From e245a8eb44613f559f43cebe0a6ea8c5537a2e58 Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Wed, 2 Oct 2024 20:06:23 +0200 Subject: [PATCH] Fix typo in subtitles --- _posts/2018-1-18-WhidInjector.md | 1 - _posts/2019-12-26-DVID.md | 2 -- _posts/2024-01-15-Drink-Love-Share-Rump.md | 4 +--- _posts/2024-02-04-Ph0wn-Flag-Digger.md | 2 -- _posts/2024-06-13-SSRFmap-axfr.md | 2 -- _posts/2024-08-30-Pokemon-Glitches.md | 17 ++++++++--------- 6 files changed, 9 insertions(+), 19 deletions(-) diff --git a/_posts/2018-1-18-WhidInjector.md b/_posts/2018-1-18-WhidInjector.md index 6c3241b..f334162 100755 --- a/_posts/2018-1-18-WhidInjector.md +++ b/_posts/2018-1-18-WhidInjector.md @@ -3,7 +3,6 @@ layout: post title: WHID Injector - Tips and Tricks --- -## WHID Injector - Tips and Tricks What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more. What can I do ? Everything you could do with a keyboard plugged into a computer, for example : using [WHID Toolkit](https://github.com/swisskyrepo/WHID_Toolkit) you can spawn a reverse-shell :D diff --git a/_posts/2019-12-26-DVID.md b/_posts/2019-12-26-DVID.md index 3104ba8..ebdbdc7 100755 --- a/_posts/2019-12-26-DVID.md +++ b/_posts/2019-12-26-DVID.md @@ -3,8 +3,6 @@ layout: post title: DVID - Damn Vulnerable IoT Device --- -## DVID - Damn Vulnerable IoT Device - Who ever wanted to learn about Hardware Hacking ? I found this small opensource **IoT hacking** learning board while I was in a security event. It is designed by [@vulcainreo](https://twitter.com/vulcainreo/) and cost around 45€, more than 300 units were shipped around the world. Let's dig into this awesome project and clone the git : `https://github.com/Vulcainreo/DVID.git` ! diff --git a/_posts/2024-01-15-Drink-Love-Share-Rump.md b/_posts/2024-01-15-Drink-Love-Share-Rump.md index 7e6ae2e..1120138 100644 --- a/_posts/2024-01-15-Drink-Love-Share-Rump.md +++ b/_posts/2024-01-15-Drink-Love-Share-Rump.md @@ -3,9 +3,7 @@ layout: post title: DLS 2024 - RedTeam Fails - "Oops my bad I ruined the operation" --- -## Red Team Fails - "Oops my bad I ruined the operation", a story on how to fail a red team assessment. - -TLDR: Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic. +Recently I had the pleasure to give a rump during the "Drink Love Share" meet organized by [TheLaluka](https://twitter.com/TheLaluka). This blog post will delve deeper into the topic. ![](/images/DrinkLoveShare24/rump_redteam_dino-0.jpg) diff --git a/_posts/2024-02-04-Ph0wn-Flag-Digger.md b/_posts/2024-02-04-Ph0wn-Flag-Digger.md index 9e579b3..cb87ed8 100644 --- a/_posts/2024-02-04-Ph0wn-Flag-Digger.md +++ b/_posts/2024-02-04-Ph0wn-Flag-Digger.md @@ -3,8 +3,6 @@ layout: post title: Ph0wn CTF 2019 - Flag Digger --- -## Ph0wn CTF 2019 - Flag Digger - TLDR: It's never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it. ![](/images/Ph0wn/ph0wn_chip_dip2deep_min.jpg) diff --git a/_posts/2024-06-13-SSRFmap-axfr.md b/_posts/2024-06-13-SSRFmap-axfr.md index 524f3a3..6930330 100644 --- a/_posts/2024-06-13-SSRFmap-axfr.md +++ b/_posts/2024-06-13-SSRFmap-axfr.md @@ -3,8 +3,6 @@ layout: post title: SSRFmap - Introducing the AXFR module --- -## SSRFmap - Introducing the AXFR module - After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called `axfr` to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it. ![](/images/SSRFmapAXFR/banner_text.png) diff --git a/_posts/2024-08-30-Pokemon-Glitches.md b/_posts/2024-08-30-Pokemon-Glitches.md index 9f0c66b..757bcc2 100755 --- a/_posts/2024-08-30-Pokemon-Glitches.md +++ b/_posts/2024-08-30-Pokemon-Glitches.md @@ -3,9 +3,7 @@ layout: post title: Anatomy of Pokemon glitches --- -# Anatomy of Pokemon glitches - -Anatomy of Pokemon glitches, or how to impress your school friends during break time. +Digging into the anatomy of Pokemon Yellow glitches, or how to impress your school friends during break time. ![](/images/PokemonGlitches/pikachu-yellow.png) @@ -41,7 +39,8 @@ Here are the requirements to follow along the blog post and replicate the glitch Sameboy support symbol files, you can build the ROM and then put breakpoints on specific functions using their name. Here is the symbol file for the original Pokemon Yellow rom : [pokeyellow.sym](https://raw.githubusercontent.com/pret/pokeyellow/symbols/pokeyellow.sym) -```ps1 + +{% highlight powershell%} # breakpoint > b BattleTransition Breakpoint 1 set at BattleTransition ($1c:$49d7) @@ -56,7 +55,7 @@ BattleTransition: # display the content of the memory for the address ex wViridianForestCurScript ex $cd2d -``` +{% endhighlight %} The following commands are a huge help when we want to debug our actions, pause the game or display the content of the memory at a specific address. @@ -158,21 +157,21 @@ The lower bytes of `wEnemyMonUnmodifiedSpecial` (`$CD2C $CD2D`) is located at th `wEngagedTrainerClass` correspond to the type of Trainer that is battling you, for example: "Youngster", "Bug Catcher", "Athlete", "Fisher", etc. And the `wEngagedTrainerSet` is the number of the trainer. -```ps1 +{% highlight powershell%} wEngagedTrainerClass = 201 (0xC9) wEngagedTrainerSet = 6 # Youngster #6 -``` +{% endhighlight %} But this is also used for wild Pokemon, the first variable is used to define the **ID**, and the second is the **LEVEL**. For example, the following data is a Gengar level 35. -```ps1 +{% highlight powershell%} wEngagedTrainerClass = 14 (0xe) wEngagedTrainerSet = 35 # Gengar LVL35 -``` +{% endhighlight %} If you want to calculate manually the spaces displayed on the GIF, here are a remainder of the units: