Gezine

# Note
# I am using Raspberry pi 4 to send CEC commands
# /dev/cec1 is pi's second HDMI port
# '4' is PS5 address that TV assigned, change if you need

# Turn on PS5 (You need to enable "Power off Link" at PS5 HDMI settings to turn on from rest mode)
cec-ctl -d /dev/cec1 --to 4 --user-control-pressed ui-cmd=power-on-function

# Turn on PS5 from rest mode (When you didn't enable "Power off Link" at PS5 HDMI settings)
cec-ctl -d /dev/cec1 --to 4 --user-control-pressed ui-cmd=power-toggle-function

xv0nfers

#!/usr/bin/env python3
import sys
import json
import requests
import feedparser
import re

BUG_ID = sys.argv[1] if len(sys.argv) > 1 else None
if not BUG_ID or not BUG_ID.isdigit():
    print("Usage: python3 chrome-bug-commit-tracker.py <bug_id>")

Kristal-g

Syscall Provider

Background

SyscallProvider is a feature available from Windows 11 22H2, that allows for inline hooking of syscalls.
This unfinished research was done on Windows 11 22H2. The feature is fully undocumented at the moment and it looks like it's locked to Microsoft-signed drivers.
All of the information here was gathered by manual reverse engineering of securekernel.exe, skci.dll and ntoskrnl.exe.
The kernel exports three functions to work with the new feature: PsRegisterSyscallProvider, PsQuerySyscallProviderInformation, PsUnregisterSyscallProvider.
This writeup will explore how this feature is initialized, how it works internally, and how to interact with it and use it.

mattiasgustavsson

// color1 and color2 are R4G4B4 12bit RGB color values, alpha is 0-255
uint16_t blend_12bit( uint16_t color1, uint16_t color2, uint8_t alpha ) {
	uint64_t c1 = (uint64_t) color1;
	uint64_t c2 = (uint64_t) color2;
	uint64_t a = (uint64_t)( alpha >> 4 );
	// bit magic to alpha blend R G B with single mul
	c1 = ( c1 | ( c1 << 12 ) ) & 0x0f0f0f;
	c2 = ( c2 | ( c2 << 12 ) ) & 0x0f0f0f;
	uint32_t o = ( ( ( ( c2 - c1 ) * a ) >> 4 ) + c1 ) & 0x0f0f0f;

wh1te4ever

//
//  ViewController.m
//  JBDetectTest
//
//  Created by seo on 3/27/25.
//

#import "ViewController.h"
#import <dlfcn.h>

justtryingthingsout

S3_3_c4_c5_0 at min EL0: DSPSR
S3_3_c4_c5_1 at min EL0: DLR
S3_6_c4_c0_0 at min EL3: SPSR_EL3
S3_6_c4_c0_1 at min EL3: ELR_EL3
S3_1_c0_c0_0 at min EL1: CCSIDR_EL1
S3_6_c1_c0_0 at min EL3: SCTLR_EL3
S3_6_c1_c0_1 at min EL3: ACTLR_EL3
S3_6_c1_c1_2 at min EL3: CPTR_EL3
S3_6_c1_c1_0 at min EL3: SCR_EL3
S3_6_c1_c3_1 at min EL3: MDCR_EL3

sroettger

IERAE CTF 2024 - Intel CET Bypass Challenge

IERAE CTF had one of the coolest pwn challenges I've done in the while. It was written by hugeh0ge.

Here's the full source:

// gcc chal.c -fno-stack-protector -static -o chal
#include <stdio.h>
#include 

theevilbit

#!/bin/bash

# Run the lsregister command and store the output in a variable
output=$(/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister -dump)

# Use awk to parse the relevant sections
echo "$output" | awk '
    # When "CFBundleDisplayName" is found, store the app name
    /CFBundleDisplayName/ {
        app_name = substr($0, index($0, "=") + 2)

LuisEGR

# Download and install Git for Windows if not already installed
if (-not (Test-Path "C:\Program Files\Git\bin\git.exe")) {
    Write-Host "Git for Windows not found. Downloading installer..."
    Invoke-WebRequest -Uri "https://github.com/git-for-windows/git/releases/download/v2.31.1.windows.1/Git-2.31.1-64-bit.exe" -OutFile "git-installer.exe"
    Write-Host "Installing Git for Windows..."
    Start-Process -FilePath ".\git-installer.exe" -ArgumentList "/VERYSILENT" -Wait
    Remove-Item ".\git-installer.exe"
}

# Create a temporary directory for downloads

mistymntncop

#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <windows.h>

#include "nt_crap.h"

#define ArrayCount(arr) (sizeof(arr)/sizeof(arr[0]))
#define assert(expr) if(!(expr)) { *(char*)0 = 0; }