Skip to content

Instantly share code, notes, and snippets.

View obfusk's full-sized avatar
🏳️‍🌈
hacking ⇒ ¬sleeping 😸

FC (Fay) Stegerman obfusk

🏳️‍🌈
hacking ⇒ ¬sleeping 😸
187 followers · 66 following
View GitHub Profile
@obfusk
obfusk / update-signal-apk.sh
Last active August 20, 2021 14:02
download latest signal APK
#!/bin/bash
set -e
yaml2json() {
python3 -c 'import json, sys, yaml; json.dump(yaml.safe_load(sys.stdin), sys.stdout)'
}
json="$( curl https://updates.signal.org/android/latest.json )"
meta=org.thoughtcrime.securesms.yml
@obfusk
obfusk / update_verifier.py
Created August 11, 2021 11:51
LineageOS update_verifier using cryptography instead of oscrypto
from __future__ import print_function
from asn1crypto.cms import ContentInfo
from asn1crypto.algos import DigestAlgorithmId
# === BEGIN MODIFICATIONS ===
# from oscrypto.asymmetric import rsa_pkcs1v15_verify, load_public_key
# from oscrypto.errors import SignatureError
@obfusk
obfusk / totp-add.sh
Last active July 27, 2021 14:57
#!/bin/bash
name="$1"
if [ -z "$name" ]; then
read -r -p 'name> '
name="$REPLY"
fi
read -r -p 'key> '
key="$REPLY"
printf '%s' "$key" | gpg -r YOUR_KEY_ID -e > /some/path/"$name".gpg
@obfusk
obfusk / npv.knk
Created July 23, 2021 14:04
{ prev: 0.11 spec: 0.98 sens: 0.95 } let[ 'spec 1 'prev - * 1 'sens - 'prev * 'spec 1 'prev - * + / ]
@obfusk
obfusk / fix-timestamps.py
Created June 18, 2021 23:03
fix fdroid apkcache timestamps
#!/usr/bin/python3
import collections, glob, json, os
with open("tmp/apkcache.json") as f:
apkcache = json.load(f, object_pairs_hook=collections.OrderedDict)
for apk in glob.glob("repo/*.apk"):
mtime = os.stat(apk).st_mtime
apkcache[os.path.basename(apk)]["added"] = mtime
with open("tmp/apkcache.json", "w") as f:
json.dump(apkcache, f, indent=2)
@obfusk
obfusk / swirl
Created June 12, 2021 17:15
debian swirl
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀
⠈⠳⣄⠀⠀⠀⠀
@obfusk
obfusk / fonts.conf
Created June 4, 2021 10:34
~/.config/fontconfig/fonts.conf
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig>
<alias>
<family>serif</family>
<prefer>
<family>DejaVu Serif</family>
<family>Noto Serif CJK JP</family>
</prefer>
</alias>
@obfusk
obfusk / find-fonts.sh
Created May 23, 2021 16:04
find fonts that have a glyph for a specific character on Linux
#!/bin/bash
# Usage: find-fonts.sh 💩
fc-list ":charset=$(printf '%x' "'$1")"
@obfusk
obfusk / apksigcopier.md
Last active April 19, 2021 12:01
[draft] apksigcopier abstract

F-Droid is "an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform." [1] All applications are built by the F-Droid build server from source. Usually they are then signed by F-Droid, but F-Droid also "supports reproducible builds of apps, so that anyone can run the build process again and reproduce the same APK as the original release. This means that F-Droid can verify that an app is 100% free software while still using the original developer’s APK signatures." [2,3]

In order to verify that the APK built by the build server is identical to the one signed by the (upstream) developer, the signature from the signed APK is copied to the unsigned APK and the APK with the copied signature is verified.

The older v1 (JAR) signing scheme used a signature that guaranteed integrity of the contents of the APK (which uses the ZIP file format) only. Differences in ordering, metadata, or extra bytes ignored by the ZIP format were irrelevant. This made copying the signature

@obfusk
obfusk / get-axml.py
Created April 16, 2021 13:35
fast way to get the minSdkVersion from an APK
#!/usr/bin/python3
# encoding: utf-8
import os
import struct
import sys
# import zipfile
import zlib
from collections import namedtuple