- LoadedImage
DxeCore 5CB5C776-- Decompress
- FirmwareVolume2
-B9A42172CE53 - FirmwareVolume2
-EC40C23C5916 - FirmwareVolume2
-DC1671C10F36 - FirmwareVolume2
-E48809A7ACE3 - FirmwareVolume2
-2A4FF6CA6FE5 EE4E5898-
Rick Mark rickmark
🔬
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdbool.h> | |
| #include <stdint.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <dlfcn.h> | |
| static bool finished = false; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PID USER COMMAND | |
| 1 root init | |
| 2 root [kthreadd] | |
| 3 root [rcu_gp] | |
| 4 root [rcu_par_gp] | |
| 6 root [kworker/0:0H-kb] | |
| 8 root [mm_percpu_wq] | |
| 9 root [ksoftirqd/0] | |
| 10 root [rcu_sched] | |
| 11 root [rcu_bh] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [13:16:09.0275-GMT]{3>6} CHECKPOINT NOTICE: Not image4 device: AP nonce not clearable | |
| [13:16:09.0275-GMT]{3>6} CHECKPOINT NOTICE: Pre-existing NVRAM variable: auto-boot=true | |
| [13:16:09.0276-GMT]{3>6} CHECKPOINT NOTICE: Pre-existing NVRAM variable: ota-uuid=C2211A17-2C6D-4D70-AD6D-E92BF312EFAC | |
| [13:16:09.0276-GMT]{3>6} CHECKPOINT NOTICE: Pre-existing NVRAM variable: ota-outcome=initial_monitor | |
| void clear_stale_ota_nvram(void) | |
| executing /usr/sbin/nvram -d boot-breadcrumbs | |
| Successfully deleted boot-breadcrumbsboot-breadcrumbs | |
| executing /usr/sbin/nvram -d OTA-pre-conversion | |
| Successfully deleted OTA-pre-conversionOTA-pre-conversion | |
| executing /usr/sbin/nvram -d OTA-post-conversion |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 09:02:52: main: MSUEarlyBootTask running..Found data created by previous ramdisk. Assuming first boot after update at time Tue Sep 21 09:02:52 2021 | |
| 09:02:52: MSUEarlyBootTask: Successfully set up ACL for folder stashed by ramdisk | |
| 09:02:52: MSUEarlyBootTasks: Cleaning up stale stashed paths | |
| 09:02:52: main: Running fixup var operations | |
| 09:02:52: entering update_var_directory_hierarchy | |
| 09:02:52: Created system mount point at /private/var/MobileSoftwareUpdate/mnt1 | |
| 09:02:52: System is currently rooted from a snapshot | |
| 09:02:52: msuearlyboottask_mount_filesystem: Attempting to mount /dev/disk0s1s1 at /private/var/MobileSoftwareUpdate/mnt1 | |
| 09:02:52: Reverting to snapshot(com.apple.os.update-9C000777B424EEABA97D3C90BB8E3C6CBD865FF00968F6063E6BFE32DBD630B9891FF8EB307DBFCE4CDD05EF92EE0C7D) |
rickmark
/ alpine_v2_ubnt udm-pro v6.0.dts
Created
September 15, 2021 23:01
UniFi FIT Tree and Overlay
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| signature { | |
| key-udm_al324 { | |
| required = "image"; | |
| algo = "sha1,rsa2048"; | |
| rsa,r-squared = <0xe1a0e40 0xe08136d2 0x2258baab 0x8c101c85 0x9f327576 0x86e0cb6b 0x14ae2d8f 0x3f8fd252 0x4eb43bdf 0x9fa038b2 0xc42c91ba 0xccc1d081 0xb57c3d8f 0x1c321654 0xe776a2af 0xc2ea4a1e 0x83b8b968 0x56e5b853 0xca635636 0xca554776 0x30f50f64 0x214b9b48 0x8a14b7ba 0x18580a1a 0x6019d14b 0xd01e6946 0xd55023fa 0xd317b76 0x4b451460 0x8698cd91 0x2893fdc9 0x5b94375e 0x96bbdfee 0x833c7df7 0xae3bf104 0x4d9a4f4a 0xcc2b447 0x90d1a9ad 0xea2d415e 0x1c842a18 0xbd5e39ae 0x1320494a 0xe09d0f75 0xec8a085a 0xff16181c 0x397b1252 0xd4e3ce88 0x4be85931 0x36b427ac 0x177a621c 0x6f98e573 0x8d4073a2 0x7ae4c0a4 0xfb575c27 0xf973778a 0x8cd9cd47 0xf695917a 0x5899c3f3 0x3bdf9afe 0xfbf7b2f 0xa0bcf54f 0xe25d82db 0x86fdba15 0x2509fe06>; | |
| rsa,modulus = <0xda8b3484 0xc7c124bd 0xf5ddb150 0x16c5911d 0xa174c3a4 0xa66af4b 0x29c104f3 0xa8fbc068 0x2391126b 0x5e066b99 0xdcfb07f8 0x762165f3 0x88d36f8b 0x70f03d8a 0xdb1c792e 0xd2f25b4 0x31891a79 0x9352354c 0xd903d |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Type | Subtype | Base | Size | CRC32 | Name | |
| Capsule | UEFI 2.0 | 00000000 | 00A5F020 | 9774D209 | UEFI capsule | |
| Image | UEFI | 00000020 | 00A5F000 | 8B14F6B2 | - UEFI image | |
| Volume | FFSv2 | 00000020 | 00A5F000 | 8B14F6B2 | -- EfiFirmwareFileSystem2Guid | |
| File | Volume image | 00000068 | 00A1C52C | 491AC2C5 | --- D1157A19-7DD0-4483-AAD1-3B1F969644EF | |
| Section | GUID defined | 00000080 | 00A1C514 | DA832334 | ---- 24400798-3807-4A42-B413-A1ECEE205DD8 | |
| Section | Volume image | 00000590 | 00A1C004 | 6C955535 | ----- Volume image section | |
| Volume | FFSv2 | 00000594 | 00A1C000 | 417B6AA3 | ------ EfiFirmwareFileSystem2Guid | |
| File | DXE driver | 000005DC | 00000F26 | 0A14405A | ------- 29FF2C20-0C83-4D57-9ED1-26BE925216EB | DescUpdate | |
| Section | DXE dependency | 000005F4 | 00000028 | 80F1E4F9 |
rickmark
/ journal.txt
Last active
September 5, 2021 12:55
Clever use of EFI variables and ACPI tables to do early load implanting
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Journal begins at Sat 2021-09-04 15:59:18 PDT, ends at Sun 2021-09-05 05:54:37 PDT. -- | |
| Sep 04 15:59:18 Hammer kernel: microcode: microcode updated early to revision 0xea, date = 2021-01-06 | |
| Sep 04 15:59:18 Hammer kernel: Linux version 5.13.13-arch1-1 (linux@archlinux) (gcc (GCC) 11.1.0, GNU ld (GNU Binutils) 2.36.1) #1 SMP PREEMPT Thu, 26 Aug 2021 19:14:36 +0000 | |
| Sep 04 15:59:18 Hammer kernel: Command line: BOOT_IMAGE=/vmlinuz-linux root=/dev/mapper/system-root rw loglevel=3 quiet | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: Supporting XSAVE feature 0x008: 'MPX bounds registers' | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: Supporting XSAVE feature 0x010: 'MPX CSR' | |
| Sep 04 15:59:18 Hammer kernel: x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: |
rickmark
/ gist:f84cc36a7ddf3dd9d76dd9c231855447
Created
September 1, 2021 07:50
UniFi Dream Machine Pro - UART Boot Log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stage2_loader v2.22.3 | |
| SPD I2C Address: 57 | |
| Executing next! | |
| ----------------------------------------------------- | |
| Stage 3 version: 2.22.0 | |
| Commit ID: 6088bc3 | |
| CVOS commit ID: bac1d52 | |
| HAL commit ID: 61afa9c | |
| Build date: Nov 15 2019 11:53:06 |
rickmark
/ CoreDevice.framework
Last active
January 14, 2025 23:17
Apple's Remote Pairing and App Tampering APIs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @protocol NSSecureCoding <NSCoding> | |
| // class methods | |
| +[NSSecureCoding supportsSecureCoding] | |
| @end | |
| @protocol NSCoding | |
| // instance methods | |
| -[NSCoding encodeWithCoder:] | |
| -[NSCoding encodeWithCoder:] |