"%" means not tested by me personally.
| #!/usr/bin/python3 | |
| # | |
| # Simple Bloom filter implementation in Python 3 | |
| # Copyright 2017 Hector Martin "marcan" <[email protected]> | |
| # Licensed under the terms of the MIT license | |
| # | |
| # Written to be used with the Have I been pwned? password list: | |
| # https://haveibeenpwned.com/passwords | |
| # | |
| # Download the pre-computed filter here (968MB, k=11, false positive p=0.0005): |
| global call_64_from_64 | |
| global call_32_from_64 | |
| global call_32_from_32 | |
| section .text | |
| call_64_from_64: | |
| push rsi | |
| push rdi | |
| mov rax, 1 |
| #!/bin/bash | |
| set -e | |
| if [[ -z ${K8S_JVM_POD} ]]; then | |
| echo "K8S_JVM_POD not defined" | |
| exit 1 | |
| fi | |
| EXEC="kubectl exec ${K8S_JVM_POD}" | |
| CP="kubectl cp ${K8S_JVM_POD}" |
The badge of the Syscan 2015 conference included an ARM-based STM32F030R8 processor running some challenges. Although SWD pins are accessible on the badge, some have noted that the STM32 is readout-protected, meaning that it will refuse to dump its flash memory.
Fortunately, two researchers (Johannes Obermaier and Stefan Tatschner) recently published a paper at the WOOT '17 conference, in which they reveal a vulnerability allowing to bypass the readout protection. Their technique allows to dump the flash one DWORD at a time, rebooting the CPU between each access.
I implemented this attack using a BusPirate and the PySWD module. Here is a quick'n dirty PoC to