Skip to content

Instantly share code, notes, and snippets.

View stek29's full-sized avatar

Viktor Oreshkin stek29

437 followers · 35 following
View GitHub Profile
@lategoodbye
lategoodbye / mainline_guide.md
Last active April 1, 2025 06:49
Raspberry Pi: How to cross-compile and use Mainline Kernel

Raspberry Pi: How to cross-compile and use Mainline Kernel

Notes on how to set up a new Ubuntu LTS x64 environment, how to build a recent Mainline Kernel and place it on a Raspberry Pi OS SD card.

Procedure

  1. Install tools needed:
$ apt install git make gcc g++ device-tree-compiler bc bison flex libssl-dev libncurses-dev python3-ply python3-git libgmp3-dev libmpc-dev
@christianchristensen
christianchristensen / CloudTabs.py
Created November 6, 2018 06:24
import json
import sqlite3
import zlib
# ~/Library/Safari/CloudTabs.db
# Ref: https://www.reddit.com/r/mac/comments/89qx5n/iphone_safari_tabs_into_text_list_via_icloud/
db = sqlite3.connect('CloudTabs.db')
tabs = []
@itszn
itszn / exploit.js
Created July 11, 2018 16:27
Exploit for JavascriptCore CVE-2018-4192
// Load Int library, thanks saelo!
load('util.js');
load('int64.js');
// Helpers to convert from float to in a few random places
var conva = new ArrayBuffer(8);
var convf = new Float64Array(conva);
var convi = new Uint32Array(conva);
var convi8 = new Uint8Array(conva);
@cheesecakeufo
cheesecakeufo / xpc_idapro.py
Last active April 20, 2023 13:59
xpc functions fix - IDA
# Created to make RE-ing XPC a bit easier (in a shitty way)
# yes, somethings are hard-coded but I've done it because I don't want to spend more time on this
# created by Abraham Masri @cheesecakeufo
import re
import idaapi
import idautils
paths = ["/usr/include/xpc/xpc.h",
"/usr/include/xpc/activity.h",
@mems
mems / icloudtabs2md.js
Last active February 26, 2023 21:38
Generate a markdown links list from iCloud tabs
#!/usr/bin/env node
/*
Generate a markdown links list from iCloud tabs, on macOS
Usage:
./icloudtabs2md.js > icloudtabs.md
./icloudtabs2md.js | pbcopy
Require:
@Siguza
Siguza / dsc_syms.c
Last active February 20, 2022 02:19
dyld_shared_cache symbols to r2 flags
// Moved here: https://github.com/Siguza/misc/blob/master/dsc_syms.c
@alexander-hanel
alexander-hanel / yolo.py
Last active January 17, 2020 03:40
old and new names in idc.py (in progress)
import re
import sys
import os
def load_apis():
new_old_apis = [
# start of changes for idc.py
("hasValue", "has_value"),
("byteValue", "byte_value"),
("isLoaded", "is_loaded"),
@Siguza
Siguza / zIVA_tfp0.md
Last active April 22, 2021 23:38

Sadly I don't have a dev device on iOS 10, but for anyone playing around with zIVA caring about the kernel task port:

Starting with iOS 10.3 (and macOS 10.12.4), Apple changed convert_port_to_locked_task (and a few other port-to-something conversion functions) to blacklist the kernel task by means of a direct check. As a result, you can still obtain the kernel task port, but almost all APIs will simply treat it like MACH_PORT_NULL, thus rendering it useless. The check is a simple pointer comparison though, so it can be circumvented by just remapping the task struct at an additional virtual address and creating a new port from that with a ROP equivalent of:

vm_map_remap(
    kernel_map,
    &remap_addr,
    sizeof(task_t),
    0,

VM_FLAGS_ANYWHERE | VM_FLAGS_RETURN_DATA_ADDR,

@xerub
xerub / sepsplit.c
Last active May 17, 2024 11:35
/*
* SEP firmware split tool
*
* Copyright (c) 2017 xerub
*/
#include <fcntl.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@matthewaveryusa
matthewaveryusa / grab_io_kbm.c
Created May 20, 2016 03:13
linux grab io from keyboard and mouse
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <linux/input.h>
#include <time.h>
#include <stdint.h>
int main(int argc, char* argv[]){
sleep(1);