Skip to content

Instantly share code, notes, and snippets.

🦑

Gareth Jones symm

Block or report user

Report or block symm

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@symm
symm / Syscan2015Badge.md
Created Jan 10, 2019 — forked from egirault/Syscan2015Badge.md
Dumping the flash memory of the Syscan 2015 badge
View Syscan2015Badge.md

Dumping the flash of the Syscan 2015 badge

The badge of the Syscan 2015 conference included an ARM-based STM32F030R8 processor running some challenges. Although SWD pins are accessible on the badge, some have noted that the STM32 is readout-protected, meaning that it will refuse to dump its flash memory.

Fortunately, two researchers (Johannes Obermaier and Stefan Tatschner) recently published a paper at the WOOT '17 conference, in which they reveal a vulnerability allowing to bypass the readout protection. Their technique allows to dump the flash one DWORD at a time, rebooting the CPU between each access.

I implemented this attack using a BusPirate and the PySWD module. Here is a quick'n dirty PoC to

@symm
symm / connect.php
Created Feb 8, 2018 — forked from sators/connect.php
PHP MySQLi Amazon Aurora RDS EC2 IAM Role Based Authentication
View connect.php
<?php
/********* CONFIG ********/
$clusterEndpoint = "";
$clusterPort = 3306;
$clusterRegion = "us-east-1";
$dbUsername = "";
$dbDatabase = "";
/*************************/
@symm
symm / chat-frontend.js
Created Dec 18, 2017 — forked from martinsik/chat-frontend.js
Node.js chat frontend and server
View chat-frontend.js
$(function () {
"use strict";
// for better performance - to avoid searching in DOM
var content = $('#content');
var input = $('#input');
var status = $('#status');
// my color assigned by the server
var myColor = false;
@symm
symm / make-mega-adblock-hostsfile.sh
Created Oct 25, 2017 — forked from OnlyInAmerica/make-mega-adblock-hostsfile.sh
Create Mega Adblock Hostsfile for use with Dnsmasq (Modified from Pi-hole)
View make-mega-adblock-hostsfile.sh
#!/bin/bash
# Modified Pi-hole script to generate a generic hosts file
# for use with dnsmasq's addn-hosts configuration
# original : https://github.com/jacobsalmela/pi-hole/blob/master/gravity-adv.sh
# The Pi-hole now blocks over 120,000 ad domains
# Address to send ads to (the RPi)
piholeIP="192.168.1.1"
outlist='./final_blocklist.txt'
@symm
symm / unix
Last active Jul 3, 2016 — forked from xero/unix
curl -L git.io.unix
View unix
,_ ,_==▄▂
, ▂▃▄▄▅▅▅▂▅¾. / /
▄▆<´ "»▓▓▓%\ / / / /
,▅7" ´>▓▓▓% / / > / >/%
▐¶▓ ,»▓▓¾´ /> %/%// / /
▓▃▅▅
View Slim-Raspbian.sh
#!/bin/bash
# GUI-related packages
pkgs="
xserver-xorg-video-fbdev
xserver-xorg xinit
gstreamer1.0-x gstreamer1.0-omx gstreamer1.0-plugins-base
gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-alsa
gstreamer1.0-libav
epiphany-browser
View transplant.py
#!/usr/bin/env python
from deluge._libtorrent import lt
from deluge.core.torrentmanager import TorrentManagerState
from shutil import copy, _samefile
import cPickle
import os
class Transplant(object):
def __init__(self, config_dir="", torrent_ids=None, torrents=None):
self.state_dir = ""
View config.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- Set some basic project information and targets -->
<project name="My Symfony2 Project" default="build">
<target name="build"
depends="prepare, vendors, dbupdate, fixtures, lint, phploc, phpmd, phpcpd, phpcs, phpunit"/>
<target name="build-parallel"
depends="prepare, vendors, dbupdate, fixtures, lint, tools-parallel, phpcpd, phpunit"/>
You can’t perform that action at this time.