Skip to content

Instantly share code, notes, and snippets.

View chenxiaolong's full-sized avatar

Andrew Gunnerson chenxiaolong

500 followers · 0 following
View GitHub Profile
@tothi
tothi / usbgadget_razer.sh
Created August 22, 2021 09:52
Razer USB gadget on Android for Local Privilege Escalation on Windows
# MINIMAL USB gadget setup using CONFIGFS for simulating Razer Gaming HID
# devices for triggering the vulnerable Windows Driver installer
# credits for the Windows Driver install vuln: @j0nh4t
#
# https://twitter.com/j0nh4t/status/1429049506021138437
# https://twitter.com/an0n_r0/status/1429263450748895236
#
# the script was developed & tested on Android LineageOS 18.1
@LiEnby
LiEnby / flash.md
Last active September 21, 2024 15:21
Removing the timebomb from Adobe Flash Player

In Adobe Flash Player versions newer than 32.0.0.344 they added a "Timebomb" for the EOL. the player would refuse to run any custom flash content after 12/01/2021, instead it would just show this image

So knowing this, Lets crack it!

I acturally started looking into this before the 12/01/2021 hit, but only recently did i acturally discover a way to bypass the killswitch

(also- im aware i was not the first to do this, but i still did do it)

@tyranid
tyranid / map_host_drive.ps1
Created July 16, 2020 14:40
Param(
[Parameter(Mandatory, Position = 0)]
[string]$HostDrive,
[Parameter(Mandatory, Position = 1)]
[string]$LocalDrive
)
# Script to map a host drive inside a Windows Docker Server Container
# You need to be an admin in the container for this to work.
# Use as .\map_host_drive C: X:
@BenWoodford
BenWoodford / lh2.md
Last active October 17, 2023 02:33
Lighthouse 2.0 GATT Information

All control characteristics are under Service 00001523-1212-EFDE-1523-785FEABCD124

Characteristics

Mode = 00001524-1212-EFDE-1523-785FEABCD124 (READ, WRITE, NOTIFY)

Identify = 00008421-1212-EFDE-1523-785FEABCD124 (WRITE)

Power State = 00001525-1212-EFDE-1523-785FEABCD124 (WRITE, newer firmware also had READ and NOTIFY)

@typokign
typokign / zoomsucks.md
Last active September 8, 2023 05:06
Zoom Sucks

Zoom Sucks

  • Zoom abuses the installer flow on MacOS to bypass permissions dialogs (source)
  • Zoom sends identifying device info to Facebook, even when users don't have a Facebook account (source) (fixed)
  • A bug in Zoom sent identifying information (including email addresses and profile pictures) of thousands of users to strangers (source)
  • Zoom claims that meetings are end-to-end encrypted in their white paper and marketing materials, but meetings are only encrypted in transit, and are available in plaintext to Zoom servers and employees. (source)
  • zoomAutenticationTool can be used to escalat
@gboudreau
gboudreau / AuthyToOtherAuthenticator.md
Last active September 20, 2024 19:47 — forked from Ingramz/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Exporting your 2FA tokens from Authy to transfer them into another 2FA application

IMPORTANT - Update regarding deprecation of Authy desktop apps

Past August 2024, Authy stopped supported the desktop version of their apps:
See Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August for details.

And indeed, after a while, Authy changed something in their backend which now prevents the old desktop app from logging in. If you are already logged in, then you are in luck, and you can follow the instructions below to export to tokens.

If you are not logged in anymore, but can find a backup of the necessary files, then restore those files, and re-install Authy 2.2.3 following the instructions below, and it should work as expected.

@blha303
blha303 / docs.md
Last active April 20, 2021 12:10
Life Is Strange stats server investigation
@AKosterin
AKosterin / DexGuardStringDecoder.java
Created August 16, 2015 23:05
JEB Plugin for decrypt DexGuard encrypted Strings.
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.Dex;
import jeb.api.dex.DexCodeItem;
import jeb.api.dex.DexFieldData;
import jeb.api.dex.DexMethod;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;
@dosomder
dosomder / sinalaysis.cs
Last active July 19, 2023 01:17
Xperia SIN Structure analysis
// ==========================================================
// Sony Xperia SIN (Firmware flashable files) analysis
//
// Author: zxz0O0
// Started: 2014-06-05
// Notes: Numbers are big endian
// Credits: Androxyde
// ==========================================================
struct SinFile
@XVilka
XVilka / TrueColour.md
Last active September 19, 2024 04:17
True Colour (16 million colours) support in various terminal applications and terminals

THIS GIST WAS MOVED TO TERMSTANDARD/COLORS REPOSITORY.

PLEASE ASK YOUR QUESTIONS OR ADD ANY SUGGESTIONS AS A REPOSITORY ISSUES OR PULL REQUESTS INSTEAD!