There is a vulnerability/backdoor in webOS 5+ that allows you to easily run arbitrary commands as root during the boot process. The easiest way to exploit it simply involves putting a file on a USB drive and having it connected to your TV while it boots. There are two other methods that are more complex and require additional exploits.
I'm not going to be maintaining this document anymore. I'm leaving it as-is since much of the FAQ section is still accurate and has yet to be incorporated into other resources.
Use CanI.RootMy.TV to find an exploit for your TV.
throwaway96
/ notes.md
Last active
November 6, 2024 17:19
Enabling debug and getting root on LG webOS by modifying NVM
What you do with this information is your own responsibility. If you brick your TV trying this, it's not my fault. You should probably have some electronics experience if you want to attempt this.
This is going to involve opening your TV and attaching wires to the pins of an integrated circuit. If you're not comfortable with that, this is not for you.
This document is a work in progress.
LG TVs since at least the era of NetCast and "Global Platform" (webOS predecessors) have had the notion of a debug level, generally called "debugstatus". There are three modes: DEBUG, EVENT, and RELEASE. TVs normally operate in RELEASE mode. DEBUG mode enables a variety of logging and other debugging features in webOS, including access to the bootloader console and debug menus via serial. EVENT is similar to DEBUG, although it may not enable as much logging and has other relatively minor differences.
This is just a dump of some interesting undocumented features of webOS (3.8 specifically, on early 2018 4k LG TV) and other development-related tips.
- OpenVPN frontend (OpenVPN itself is easily buildable and runs on webOS TVs: https://discord.com/channels/407937994037919756/835489130967859251/906943542457401395)
- App autostart manager - dynamically update arbitrary app config and register it as input (see Registering an app as an input)
- webos-vncserver frontend with autostart option
- Package hyperiond into Piccap directly
- Quick Screenshot (expose HTTP port that just returns PNG of current screen contents)
- Custom IR remote codes editor/updater/blaster
DhavalKapil
/ ELF-symbol-resolution.md
Created
April 25, 2018 03:30
plantvsbirds
/ findTwitterIdsOnTwitterPage.js
Last active
January 8, 2020 10:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*------------------------get Twitter Ids on page --------------------- | |
| | Find twitter IDs of people on page(intended for blocking multiple | |
| users) bookmarklet inspired by @mariotaku 's wtb | |
| | Author: Hong Lin <[email protected]> | |
| License: MIT | |
| | See comments below for usage thx. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import android.support.v4.app.Fragment; | |
| import android.support.v4.app.FragmentManager; | |
| import android.support.v4.app.FragmentStatePagerAdapter; | |
| import android.support.v4.view.ViewPager; | |
| /** | |
| * Created by Chaojun Wang on 5/6/14. | |
| */ | |
| public class ViewPagerUtils { | |
| private ViewPagerUtils() {} |
aras-p
/ preprocessor_fun.h
Last active
November 15, 2024 09:22
Things to commit just before leaving your job
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Just before switching jobs: | |
| // Add one of these. | |
| // Preferably into the same commit where you do a large merge. | |
| // | |
| // This started as a tweet with a joke of "C++ pro-tip: #define private public", | |
| // and then it quickly escalated into more and more evil suggestions. | |
| // I've tried to capture interesting suggestions here. | |
| // | |
| // Contributors: @r2d2rigo, @joeldevahl, @msinilo, @_Humus_, | |
| // @YuriyODonnell, @rygorous, @cmuratori, @mike_acton, @grumpygiant, |
Consumer key: IQKbtAYlXLripLGPWd0HUA
Consumer secret: GgDYlkSvaPxGxC4X8liwpUoqKwwr3lCADbz8A7ADU
Consumer key: 3nVuSoBZnx6U4vzUxf5w
Consumer secret: Bcs59EFbbsdF6Sl9Ng71smgStWEGwXXKSjYvPVt7qys
Consumer key: CjulERsDeqhhjSme66ECg
NewerOlder