Skip to content

Instantly share code, notes, and snippets.

View nstarke's full-sized avatar

Nicholas Starke nstarke

174 followers · 10 following
View GitHub Profile
@nstarke
nstarke / poc.js
Last active May 16, 2018 20:18
iOS 11.2.6 Memory Corruption Issue in CoreFoundation
// iOS Memory Corruption Issue in CoreFoundation
// Date: April 9th, 2018
// Author: Nick Starke
//
// This PoC was tested against iOS 11.2.6
// 11.3 does not seem to be vulnerable
// Causes an error in Safari, or an application crash if an app makes a HTTP request.
//
// Run this script using NodeJS:
// $ node poc.js
@nstarke
nstarke / snmp-fuzzer.js
Created April 16, 2018 22:05
Simple SNMP Fuzzer
// Simple SNMP Fuzzer
// Date: April 16, 2018
// Author: Nicholas Starke
// Run with: INTERVAL=500 REMOTE_PORT=161 REMOTE_HOST=127.0.0.1 node snmp-fuzzer.js
// requires bluebird
// npm install bluebird
if (!process.env.REMOTE_HOST) {
console.error('[*] Must set REMOTE_HOST environment variable');
@nstarke
nstarke / dell-precision-7510-problem.md
Created May 3, 2018 11:52
Dell Precision 7510 System Failure after Monitor turns off in Ubuntu 16.04 / 17.10 / 18.04

Dell Precision 7510 System Failure after Monitor turns off in Ubuntu 16.04 / 17.10 / 18.04

I have been experiencing a problem with my Dell Precision 7510 laptop. When using Ubuntu, configured to turn the monitor off after n minutes, the computer would become unresponsive if I let it stay "asleep" for longer than a few minutes.
At this point, when I tried to wake the laptop up by pressing a key or moving the mouse, the computer wouldn't respond at all. The only option was to restart the computer using a hard stop (pressing the power key for 5 seconds).

After months of problems and troubleshooting, I isolated the problem to the system BIOS, and indeed, according to the Dell Bios Changelog (link here) some of the bug fixes mention problems with crashes related to the monitor shutting off. It is worth noting that I had this problem with BIOS revision 1.15.4 and 1.14.4. BIOS version 1.15.4 is the latest a

@nstarke
nstarke / toy-obfuscator01.js
Created May 6, 2018 19:07
JavaScript: Toy Obfuscator 1
// Toy Obfuscator 1
// This is not meant to be a serious attempt at obfuscation, though it does work.
// run with CODE_FILE=source.js node toy-obfuscator01.js
var fs = require('fs');
var code = fs.readFileSync(process.env.CODE_FILE).toString();
var globalReserved = [];
var matrix = [];
var magicBlank = Math.floor(Math.random() * 127) + 127;
@nstarke
nstarke / slice.sh
Created February 24, 2019 01:13
Slice audio file into equal sized parts
#!/bin/sh
for LINE in *.wav
do
echo "$LINE"
mkdir -p -- "_$LINE/4"
mkdir -p -- "_$LINE/16"
mkdir -p -- "_$LINE/64"
LENGTH=$(soxi -D "$LINE")
INTERVAL=$(echo "$LENGTH/4" | bc -l)
@nstarke
nstarke / egodeath-obfuscator-example2.js
Last active June 7, 2021 19:56
Egodeath Obfuscator Example 2
console.assert = function (){};
console.clear = function (){};
console.count = function (){};
console.error = function (){};
console.group = function (){};
console.groupCollapsed = function (){};
console.groupEnd = function (){};
console.info = function (){};
console.log = function (){};
console.table = function (){};
@nstarke
nstarke / JScrambler-Review.md
Last active January 24, 2025 02:13
JScrambler Review

I've recently been working on JavaScript Obfuscation. I've read as much as I can from the internet about options and capabilities. It is clear there is one winner out of all the offerings available.

JScrambler Review

JScrambler (https://jscrambler.com/) is a paid product featuring JavaScript Obfuscation capabilities. When it comes to obfuscating JavaScript, it is the gold standard.

This is what the internet proclaimed as I read it [1]. However, it was truly difficult to assess how accurate these claims are; essentially the only public obfuscation examples they provide are:

https://jscrambler.com/products/code-integrity/javascript-obfuscation

@nstarke
nstarke / extract-netgear-chk-firmware.md
Created May 12, 2019 14:56
Extract Netgear .chk Firmware

Extract Netgear .chk Firmware

I recently ran into a situation where binwalk -M -e $FIRMWARE failed me. This was for a Netgear firmware image that ended in a .chkextension.

The firmware file name was R7960P-V1.0.1.34_1.0.20.chk.

This is the output when I ran binwalk R7960P-V1.0.1.34_1.0.20.chk:

$ binwalk R7960P-V1.0.1.34_1.0.20.chk
@nstarke
nstarke / lldp-fuzzer.py
Created June 18, 2019 13:37
LLDP Fuzzer
#!/usr/bin/env python
#
# A naive LLDP Fuzzer
# Released Jun 18, 2019
# Author: Nicholas Starke
#
from scapy.all import *
import time
@nstarke
nstarke / 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Last active June 21, 2025 15:00
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra

Reversing Raw Binary Firmware Files in Ghidra

This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.

Prep work in Binwalk

I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.

While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.