hkraw

<html>
 <head>
  <script>
   ( async() => {

     let gc = function() {
      for(let i = 0; i < 100; i++) {
       new ArrayBuffer(0x10000000);
      }
     }

hkraw

//"use script";

const color_red = "";
const color_green = "";
const color_yellow = "";
const color_blue = "";
const color_mag = "";
const color_cyan = "";
const color_default = "";

hkraw

class Helpers {

 constructor() {
  this.cvt_buf = new ArrayBuffer(8);
  this.cvt_f64a = new Float64Array(this.cvt_buf);
  this.cvt_u64a = new BigUint64Array(this.cvt_buf);
  this.cvt_u32a = new Uint32Array(this.cvt_buf);
 }

 ftoi(f) {

LukeZGD

Downgrade and dualboot status of almost all iOS devices

UPDATED: 2025-04-04

• Reddit mirror: https://www.reddit.com/r/iOSDowngrade/comments/j1x7iv/downgrade_and_dualboot_status_of_almost_all_ios/
• GitHub Gist mirror: https://gist.github.com/LukeZGD/9d781f1b03a69fa46869384a9407a41a
• As of updating this post, there is now a free downgrade tool that utilizes a SEP exploit released for A9-A10X devices, turdus merula: https://sep.lol/
  • Untethered with blobs guide: https://ios.cfw.guide/turdusmerula/
  • Tethered guide: https://ios.cfw.guide/turdusmerula-tethered/
• Save SHSH blobs for signed iOS versions using TSS Saver or blobsaver

pwn0rz

#include <IOKit/IOKitLib.h>
#include <mach/mach.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <ctype.h>

void hexdump(void *ptr, int buflen) {
  unsigned char *buf = (unsigned char*)ptr;
  int i, j;

0xsha

# CVE-2020-10148  (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? )
# @0xSha 
# (C) 2020 0xSha.io 

# Advisory : https://www.solarwinds.com/securityadvisory
# Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip
# Details : https://kb.cert.org/vuls/id/843464

# C:\inetpub\SolarWinds\bin\OrionWeb.DLL
# According to SolarWinds.Orion.Web.HttpModules

lordidiot

"""
To use the extension, place the file somewhere and add
`source /path/to/extension`
in your ~/.gdbinit file

Use just as you would with `dereference` (https://gef.readthedocs.io/en/master/commands/dereference/)
but s/deref/veref/g

Many missing features because I quickly whipped this up to solve a challenge.
1) Doesn't check for v8 version (Older versions don't use compressed pointers)

tdec

Vulnerabilities published by Bluetooth SIG, Android, Apple, Intel and Qualcomm security bulletins, published at security conferences or as master thesis. If any are missing, thanks for pointing me to them !
Todo: macOS

Year | Name | CVE

2020 | Blurtooth: Exploiting Cross-Transport Key Derivation         | 2020-15802
2020 | Pairing Method Confusion                                     | 2020-10134
2020 | BIAS: Bluetooth Impersonation Attacks                        | 2020-10135
2020 | BlueRepli                                                    | ?
2020 | BLESA: Bluetooth Low energy spoofing attacks                 | 2020-9770

bb33bb

Calling alert from WebAssembly (WASM)

This very simple and minimal tutorial documents in a few easy steps how to play with WebAssembly (WASM) and get first results within minutes.

While the code below is mostly useless, it will show, how to call the alert function from within a WASM file and thus demonstrate how to import and export DOM objects.

Of course, this exercise has no real use. It is just meant to show, that getting started with WASM isn't hard. And there is no need for a complex build-chain, tons of tools or a dedicated VMs. Just use a browser, one online tool and that's it.

And Now?

itzurabhi

Install the dependecies

sudo apt install qemu-system-arm qemu-system-mips qemu-efi-aarch64 qemu-kvm qemu-efi cloud-image-utils

Prepare the EFI partition

dd if=/dev/zero of=flash0.img bs=1M count=64
dd if=/usr/share/qemu-efi/QEMU_EFI.fd of=flash0.img conv=notrunc