cbluth

#!/bin/bash
#
# Yury V. Zaytsev <yury@shurup.com> (C) 2011
#
# This work is herewith placed in public domain.
#
# Use this script to cleanly restart the default libvirt network after its
# definition have been changed (e.g. added new static MAC+IP mappings) in order
# for the changes to take effect. Restarting the network alone, however, causes
# the guests to lose connectivity with the host until their network interfaces

cbluth

apt-get clean autoclean
apt-get autoremove --yes
rm -rf /var/lib/{apt,dpkg,cache,log}/

cbluth

Create SSH tunnels using systemd units

Table of contents

• Overview
• Setup the SSH agent systemd unit
• Setup the SSH-tunnel systemd unit
• Create tunnels using systemd services
• Examples
• Create a tunnel to a web server on a machine that's only accessible by SSH

cbluth

import sys, os, struct, zlib
from Crypto.Cipher import AES

def u32(x):
    return (x & 0xFFFFFFFF)

KEY_MATERIAL = 'e413645fa69cafe34a76192843e48cbd691d1f9fba87e8a23d40e02ce13b0d534d10301576f31bc70b763a60cf07149cfca50e2a6b3955b98f26ca84a5844a8aeca7318f8d7dba406af4e45c4806fa4d7b736d51cceaaf0e96f657bb3a8af9b175d51b9bddc1ed475677260f33c41ddbc1ee30b46c4df1b24a25cf7cb6019794'

class sead_rand:
    '''Implements Splatoon 2's mersenne random generator.'''

cbluth

# -*- coding: utf-8 -*-
#
# Hash/CMAC.py - Implements the CMAC algorithm
#
# ===================================================================
# The contents of this file are dedicated to the public domain.  To
# the extent that dedication to the public domain is not available,
# everyone is granted a worldwide, perpetual, royalty-free,
# non-exclusive license to exercise all rights associated with the
# contents of this file for any purpose whatsoever.

cbluth

from Crypto.Cipher import AES
from Crypto.Util import Counter
import struct

"""
typedef struct boot_dat_hdr
{
	unsigned char ident[0x10];
	unsigned char sha2_s2[0x20];
	unsigned int s2_dst;

cbluth

This guide assumes you have previous experience with hactool and messing with your NAND. You aren't supposed to blindly copy commands in this, so read before pasting!

Also, the Python sections require Python 2.7 and pycrypto.

Obtaining Your SD Seed

1. Open sd:/Nintendo/contents/private in a hex editor.
2. Copy the hex representation of it and put it somewhere for later.
3. Mount your NAND's SYSTEM partition.
4. Open /save/8000000000000043 in a hex editor.

cbluth

d-i debian-installer/locale string en_US
d-i keymap select de
d-i keyboard-configuration/xkb-keymap select de
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string de
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string debianhost
d-i netcfg/get_domain string mydomain
d-i netcfg/wireless_wep string

cbluth

# for ISAKMP (handling of security associations)
iptables -A INPUT -p udp --dport 500 --j ACCEPT
# for NAT-T (handling of IPsec between natted devices)
iptables -A INPUT -p udp --dport 4500 --j ACCEPT
# for ESP payload (the encrypted data packets)
iptables -A INPUT -p esp -j ACCEPT
# for the routing of packets on the server
iptables -t nat -A POSTROUTING -j SNAT --to-source %IP% -o eth0
# internet access
iptables -t nat -A POSTROUTING -s 10.0.42.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT

cbluth

strongSwan setup for Road Warriors on macOS 10.12, iOS 10 and Windows 10

This setup is for remote users to connect into an office/home LAN using a VPN (ipsec). This is based on (but not the same as) the strongSwan documentation and this guide: https://raymii.org/s/tutorials/IPSEC_vpn_with_Ubuntu_16.04.html

I used strongSwan 5.5.1.

apt-get install -y strongswan strongswan-pki