Skip to content

Instantly share code, notes, and snippets.

View fox8091's full-sized avatar

Bailey Fox fox8091

32 followers · 30 following
View GitHub Profile
@TuxSH
TuxSH / k11_latest_n3ds.cpp
Last active March 15, 2025 03:24
Complete 3DS kernel decompilation (11.14-latest N3DS Kernel11, with labels for all symbols, and comments)
This file has been truncated, but you can view the full file.
/* This file was generated by the Hex-Rays decompiler.
Copyright (c) 2007-2020 Hex-Rays <[email protected]>
Detected compiler: GNU C++
*/
#include <defs.h>
//-------------------------------------------------------------------------
@DavidBuchanan314
DavidBuchanan314 / parse_bin_string.c
Created October 19, 2022 04:09
#include <stdio.h>
#define IS_DIG(x) (((x)|1)=='1')
#define SLEN(s) ((sizeof s)-1)
#define RIDX(s,x) ((x)<SLEN(s)?s[SLEN(s)-1-(x)]:0)
#define CNT(s,x,n) ((x)<n?IS_DIG(RIDX(s,(x))):0)
#define CNT4(s,x,n) (CNT(s,x+0,n)+CNT(s,x+1,n)+CNT(s,x+2,n)+CNT(s,x+3,n))
#define CNT16(s,x,n) (CNT4(s,x+0,n)+CNT4(s,x+4,n)+CNT4(s,x+8,n)+CNT4(s,x+12,n))
#define CNT64(s,x,n) (CNT16(s,x+0,n)+CNT16(s,x+16,n)+CNT16(s,x+32,n)+CNT16(s,x+48,n))
#define VAL(s,x) ((RIDX(s,x)=='1')<<(CNT64(s,0,x)))
#define VAL4(s,x) (VAL(s,x+0)+VAL(s,x+1)+VAL(s,x+2)+VAL(s,x+3))
@NyanSatan
NyanSatan / t8103-ap_keys-180622.json
Created June 18, 2022 12:34
T8103 AP keys 18.06.22
This file has been truncated, but you can view the full file.
[
{
"fw": "UniversalMac_11.0.1_20B28_Restore.ipsw",
"file": "LLB.j274.RELEASE.im4p",
"kbag": "3267519BE210D18C937A7180542EE2D66F5FBE37A0EB6BFE632B86B75C14392F2001BC3F383A7FF966F968BAB2EE484F",
"key": "44a6f8571fa811690914ba053f1740400cc0931c70bd8c5a1374dd12783d84db61e89fa68a6ac4349c04b319138e7bc9"
},
{
"fw": "UniversalMac_11.0.1_20B28_Restore.ipsw",
"file": "LLB.j293.RELEASE.im4p",
@motorailgun
motorailgun / idea.md
Last active March 31, 2025 16:30
Installing Windows and Linux into the same partition

Installing Windows and Linux into the same partition

But WHY?

There was a reddit post about installing Arch on NTFS3 partition. Since Windows and Linux doesn't have directories with same names under the /(C:\), I thought it's possible, and turned out it was actually possible.
If you are not familiar to Linux, for example you've searched on Google "how to dualboot Linux and Windos" or brbrbr... you mustn't try this. This is not practical.

Pre-requirements

  • UEFI system
  • Any Linux live-boot CD/DVD/USB... with Linux kernel newer than 5.15
  • Windows installer USB
@noxiousninja
noxiousninja / StreetPass2.gm9
Last active August 28, 2024 10:26
GodMode9 script for managing StreetPass (CECD) files. To install, save file into the /gm9/scripts/ directory on your SD card.
set PREVIEW_MODE "StreetPass2 Inject/Backup/Restore Script\nby Noxious Ninja\n \nInspired by scripts by KiTA"
# Installation:
# - Place this file in the /gm9/scripts/ directory on your SD card.
# - Place any StreetPass2 (CECD) files you want to install in the
# /gm9/in/streetpass/ directory on your SD card. You may need to
# create this directory if it doesn't exist.
#
# Usage:
# 1. Launch GodMode9
# 2. Press the Home button on your 2DS/3DS
@dougallj
dougallj / aarch64_amx.py
Last active February 26, 2025 08:11
# IDA (disassembler) and Hex-Rays (decompiler) plugin for Apple AMX
#
# WIP research. (This was edited to add more info after someone posted it to
# Hacker News. Click "Revisions" to see full changes.)
#
# Copyright (c) 2020 dougallj
# Based on Python port of VMX intrinsics plugin:
# Copyright (c) 2019 w4kfu - Synacktiv
@SciresM
SciresM / free_private_key.md
Last active March 18, 2025 18:29

Sometimes you need a 2048-bit RSA keypair for testing various things.

If you, like myself, have a child's sense of humor, I offer the following for your general use:

P = 19
Q = 1696986749729493925354392349339746171297507422986462747526968361144447230710192316397327889522451749459854070558277878297255552508603806832852079596337539247651161831569525505882103311631577368514276343192042634740927726070847704397913856975832811679847928433261678072951551065705680482548543833651752439700272736498378724153330763357721354498194000536297732323628263256733931353143625854828275237159155585342783077681713929284136658773985266864804093157854331138230313706015557050002740810464618031715670281442110238274404626065924786185264268216336867948322976979393032640085259926883014490947373494538254895109731

N = 0xFF69696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696969696
@0x36
0x36 / oob_events.c
Created November 5, 2020 23:16
IOAccelContext2::finish_fence_event() race condition OOB read/write
#if 0
IOAccelContext2::finish_fence_event() race condition OOB read/write
This is a method exposed to user space, it takes a kernel read-only shared memory
(type 2 via clientMemoryForType()) address and treats it as an IOAccelEvents Array.
The user supplied index is checked against the IOAccelEvents array bounds,since there are no
locks held in this method,it is possible to change the array bounds by calling
IOAccelContext2::clientMemoryForType() again in a separate thread, this will expand the size by
multiplying the older size by 2, but we still have a reference to the old shared memory address
@bazad
bazad / arm64_sysregs_ios.py
Created July 17, 2020 19:58
Label iOS arm64 system registers in IDA Pro
#
# arm64_sysregs_ios.py
# Brandon Azad
#
# Based on https://github.com/gdelugre/ida-arm-system-highlight by Guillaume Delugre.
#
import idautils
import idc
@NyanSatan
NyanSatan / lina_tristar.c
Created June 30, 2020 16:49
#define TRISTAR_IIC_BUS 0
#define CBTL1610_R 0x35
#define CBTL1610_W 0x34
void (*task_sleep)(uint64_t delay) = TARGET_BASEADDR + 0x1FFDC;
int (*iic_read)(int iic, uint8_t address, const void *send_data, size_t send_len, void *data, size_t len, uint8_t fmt) = TARGET_BASEADDR + 0xA008;
int (*iic_write)(int iic, uint8_t address, const void *data, size_t len) = TARGET_BASEADDR + 0xA168;
int (*tristar_write)(uint8_t reg, uint8_t value) = TARGET_BASEADDR + 0xD644;
int (*tristar_read)(uint8_t reg, uint8_t *data) = TARGET_BASEADDR + 0xD604;