Skip to content

Instantly share code, notes, and snippets.

@anestisb
anestisb / gist:eb897bbbe49ff69ee1ab
Created November 6, 2014 14:33
AOSP android-5.0.0_r2..master Commit Diff
This file has been truncated, but you can view the full file.
anestisb@deephole:[aosp]: cat logMadness.sh
#!/opt/local/bin/bash
repo forall -c '
REPO_URL=$(git ls-remote --get-url)
echo "\nRepo: $REPO_PROJECT ($REPO_URL)"
if git rev-parse android-5.0.0_r2 >/dev/null 2>&1
then
git log --oneline --no-merges android-5.0.0_r2..master
else
@anestisb
anestisb / gist:afb85fd90276acc786ab
Last active August 29, 2015 14:26
honggfuzz Android linux PTRACE arch port
--{ Changelog
* libunwind
** A fresh upstream copy is forked and statically cross-compiled using Android NDK
** Helper compile script handles all build env setup & config flags settings
** Small patches are applied for ARM64 & x86 builds dues to Android compatibility issues
** Is used to both generate stack trace and extract function names from fuzzing targets
** Line number (as used in the main Linux libbfd stream) is now replaced with offset from
func symbol
** Improved error handling in arch_unwindStack()
@anestisb
anestisb / grok_reindex.sh
Last active June 25, 2019 14:56
OpenGrok conf
#!/bin/bash
readonly HTML_OUT="/var/lib/tomcat8/webapps/ROOT/index.html"
readonly DATA_ROOT="/var/opengrok"
readonly GROK_ROOT="/opt/opengrok/opengrok-1.2.6"
declare -ar IGNORE_PATTERNS=(
"-i *.3gp"
"-i *.a"
"-i *.app"
"-i *.bc"
@anestisb
anestisb / system-img-repair.sh
Last active January 31, 2016 14:57
De-optimize Nexus factory images
#!/usr/bin/env bash
#
# For latest Android Nexus devices (N5x, N6p, N9, etc.), Google is no longer
# providing vendor tar archives to included into AOSP build trees. Oficially
# it is claimed that all vendor proprietary blobs have been moved to /vendor
# partition. Unfortunately that is not true since a few vendor executables, DSOs
# and APKs/JARs are present under /system although missing from AOSP public tree.
#
# As such custom AOSP builds require to first extract such blobs from /system of
# factory images and manually include them in vendor directory of AOSP tree.
@anestisb
anestisb / DexGuardDecoder.java
Created February 9, 2016 09:23 — forked from AKosterin/DexGuardDecoder.java
New Dexguard String decoder for JEB 1.5. Tested on GFE 3.1.3. This release auto parse decoder function.
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.*;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;
import java.util.Arrays;
import java.util.HashMap;

This is an overview of the usefulness of PaX/grsecurity features for CopperheadOS especially when taking into account the overlap of the access control features with SELinux and that the Nexus line will be entirely 64-bit ARM. Note that it's missing most of the unnamed features without configuration options tied to them. A grsecurity kernel also comes with lots of security bug fixes backported from master, adapted from lkml submissions that were ignored, etc.

Previously, CopperheadOS used ports of PaX to the 3.4 Android kernels used by the Nexus 5 and Galaxy S4. The plan was to start from there, backporting from the PaX stable patches as needed along with reimplementing the relevant pieces of grsecurity without actually applying an old patch and backporting to it.

This is no longer the case for the published releases now that devices have moved to 64-bit ARM (which is not supported by PaX / grsecurity yet) and both the PaX and grsecurity stable patches have become private. There are still PaX ports for test

@anestisb
anestisb / Simp.py
Created August 24, 2016 11:05 — forked from xerub/Simp.py
AArch64 mov simplifier IDA plugin
# AArch64 mov simplifier IDA plugin
#
# Copyright (c) 2015 xerub
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,

Keybase proof

I hereby claim:

  • I am anestisb on github.
  • I am anestisb (https://keybase.io/anestisb) on keybase.
  • I have a public key whose fingerprint is B144 C357 6031 F568 21C6 614C AAFF 72FE 2F4B B5DB

To claim this, I am signing this object:

--{ ./system/system/app/BasicDreams/BasicDreams.apk
Signer #1 certificate DN: CN=Android, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US
Signer #1 certificate SHA-256 digest: c566bebb895d29ebac0667d01dbe2bae5a4aa48947a8a1de8cdf208071a78387
Signer #1 certificate SHA-1 digest: 0d5987e059aa81028dcfa77c66030b669d8ed341
Signer #1 certificate MD5 digest: 2fbc68366c72b5d09065d44a1b44f40b
--{ ./system/system/app/Bluetooth/Bluetooth.apk
Signer #1 certificate DN: CN=Android, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US
Signer #1 certificate SHA-256 digest: 3ec1c473761c98da4933abd33d6d79f9cd88a954e300a389c93503cc47b4f75e
Signer #1 certificate SHA-1 digest: b841566dc2b469f31114bb271714b5dca644fd80
diff -ru vendor/build.prop /fast-datavault/aosp_prod/out_release_Linux_8.0.0_r3/aosp_prod/target/product/sailfish/vendor/build.prop
--- vendor/build.prop 2009-01-01 10:00:00.000000000 +0200
+++ /fast-datavault/aosp_prod/out_release_Linux_8.0.0_r3/aosp_prod/target/product/sailfish/vendor/build.prop 2017-09-13 10:44:54.183680870 +0300
@@ -1,7 +1,7 @@
-ro.vendor.build.date=Thu Aug 17 20:24:24 UTC 2017
-ro.vendor.build.date.utc=1503001464
-ro.vendor.build.fingerprint=google/sailfish/sailfish:8.0.0/OPR6.170623.012/4283428:user/release-keys
+ro.vendor.build.date=Wed Sep 13 10:44:19 EEST 2017
+ro.vendor.build.date.utc=1505288659