Translated To ZH-CN | https://bugs.chromium.org/p/project-zero/issues/detail?id=1289
此 Issue 在 2017.6.12 提出,到 2017.9.25 关闭,状态标记为已修复,Broadcom 官方分配的 issue 号是 V2017061204 。
Exploit 解压密码:rrm_exploit -> Archiver
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # initialized | |
| ps aux | |
| cd /etc/ssh | |
| vi ./sshd_config | |
| service sshd restart | |
| apt-get update -y | |
| apt-get upgrade -y |
kmahyyg
/ Issue 1289 - Broadcom OOB write when handling 802.11k Neighbor Report Response.md
Created
January 21, 2018 17:25
Issue 1289 - Broadcom OOB write when handling 802.11k Neighbor Report Response.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Private Sub Worksheet_SelectionChange(ByVal target As Range) | |
| Application.ScreenUpdating = True | |
| On Error Resume Next | |
| If InStr(ActiveCell, "fq") Then | |
| With ActiveCell.Interior | |
| .Color = vbRed | |
| End With | |
| With ActiveCell.Font | |
| .Color = vbWhite | |
| .Bold = True |
kmahyyg
/ scrape.py
Created
March 6, 2018 02:10
— forked from miguelmota/scrape.py
Python Selenium get cookie value
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| from selenium import webdriver | |
| driver = webdriver.Chrome('./chromedriver') | |
| driver.get('https://ui.lkqd.com/login') | |
| assert 'LKQD' in driver.title | |
| time.sleep(2) | |
| username_field = driver.find_element_by_name('username') | |
| username_field.send_keys('myusername') |
kmahyyg
/ deauth.py
Created
June 22, 2018 10:15
— forked from garyconstable/deauth.py
Python Networking Wifi Deauth Attack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| from multiprocessing import Process | |
| import logging | |
| logging.getLogger("scapy.runtime").setLevel(logging.ERROR) | |
| from scapy.all import * | |
| import signal | |
| import threading | |
| from sys import platform | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- encoding: utf-8 -*- | |
| import math | |
| import subprocess | |
| import os | |
| import time | |
| def clipcopy(text): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ERROR: ld.so: object '/home/kmahyyg/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored. | |
| ERROR: ld.so: object '/home/kmahyyg/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored. | |
| pid 8657 != 8637, skipping destruction (fork without exec?) | |
| ERROR: ld.so: object '/home/kmahyyg/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored. | |
| ERROR: ld.so: object '/home/kmahyyg/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored. | |
| SDL video target is 'x11' | |
| SDL failed to create GL compatibility profile (whichProfile=0! | |
| This system supports the OpenGL extension GL_EXT_framebuffer_object. | |
| This system supports the OpenGL extension GL_EXT_framebuffer_blit. | |
| This system supports the OpenGL extension GL_EXT_framebuffer_multisampl |
kmahyyg
/ dnscrypt-proxy.toml
Created
November 18, 2018 06:24
dnscrypt-conf (Arch Linux, China Mainland)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################## | |
| # # | |
| # dnscrypt-proxy configuration # | |
| # # | |
| ############################################## | |
| ## This is an example configuration file. | |
| ## You should adjust it to your needs, and save it as "dnscrypt-proxy.toml" | |
| ## |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;https://www.kmahyyg.xyz/2018/ASM-exp-report2/ For more details. | |
| mov ax,0xb800 ;screen buffer | |
| mov es,ax | |
| ; show string "201x1xx0xxx Yxxx xx xxxxx" | |
| ; 0x07 == bell (in ascii), saved in parital addr | |
| ; 0x07 saved in odd addr, flash, char options | |
| mov byte [es:0x00],'2' | |
| mov byte [es:0x01],0x05 |
OlderNewer