Tested on macOS Sonoma Developer beta 2 (23A5276g)
- Download openssh-portable source code, install
libcrypto,libfido2; - Configure openssh-portable build system by
./configure # [options].
Alex James al3xtjames
thelastlin
/ libsk-libfido2_BUILD_FROM_OPENSSH.md
Last active
March 22, 2025 14:07
Build libsk-libfido2.so from OpenSSH-portable
antifuchs
/ boot-unlock.nix
Created
September 12, 2022 19:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To set this up, first get tailscale working in an isolated linux shell: | |
| # 1. sudo systemctl stop tailscaled.service | |
| # 2. tailscaled -port 9993 -state tailscale-luks-setup.state -tun userspace-networking -socket ./tailscaled.sock | |
| # 3. tailscale -socket ./tailscaled.sock up -hostname HOSTNAME-luks | |
| # 4. tailscale -socket ./tailscaled.sock down | |
| # 5. ctrl-c out of tailscaled | |
| # 6 sudo systemctl start tailscaled.service | |
| # | |
| # Then add the .state file to your machine secrets and pass its path as tailscaleStatePath. |
joevt
/ ThunderboltUtil.sh
Last active
December 22, 2024 06:50
A set of functions to examine and modify Thunderbolt DROMs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/zsh | |
| # ThunderboltUtil.sh v1.7 | |
| # by joevt Dec 5, 2024 | |
| #========================================================================================= | |
| # | |
| # | |
| # Thunderbolt DROM Notes: | |
| # | |
| # |
saagarjha
/ CreateGhidraApp.sh
Last active
April 2, 2025 09:00
Creates a Ghidra.app bundle for macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -eu | |
| create_iconset() { | |
| mkdir -p Ghidra.iconset | |
| cat << EOF > Ghidra.iconset/Contents.json | |
| { | |
| "images": | |
| [ |
azenla
/ disable-ssl-pin.js
Created
October 11, 2019 22:26
This Frida script disables SSL pinning and verification on any target macOS Catalina process.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var SecTrustEvaluate_handle = | |
| Module.findExportByName('Security', 'SecTrustEvaluate'); | |
| var SecTrustEvaluateWithError_handle = | |
| Module.findExportByName('Security', 'SecTrustEvaluateWithError'); | |
| var SSL_CTX_set_custom_verify_handle = | |
| Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_custom_verify'); | |
| var SSL_get_psk_identity_handle = | |
| Module.findExportByName('libboringssl.dylib', 'SSL_get_psk_identity'); | |
| var boringssl_context_set_verify_mode_handle = Module.findExportByName( | |
| 'libboringssl.dylib', 'boringssl_context_set_verify_mode'); |
marcan
/ roca_test.py
Last active
June 20, 2022 19:33
Non-obfuscated version of the ROCA Infineon RSA key test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys | |
| # Credit: https://crypto.stackexchange.com/questions/52292/what-is-fast-prime | |
| generators = [ | |
| (2, 11), (6, 13), (8, 17), (9, 19), (3, 37), (26, 53), (20, 61), (35, 71), | |
| (24, 73), (13, 79), (6, 97), (51, 103), (53, 107), (54, 109), (42, 127), | |
| (50, 151), (78, 157), | |
| ] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SMBLoris attack proof-of-concept | |
| * | |
| * Copyright 2017 Hector Martin "marcan" <marcan@marcan.st> | |
| * | |
| * Licensed under the terms of the 2-clause BSD license. | |
| * | |
| * This is a proof of concept of a publicly disclosed vulnerability. | |
| * Please do not go around randomly DoSing people with it. | |
| * | |
| * Tips: do not use your local IP as source, or if you do, use iptables to block |
spaze
/ opera-vpn.md
Last active
December 22, 2024 15:50
Opera VPN behind the curtains is just a proxy, here's how it works
ℹ️ Please note this research is from 2016 when Opera has first added their browser "VPN", even before the "Chinese deal" was closed. They have since introduced some real VPN apps but this below is not about them.
🕵️ Some folks also like to use this article to show a proof that the Opera browser is a spyware or that Opera sells all your data to 3rd parties or something like that. This article here doesn't say anything like that.
When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to https://api.surfeasy.com to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.
The browser then talks to a proxy de0.opera-proxy.net (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's 185.108.219.42 (or similar, see below). It's an HTTP/S proxy which requires auth.
mjg59
/ gist:8d9d494da56fbe6d8992
Created
February 1, 2016 03:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| commit 3f5e3bdbb45bc2cd9ae95972420eb11b0340f120 | |
| Author: Matthew Garrett <[email protected]> | |
| Date: Mon Feb 1 13:31:00 2016 +1100 | |
| Block most UEFI variable deletions | |
| Some systems appear to become upset if certain UEFI non-volatile variables | |
| are delted, to the point of no longer POSTing successfully. For a short-term | |
| fix, let's just block deletion of most variables while we figure out a | |
| better approach. |
freundTech
/ js-horror.js
Last active
January 24, 2020 22:21
Possibly the worst JavaScript ever written
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| this[([]+!![])[!![]+!![]+!![]]+"v"+([]+![])[![]+!![]]+([]+![])[!![]+!![]]](([]+![])[![]+![]]+([]+[][[]])[![]+![]]+([]+[][[]])[![]+!![]]+([]+typeof([]))[!![]+!![]+!![]+!![]]+([]+!![])[![]+![]]+([]+[][[]])[!![]+!![]+!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+[][[]])[![]+!![]]+" "+([]+![])[![]+!![]]+([]+!![])[![]+!![]]+([]+!![])[![]+!![]]+([]+![])[![]+!![]]+"y"+([]+[][[]])[!![]+!![]+!![]+!![]+!![]]+([]+![])[![]+![]]+"y"+"("+([]+!![])[![]+![]]+")"+"{"+"v"+([]+![])[![]+!![]]+([]+!![])[![]+!![]]+" "+([]+typeof([]))[![]+![]]+"="+"{"+([]+![])[![]+!![]]+":"+"\""+"("+"["+"]"+"+"+"!"+"["+"]"+")"+"["+"!"+"["+"]"+"+"+"!"+"!"+"["+"]"+"]"+"\""+","+(typeof(![]))[![]+![]]+":"+"\""+"("+([]+!![])[![]+![]]+"y"+"p"+([]+!![])[!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+![])[![]+![]]+"("+"!"+"["+"]"+")"+")"+"["+"!"+"["+"]"+"+"+"!"+"["+"]"+"]"+"\""+","+([]+typeof([]))[!![]+!![]+!![]+!![]]+":"+"\""+"("+"["+"]"+"+"+([]+!![])[![]+![]]+"y"+"p"+([]+!![])[!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+![])[![]+![]]+"("+"["+"]"+")"+")"+"[ |
NewerOlder