Skip to content

Instantly share code, notes, and snippets.

View RKX1209's full-sized avatar

Ren Kimura RKX1209

328 followers · 24 following
View GitHub Profile
@InternalLoss
InternalLoss / switch_tls_charles.md
Last active September 10, 2024 21:58

Switch TLS Dumping Guide (Charles)

This guide is for dumping Switch TLS traffic using the Charles web proxy. Please note that this is paid software.

Most Switch communications are over TLS - this includes NEX and Eagle communications (for Nintendo Switch Online)* as well as other servers such as BAAS (friends/status) and NPNS (notifications)

*NPLN, the new Switch online servers that Monster Hunter Rise demo used, cannot be dumped with Charles currently as it doesn't support gRPC - use grpc-dump to dump these communications - the gPRC section will explain this better.

While this doesn't carry much risk in theory, this is risky and could get your Switch banned as you must send your own Switch-unique client certificate.

Dumping Console-Unique Certificate

@perillamint
perillamint / tegra_mtc.bin.b64
Created April 25, 2018 01:25
oQEAsP9DAdEiwEq581MAqfVbAan3YwKp+WsDqft7BKlf/ANx4QAAVL8/A9UCAYDSAgCu8kIAQLlC
FETTIsAKuSHASrmzAQCwPwgAcWABAFQ/DABx4QIAVKEBALAWAQCQ1cIFkbQCHZE0NAf5QQGAUmGC
DrkQAAAUogEAsEEAAJAhwC2RowEAsEE0B/mhAACQIcAZkUIBgFIhgA6RYTgH+aEBALBigg65IngO
uQIAABR/gg65YoJOueIAADS0AQCw9wMAqgEAgNIEYoLSgzZH+QMAABQAAIDSRAAAFD8AAmv1AwEq
agQAVDh8BJshBACRAAMBkWVoYLgAnINSYACgcr8AAGvB/v9UtQYAERYAgNL6AxUqeQI6kRtiglIk
A0C5vwIEa2oCAFSDNkf5JQCAUkFbO5tiABiLAACAUmEAAYtCQEC5IUBAue4TAJS/PwPVAcGX0tYG
QJEhAK7y1kIMkSEAQLmA+/81tQYAEez//xeDNkf5AACAUmSCTrkBAIVSApyDUkEBoHJiAKBy5QMA
KtwTAJQAAIBSgzZH+WSCTrkBoIZSAgCFUoEBoHJCAaBy5QMAKtMTAJS/PwPVAMGX0mGCTrkgAK7y
AABAuYA2R/ngAgD5oAEAsAB4TrkgAAALAWKCUgB8IZvzU0Cp9VtBqfdjQqn5a0Op+3tEqf9DAZHA
A1/WAQKK0gEArPIjAEC5oQEAsCPkDbmhAQCwI2AOuSGAOZEiAEC5QgADS18AAGvIAABUAgKK0gIA
@ErikAugust
ErikAugust / spectre.c
Last active August 2, 2024 01:59
Spectre example code
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@kkuehl
kkuehl / gist:af5bbcd843a6239cee2c64b58be6def7
Last active August 18, 2024 12:30
webkitgtk Asan Linux Compilation Instructions
wget --no-check-certificate http://nightly.webkit.org/files/WebKit-SVN-source.tar.bz2 -O WebKit-SVN-source.tar.bz2
tar jxvf WebKit-SVN-source.tar.bz2
cd webkit
echo Y | Tools/gtk/install-dependencies
Tools/Scripts/update-webkitgtk-libs
Apply the following patch:
--- Source/WebKit/PlatformGTK.cmake.orig 2017-09-26 13:04:14.571070291 -0700
+++ Source/WebKit/PlatformGTK.cmake 2017-09-26 13:04:31.871119018 -0700
@carnal0wnage
carnal0wnage / gist:606c41ac6ec40bf5c69d4db96d9312e3
Created April 28, 2017 16:07
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@icchy
icchy / README.md
Last active March 30, 2023 15:04
pwntools使い方 まとめ

pwntoolsの便利そうな機能まとめ

公式リファレンス: pwntools

install

最新版を降らせる
pip install "git+https://github.com/Gallopsled/pwntools#egg=pwntools"

template




  


  




    


          
    

      

        
        

          

              @vivien
          

          

            
                vivien
                / irccat
            
            

              Created
              May 2, 2014 00:38
            

              
                irccat - Using netcat with an IRC channel
              
          

        

      

        

  

    
    


        



  


  

        

          
          #!/bin/sh
        

        

          
          # Copyright 2014 Vivien Didelot <vivien@didelot.org>
        

        

          
          # Licensed under the terms of the GNU GPL v3, or any later version.
        

        

          
          

        

        

          
          NICK=irccat42
        

        

          
          SERVER=irc.freenode.net
        

        

          
          PORT=6667
        

        

          
          CHAN="#irccat"
        

        

          
          

        

        

          
          {
        

  





    


  




    


          
    

      

        
        

          

              @kholia
          

          

            
                kholia
                / ASLR+vsyscall.rst
            
            

              Last active
              August 16, 2022 07:32
            

              
                Notes on ASLR and vsyscall page
              
          

        

      

        

  

      

    


Goals


This documents tries to address some concerns with enabling PIE.



Argument 1


One of the criticism of "Using PIE by default on AMD64" is,




  


  




    


          
    

      

        
        

          

              @kumagi
          

          

            
                kumagi
                / obstruction-free
            
            

              Created
              July 25, 2010 01:55
            

          

        

      

        

  

    
    


        



  


  

        

          
          wait-free/lock-free/obstruction-freeの定義について
        

        

          
          

        

        

          
          ▲全てに共通する概念
        

        

          
          スレッドが他のスレッドの進行を禁止する事がないので、どれかのスレッドが
        

        

          
          ロックを確保したままプリエンプションなどで全体の処理が停止する事態が発生しな
        

        

          
          い。
        

        

          
          これは必ずしもロックベースのアルゴリズムより高速であることを意味し
        

        

          
          ない(現にロックの方が早い場合もある
        

        

          
          

        

        

          
          wait-freeが一番強い条件で、それを弱める度に