- Main CPU: rk3368
- HW model and dts source: Rockchip PX5 EVB V11
- MCU: STM32F091vct6 (256 Kbytes of Flash memory and 32 Kbytes of SRAM) datsheet
q3k
/ hashes.txt
Last active
April 28, 2025 12:32
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0810 b' from ' | |
| 0678 b' ssh2' | |
| 00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
| 0708 b'%s' | |
| 0108 b'/usr/sbin/sshd\x00' | |
| 0870 b'Accepted password for ' | |
| 01a0 b'Accepted publickey for ' | |
| 0c40 b'BN_bin2bn\x00' | |
| 06d0 b'BN_bn2bin\x00' | |
| 0958 b'BN_dup\x00' |
the-moog
/ fixexec.py
Last active
May 23, 2025 03:52
Python script to fix the "exec format error" seen with tools like gzip in WSL with Ubuntu 22.04 in Q1/Q2 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| r""" | |
| This script can be used to fix the "exec format error" seen with tools like gzip in | |
| WSL with Ubuntu 22.04 in Q1/Q2 2022 | |
| A hacky fix for broken executables in WSL/Ubuntu 22.0 | |
| see https://github.com/microsoft/WSL/issues/8219 | |
yinonburgansky
/ windows-acceleration-function.py
Last active
June 10, 2025 00:05
windows acceleration function
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # calculation are based on http://www.esreality.com/index.php?a=post&id=1945096 | |
| # assuming windows 10 uses the same calculation as windows 7. | |
| # guesses have been made calculation is not accurate | |
| # touchpad users make sure your touchpad is calibrated with `sudo libinput measure touchpad-size` | |
| # import matplotlib.pyplot as plt | |
| import struct | |
| # set according to your device: | |
| xinput_device_id = 13 | |
| device_dpi = 1000 # mouse dpi |
saagarjha
/ library_injector.cpp
Last active
June 11, 2025 04:33
Load a library into newly spawned processes (using DYLD_INSERT_LIBRARIES and EndpointSecurity)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // To compile: clang++ -arch x86_64 -arch arm64 -std=c++20 library_injector.cpp -lbsm -lEndpointSecurity -o library_injector, | |
| // then codesign with com.apple.developer.endpoint-security.client and run the | |
| // program as root. | |
| #include <EndpointSecurity/EndpointSecurity.h> | |
| #include <algorithm> | |
| #include <array> | |
| #include <bsm/libbsm.h> | |
| #include <cstddef> | |
| #include <cstdint> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Utility to dump and restore a 24c256 eeprom. | |
| (Changing the defines it will work with other eeproms too.) | |
| Remember that 24c256 has 16 bit addressing. | |
| Smaller ones have 8 bit addressing. | |
| By Zibri. |
Informatic
/ cursors.sh
Created
April 16, 2021 18:05
simple tool to apply overlayfs over specific directories
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Directory to store overlays in (one directory structure is created per overlay configured down below) | |
| OVERLAY_BASE=/home/root/overlays | |
| overlay() { | |
| set -e | |
| overlay_id="$(echo $1 | sed 's;/;__;g')" | |
| unset TARGET SOURCE FSTYPE OPTIONS | |
| eval $(findmnt -P $1) |
generalmimon
/ log2_int32.ksy
Created
January 30, 2021 14:41
A Kaitai Struct YAML specification for finding the log2 of a 32-bit integer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| meta: | |
| id: log2_int32 | |
| title: Find the log base 2 of a 32-bit integer | |
| license: CC0-1.0 | |
| doc-ref: https://graphics.stanford.edu/~seander/bithacks.html#IntegerLog | |
| # params: | |
| # - id: val | |
| # type: u4 | |
| seq: | |
| - id: log2 |
Blog 2020/5/7
<- previous | index | next ->
EDIT 2024/12/1: I updated a few of these commands to work with qemu 9.x.
The microcontroller that I studied was removed from a Volkswagen car radio manufactured by Delco (now Delphi). The chip had only Delco markings on the package. It was decapsulated and the markings "NEC D78F0831Y" were found on the die. I reverse engineered the device definition files for the NEC toolchain (RA78K0) and determined that the uPD78F0831Y is a subset of a documented chip, the uPD78F0833Y. The '833Y adds 3 more timers, extended I2C functionality, and adds registers that allow firmware running on the '833Y to reprogram the flash ("self-programming"). Otherwise, the '831Y and '833Y are the same.
The uPD78F0831Y uses the NEC 78K0 core. Note that NEC (now Renesas) produced a number of incompatible cores with similar names such as 78K0S and 78K0R. Those
NewerOlder