zhuowei
/ extigy_kasan.txt
Created
March 9, 2025 03:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ 158.425795] ================================================================== | |
| [ 158.426607] BUG: KASAN: slab-out-of-bounds in usb_destroy_configuration+0x4ec/0x588 | |
| [ 158.427343] Read of size 8 at addr ffff00008f7a9548 by task kworker/0:4/3164 | |
| [ 158.427916] | |
| [ 158.428053] CPU: 0 UID: 0 PID: 3164 Comm: kworker/0:4 Kdump: loaded Tainted: G OE 6.11.0-14-generic #15 | |
| [ 158.428905] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE | |
| [ 158.429329] Hardware name: VMware, Inc. VMware20,1/VBSA, BIOS VMW201.00V.24006586.BA64.2406042154 06/04/2024 | |
| [ 158.430108] Workqueue: usb_hub_wq hub_event | |
| [ 158.430459] Call trace: | |
| [ 158.430660] dump_backtrace+0x1f8/0x220 |
zhuowei
/ extigy_oops.txt
Created
March 2, 2025 09:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ 7143.763235] usb 4-1: new high-speed USB device number 35 using dummy_hcd | |
| [ 7143.899052] usb 4-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.00 | |
| [ 7143.899069] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 | |
| [ 7143.899070] usb 4-1: Product: Generic USB Device | |
| [ 7143.899072] usb 4-1: Manufacturer: FaceDancer | |
| [ 7143.899074] usb 4-1: SerialNumber: S/N 3420E | |
| [ 7143.904744] Unable to handle kernel paging request at virtual address 006ae290828f642a | |
| [ 7143.904781] Mem abort info: | |
| [ 7143.904782] ESR = 0x0000000096000004 | |
| [ 7143.904799] EC = 0x25: DABT (current EL), IL = 32 bits |
zhuowei
/ _header.txt
Last active
February 12, 2025 11:31
Counting number of top iPad apps marked as available on visionOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Business, Free: 71/100 | |
| Business, Paid: 84/100 | |
| Weather, Free: 92/100 | |
| Weather, Paid: 89/100 | |
| Utilities, Free: 75/100 | |
| Utilities, Paid: 77/100 | |
| Travel, Free: 89/100 | |
| Travel, Paid: 86/100 | |
| Sports, Free: 78/100 | |
| Sports, Paid: 77/100 |
zhuowei
/ more_coretrust_notes.txt
Created
October 1, 2023 04:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Also see https://github.com/zhuowei/CoreTrustDemo/blob/main/littlemis.txt for my previous notes | |
| first time X509ChainCheckPathWithOptions, param3 (options) is null | |
| second time X509ChainCheckPathWithOptions, param3 (options) is set | |
| -> This is the call out of CTEvaluateAMFICodeSignatureCMS_MaxDigestType, and is the one that sets the flags | |
| struct ContentInfoSignedData { | |
| int always4; // 0x0 | |
| void* someBufferFromCTParseContentInfoSignedDataArg6; // 0x8 | |
| // ? |
zhuowei
/ disneyplus_removed.txt
Created
May 27, 2023 22:09
The 72 shows removed from Disney+ en-US on 2023-05-26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @Gina Yei: #WithAllMyHeartAndMore | |
| A Very Boy Band Holiday | |
| America the Beautiful | |
| Among the Stars | |
| Artemis Fowl | |
| Be Our Chef | |
| Bear Witness | |
| Best in Snow | |
| Better Nate Than Ever | |
| Beyond Infinity: Buzz and the Journey to Lightyear |
zhuowei
/ reachable_services.txt
Created
February 21, 2023 06:26
Reachable Mach services from the app sandbox on iOS 16.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PurpleSystemAppPort | |
| PurpleSystemEventPort | |
| UIASTNotificationCenter | |
| com.apple.ABDatabaseDoctor | |
| com.apple.AppSSO.service-xpc | |
| com.apple.AuthenticationServicesCore.AuthenticationServicesAgent | |
| com.apple.CARenderServer | |
| com.apple.ClipServices.clipserviced | |
| com.apple.CoreAuthentication.daemon | |
| com.apple.DeviceAccess.xpc |
zhuowei
/ grant_full_disk_access.m
Last active
January 12, 2025 13:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @import Darwin; | |
| @import Foundation; | |
| @import MachO; | |
| #import <mach-o/fixup-chains.h> | |
| // you'll need helpers.m from Ian Beer's write_no_write and vm_unaligned_copy_switch_race.m from | |
| // WDBFontOverwrite | |
| // Also, set an NSAppleMusicUsageDescription in Info.plist (can be anything) | |
| // Please don't call this code on iOS 14 or below | |
| // (This temporarily overwrites tccd, and on iOS 14 and above changes do not revert on reboot) |
zhuowei
/ addcicp.py
Created
November 28, 2022 00:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import png | |
| import sys | |
| with open(sys.argv[1], "rb") as infile: | |
| chunks = list(png.Reader(file=infile).chunks()) | |
| chunks.insert(1, (b"cICP", bytes([9, 16, 0, 1]))) | |
| with open(sys.argv[2], "wb") as outfile: | |
| png.write_chunks(outfile, chunks) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from PIL import Image, PngImagePlugin | |
| # adds a cICP chunk to PNG files to specify color gamut and HDR brightness. | |
| # This example uses the sample BT2020 + PQ cICP chunk from https://w3c.github.io/PNG-spec/#11cICP | |
| # Requires Pillow >8.0.0. See https://github.com/python-pillow/Pillow/pull/4292 | |
| # View the resulting PNG in an app that supports cICP chunks, such as Chrome 105+ | |
| # (https://chromium-review.googlesource.com/c/chromium/src/+/3705739) | |
| # For more information about CICP, see https://github.com/AOMediaCodec/libavif/wiki/CICP |
zhuowei
/ m1n1_lockdown.py
Last active
December 7, 2023 08:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # enable AMCC read-only region lockdown in m1n1 on M1 (Mac Mini 2020) for testing | |
| # see https://github.com/AsahiLinux/m1n1/blob/v1.1.4/src/mcc.c | |
| # https://github.com/apple-oss-distributions/xnu/blob/xnu-7195.50.7.100.1/osfmk/arm64/amcc_rorgn.c | |
| lockdownstart = 0x8_4000_0000 | |
| # amcc's protection page size seems to be 0x8000? | |
| lockdownend = 0x8_4000_8000 | |
| rambase = 0x8_0000_0000 | |
| for plane in range(3, -1, -1): | |
| print(hex(0x2_0000_0000 + 0x40000*plane + 0x680)) | |
| write32(0x2_0000_0000 + 0x40000*plane + 0x680, (lockdownstart - rambase) >> 14) |
NewerOlder