| #!/usr/bin/env python3 | |
| import os, sys | |
| import argparse | |
| import struct | |
| from functools import reduce | |
| """ | |
| QNAP QTS firmware encryptor/decryptor. | |
| Based on https://pastebin.com/KHbX85nG |
The following Lua program generates a Lua bytecode program called lua-sandbox-rce.luac, which in turn spawns a shell from within Lua 5.1 sandbox. The remainder of this document attempts to explain how this program works by a whirlwind tour of relevent bits of the Lua 5.1 virtual machine.
function outer()
local magic -- In bytecode, the stack slot corresponding to this local is changed
local function middle()
local co, upval
local ub1 = {[0] = -- Convert uint8_t to char[1]
| from z3 import * | |
| from binascii import unhexlify, hexlify | |
| from itertools import chain | |
| """ | |
| Up for an excercise huh? | |
| https://www.reddit.com/r/crypto/comments/y7c3m/key_recovery_on_aes_ctr_with_static_iv/ | |
| > The trivial version of this attack can be done when you that ciphertext_0 is the encryption of known plaintext plaintext_0. Then, to decrypt ciphertext_n you take ciphertext_n xor ciphertext_0 which equals plaintext_n xor plaintext_0. Since you know plaintext_0 already, you can compute (plaintext_n xor plaintext_0) xor plaintext_0 which cancels out the plaintext_0s leaving you with plaintext_n. |
| {-# LANGUAGE DeriveFunctor, DeriveFoldable, DeriveTraversable #-} | |
| {-# LANGUAGE ScopedTypeVariables #-} | |
| import Control.Applicative | |
| import Data.Foldable | |
| import Data.Traversable | |
| import Data.IORef | |
| data BinTree a = Leaf a | Node (BinTree a) (BinTree a) | |
| deriving (Functor, Foldable, Traversable, Show) |
| {-# LANGUAGE ViewPatterns, LambdaCase, FlexibleContexts #-} | |
| module Main where | |
| import Control.Applicative | |
| import System.Environment | |
| import System.Exit | |
| import System.IO | |
| import System.Process | |
| import Data.List (nub, sort) |
| #!/usr/bin/env runghc | |
| {-# LANGUAGE DeriveFunctor, DeriveFoldable #-} | |
| {-# LANGUAGE ViewPatterns, LambdaCase #-} | |
| {-# LANGUAGE Rank2Types #-} | |
| module Main where | |
| import Data.List (sort, elemIndices) | |
| import qualified Data.Tree |
| #!/bin/sh | |
| pkgname=$(dpkg-parsechangelog | sed -n 's/^Source: //p') | |
| git blame -ltf debian/changelog \ | |
| | awk '/^[0-9a-f]+ .+ (\([^)]*\)) '$pkgname'/{gsub("[()]", "", $8); print $8, $1}' \ | |
| | head -n 50 | xargs -l1 git tag -f |
| Heimdall v1.4.1 | |
| Copyright (c) 2010-2014 Benjamin Dobell, Glass Echidna | |
| http://www.glassechidna.com.au/ | |
| This software is provided free of charge. Copying and redistribution is | |
| encouraged. | |
| If you appreciate this software and you would like to support future | |
| development please consider donating: |
I use a cordless mouse, and it's powered by a pair of alkaline LR6 batteries (the ubiquitous 1.5 V ones). It's been frustrating to have to replace them every few months once they drain, often in a middle of an activity (such as gaming online). Even though I try to recycle the used batteries, having to go out for fresh ones is an inconvenience.
So, instead of obtaining a stock of alkalines, I [bought][dx 14500] a few rechargable LiPo batteries in the 14500 form factor, and a lithium-polymer charger. The nice thing about this form-factor is that it matches AA: mechanically, you can insert 14500 in whatever AA holder your device has got. The bad thing is that the voltage is different. Single LiPo cell has 3.1–4.2 range (with 3.7 V nominal), while alkalines produce 1.0–1.5. A pair of alkalines, however, is usually required for the common 3.3 V digital logic; so, with trivial modifications to the holder, I was able to go like this:
