit outdated -- info about spectre mitigations/gigacage is missing
// https://labs.mwrinfosecurity.com/blog/some-brief-notes-on-webkit-heap-hardening/ -- tldr on gigacage

// thx _niklasb

stek29

# Copyright (c) 2013,2015, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#     * Redistributions of source code must retain the above copyright
#       notice, this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above
#       copyright notice, this list of conditions and the following
#       disclaimer in the documentation and/or other materials provided