Projects
Here you can find some software projects that I've written over the years.
iopshell
A command line interface for interacting with Inteno IOPSYS devices. Exposes and enables hidden functionality.
Article with further information.
inteno-exploits
A collection of exploits for a number of Inteno IOPSYS devices. Most of them were developed with the iopshell tool mentioned above.
Articles for the different exploits present in the repository:
- CVE-2017-11361: article one, article two
- CVE-2017-17867
- CVE-2018-10123
- CVE-2018-14533
- CVE-2018-20487
burp-value-autoupdate
An extension for Burp Suite. Allows watching for specific values in responses (via simple header matches or regex for more complicated patterns). These values can later be used in requests using $placeholders$. The values can also be transformed before using, using JavaScript. This is accomplished using Graal's polyglot capabilities.
hikvision-keygen
A key generator for the password reset key used by Hikvision IP cameras.
Article with further information.
fileless-elf-exec
Generates Python (2/3), Perl, and Ruby code which drops the supplied ELF as a file in memory and executes it (without tmpfs). This makes it possible to execute binaries without leaving traces on the disk.
jekyll-cve-badge
A Jekyll plugin that creates a nice-looking badge for CVE IDs. The plugin grabs the CVSS score (and severity) from NVD and displays them in the badge. The badge can be seen in various articles on this blog.
karch
A KUAL extension for jailbroken Kindles, which automatically manages and makes it easy to launch an Arch Linux chroot environment, including X11, which is drawn on the Kindle's display.
Article with further information.
payload-dumper
An utility for dumping the payload.bin image found in Android update packages. Has significant performance gains over other tools due to multiprocessing.
hidden-hydration
A Fabric mod for Minecraft that slightly alters how the hydration of a farmland block works. Uses mixins to inject Java code into the farmland block's nearby water scanning logic.
nim-chip8
An accurate CHIP-8 emulator. Uses SDL2 for graphics and input.
nim-swayipc
A Nim library for interacting with Sway using its IPC.
swick
An application that moves specific applications from the Sway scratchpad to the active workspace and vice versa. Can be bound to Sway hotkeys to quickly show and hide specific applications. Uses the nim-swayipc library mentioned above.
Other projects not worth mentioning here can be found on my git.dog page.