swisskyrepo
/
swisskyrepo.github.io
mirror of https://github.com/swisskyrepo/swisskyrepo.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix typo in subtitles

master
Swissky 2024-10-02 20:06:23 +02:00
parent cd1da35c48
commit e245a8eb44
6 changed files with 9 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
_posts/2018-1-18-WhidInjector.md
View File

@ -3,7 +3,6 @@ layout: post
title: WHID Injector - Tips and Tricks
---
## WHID Injector - Tips and Tricks
What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more.
What can I do ? Everything you could do with a keyboard plugged into a computer, for example : using [WHID Toolkit](https://github.com/swisskyrepo/WHID_Toolkit) you can spawn a reverse-shell :D

2
_posts/2019-12-26-DVID.md
View File

@ -3,8 +3,6 @@ layout: post
title: DVID - Damn Vulnerable IoT Device
---
## DVID - Damn Vulnerable IoT Device
Who ever wanted to learn about Hardware Hacking ? I found this small opensource **IoT hacking** learning board while I was in a security event. It is designed by [@vulcainreo](https://twitter.com/vulcainreo/) and cost around 45€, more than 300 units were shipped around the world.
Let's dig into this awesome project and clone the git : `https://github.com/Vulcainreo/DVID.git` !

4
_posts/2024-01-15-Drink-Love-Share-Rump.md
View File

@ -3,9 +3,7 @@ layout: post
title: DLS 2024 - RedTeam Fails - "Oops my bad I ruined the operation"
---
## Red Team Fails - "Oops my bad I ruined the operation", a story on how to fail a red team assessment.
TLDR: Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic.
Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic.
![](/images/DrinkLoveShare24/rump_redteam_dino-0.jpg)

2
_posts/2024-02-04-Ph0wn-Flag-Digger.md
View File

@ -3,8 +3,6 @@ layout: post
title: Ph0wn CTF 2019 - Flag Digger
---
## Ph0wn CTF 2019 - Flag Digger
TLDR: It's never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it.
![](/images/Ph0wn/ph0wn_chip_dip2deep_min.jpg)

2
_posts/2024-06-13-SSRFmap-axfr.md
View File

@ -3,8 +3,6 @@ layout: post
title: SSRFmap - Introducing the AXFR module
---
## SSRFmap - Introducing the AXFR module
After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called `axfr` to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it.
![](/images/SSRFmapAXFR/banner_text.png)

17
_posts/2024-08-30-Pokemon-Glitches.md
View File

@ -3,9 +3,7 @@ layout: post
title: Anatomy of Pokemon glitches
---
# Anatomy of Pokemon glitches
Anatomy of Pokemon glitches, or how to impress your school friends during break time.
Digging into the anatomy of Pokemon Yellow glitches, or how to impress your school friends during break time.
![](/images/PokemonGlitches/pikachu-yellow.png)
@ -41,7 +39,8 @@ Here are the requirements to follow along the blog post and replicate the glitch
Sameboy support symbol files, you can build the ROM and then put breakpoints on specific functions using their name. Here is the symbol file for the original Pokemon Yellow rom : [pokeyellow.sym](https://raw.githubusercontent.com/pret/pokeyellow/symbols/pokeyellow.sym)
```ps1
{% highlight powershell%}
# breakpoint
> b BattleTransition
Breakpoint 1 set at BattleTransition ($1c:$49d7)
@ -56,7 +55,7 @@ BattleTransition:
# display the content of the memory for the address
ex wViridianForestCurScript
ex $cd2d
```
{% endhighlight %}
The following commands are a huge help when we want to debug our actions, pause the game or display the content of the memory at a specific address.
@ -158,21 +157,21 @@ The lower bytes of `wEnemyMonUnmodifiedSpecial` (`$CD2C $CD2D`) is located at th
`wEngagedTrainerClass` correspond to the type of Trainer that is battling you, for example: "Youngster", "Bug Catcher", "Athlete", "Fisher", etc. And the `wEngagedTrainerSet` is the number of the trainer.
```ps1
{% highlight powershell%}
wEngagedTrainerClass = 201 (0xC9)
wEngagedTrainerSet = 6
# Youngster #6
```
{% endhighlight %}
But this is also used for wild Pokemon, the first variable is used to define the **ID**, and the second is the **LEVEL**.
For example, the following data is a Gengar level 35.
```ps1
{% highlight powershell%}
wEngagedTrainerClass = 14 (0xe)
wEngagedTrainerSet = 35
# Gengar LVL35
```
{% endhighlight %}
If you want to calculate manually the spaces displayed on the GIF, here are a remainder of the units: