Skip to content

Instantly share code, notes, and snippets.

@dmaynor
dmaynor / gist:5fd9ca1f1ff58ff2fc6e3fa8ed33d532
Created August 29, 2024 02:01
The evolution of Google GameNGEN style tech
To extrapolate the potential progress in video game technology, particularly in relation to the capabilities of models that can run something like 20fps Doom on a single TPU today, we can consider a few key factors: hardware advancements, software optimizations, and the general trend in video game technology.
### 1-Year Projection:
- **Hardware**: Incremental improvements in hardware, such as newer generations of TPUs or GPUs with better efficiency and processing power, might lead to roughly a 2x increase in performance.
- **Software**: With ongoing software optimizations, models could be better at handling resource allocation, potentially achieving smoother gameplay and higher frame rates for more complex games, possibly reaching 40-50fps for similar complexity games.
- **Games**: Models could start handling more advanced games from the mid-1990s, like *Quake* or *Duke Nukem 3D*, at reasonable frame rates, pushing towards early 3D gaming experiences.
### 2-Year Projection:
- **Hardware**: With the introduc
@dmaynor
dmaynor / gist:1b74d410881532abaecb567d65a0af09
Last active August 27, 2024 21:06
CVE-2024-38063 IPV6 frag vuln PoC msf module
Howto
Copy the below class to modules/auxillary/dos/ipv6
Then
msfconsole
use auxiliary/dos/ipv6/cve_2024_38063_packetfu
set TARGET_IPV6 <target_ipv6_address>
set NUM_PACKETS 1000
run
#!/bin/bash
# Check if a file or directory is passed as an argument
if [ -z "$1" ]; then
echo "Usage: $0 <file-or-directory-path>"
exit 1
fi
# Get the path of the file or directory
TARGET_PATH="$1"
@dmaynor
dmaynor / gist:f1973ae244b5c2ed83d3b8e19f798f97
Created August 16, 2024 23:55
Mifare crypto backdoor flipper app
Creating a Flipper Zero app to test for this attack involves writing a script that can interact with the RFID module on the Flipper Zero to perform the necessary steps. The Flipper Zero uses a scripting language called **.fap** (Flipper App) format, typically written in C or a high-level scripting language, but it also supports custom Python-like scripting with `flipperzero-tui`.
Here's a basic outline for creating an app that can check for the presence of the backdoor key on a MIFARE Classic card. Note that this is a simplified version and assumes some familiarity with Flipper Zero's development environment.
### **Step 1: Set Up the Development Environment**
1. **Install Flipper Zero SDK:**
- Follow the official [Flipper Zero documentation](https://github.com/flipperdevices/flipperzero-firmware) to set up the SDK and development environment.
2. **Clone the Flipper Zero Firmware:**
Here is a simple Chrome extension that detects searches starting with "how do I stop a toddler from" and replaces the search query with "LMAO GOOD LUCK" in 96 point Helvetica.
First, you'll need to create three files: `manifest.json`, `background.js`, and `content.js`.
### `manifest.json`
```json
{
"manifest_version": 3,
"name": "Toddler Search Modifier",
"version": "1.0",
#David Maynor [email protected] X: @dave_maynor
#created on July 23rd, 2024 with ollama 0.2.8 and llama 3.1 405b on runpod.io with the a
#pod consisting of:
#8 x RTX 4090
#128 vCPU 502 GB RAM
#500gb HD
#Below is a full run in an attempt to replicate an exisiting working prompt on llama 3 to create a c2 framework in python 3
#suitable for use in red team testing. At the time of testing this cost roughly $20 in hosting fees. What is not shown is
# how slow the model ran (expected) and that each query took between 11-21 minutes to complete.
#
@dmaynor
dmaynor / gist:02ff05fa9a347efba514b6798a7060d4
Last active June 4, 2024 15:42
Quick powershell DFIR script
param(
[Parameter(Mandatory=$false)]
[string]$SuspiciousPath,
[string]$UserName,
[switch]$Help
)
function Show-Help {
Write-Host "Usage: .\script.ps1 [-SuspiciousPath] <path> [-UserName <username>] [-Help]"
Write-Host "Investigate a suspicious file."
# Test for Windows
## Python
1. What does the `__init__` method do in a Python class?
a. Initializes a new class instance
b. Deletes an existing class instance
c. Inherits a class
d. Executes a class method
The conference agenda provides additional context that can influence the ranking of talks based on their placement and
scheduling. Here’s a revised ranking considering the agenda:
1. **Solar Designer: Keynote - Password Cracking: Past, Present, Future**
- Positioned as the keynote, this sets the stage for the conference and draws significant attention.
2. **David Berard and Vincent Dehors: 0-Click RCE on the Tesla Infotainment Through Cellular Network**
- Scheduled towards the end of Day 2, this talk stands out as a high-impact, practical demonstration of automotive vulnerabilities.
3. **Ian Beer: Blasting Past WebP**
@dmaynor
dmaynor / gist:a07d2df9079d5db0d5953d021afbe6e0
Created May 9, 2024 06:06
LLM thoughts ontbemostto least interesting offesivecon talks.
Here's a ranked list of the OffensiveCon 2024 talks based on the brief abstracts, from most to least interesting:
1. **Solar Designer: Keynote**
- Keynote speeches often set the tone and provide strategic insights into the field, making them highly anticipated and broadly relevant.
2. **David Berard and Vincent Dehors: 0-Click RCE on the Tesla Infotainment Through Cellular Network**
- The combination of automotive security and cellular network vulnerabilities is both timely and impactful, highlighting critical real-world implications.
3. **Ian Beer: Blasting Past WebP**
- Zero-click exploits are particularly intriguing due to their stealthy nature and high impact, making this a standout topic.