tinkershell trickery
After a couple of years, I published a new one of the famous boomsh exploits. This time for an IoT devel board, running a Debianish distribution for ARM. https://github.com/stealth/tinkershell
View ArticlePSC SOCKS trickery
I submitted a patch to PSC SOCKS handling. The bug that was fixed could lead to poor browsing experience. By now, its not necessary anymore to click the reload button to finish loading of some sites.
View ArticleArmbian trickery
Some new root magic for IoT ARM boards. This time for Armbian, in a very generic way so to run on almost all boards.
View ArticleNew quircs
The small footprint quirc QR decoding lib has merged some fixes that makes it way more reliable when scanning flipped QR codes. I merged these fixes myself to opmsg-qr (which forks quirc), so its in...
View ArticleDGC trickery
In order to re-find all the necessary documents easily, I created a repo to have the EU vaccination certificate stuff in a single place. I will add code, keys and threat analysis as I go.
View Articleharddns updates
Google DoH again changed their JSON replies, so I had to adjust my harddns parsing. Otherwise you will get NXDOMAIN when asking 8.8.8.8.
View Articlemultiple stuff trickery
I added some new features and workarounds to some of my projects:* New features for crash, namely TCP and UDP port forwarding similar to psc and some other neat stuff* better support for brainkey...
View ArticlePost-Quantum opmsg trickery
I have added patches to opmsg to implement PQC during the transitioning phase. Adding PQC sounds easier than it actually is, as there are several (administrative) problems:* So far, no PQC algo has...
View ArticleDevOps trickery
I released some DevOps research about self-replicating code spreading across gits.
View ArticleOpenSSL 3.0.0 API trickery
I refactored opmsg for the new OpenSSL 3.0.0 API and put it into the openssl3-dev branch. Master branch is still the main development branch and both branches produce 1:1 identical output of messages,...
View ArticleAnniversary trickery
Some of you probably already noticed in past, but almost exactly one year ago, I founded my own company:You can find more details about the exact services at our gh landing page. In order to celebrate...
View ArticleNew commits trickery
I commited some changes to some of my gh projects:psc is now using an embedded AES and SHA-512 implementation, in order for easier builds for embedded systems w/o proper SDK support. E.g. it is now...
View ArticleParallel find trickery
Since a parallel version of nftw() already existed inside my greppin project, it was only little effort to add a parallel find: spot
View ArticleSNI trickery
We at c->skills know how the Hase läuft and therefore made a writeup on SNI probing and blocking.
View ArticleDTLS trickery
Probably the last post in 2022.I fixed SOCKS5 handling in psc and crash so that it is now possible to use it with curl and IPv6. Also added DTLS (read: TLS over UDP) support for crash in order to make...
View ArticleTunneling trickery
I re-polished a 10y old project that is one of the most complete tunneling solutions available for ICMP, ICMPv6, DNS over IP and DNS over IPv6 when it comes to setting up connectivity in restrictive...
View ArticleMore tunneling trickery
In order to properly proxy messenger apps from censored networks to outside, I added the -X switch to crash and documented on how you would configure your setup within the contrib folder.It is already...
View ArticleNew 7350 0day trickery (cybah cybah)
Manjaro seems to be quite popular distro, according to distrowatch. LPE can be found here.
View ArticleMore crash + psc trickery
I reworked the local address binding and connecting part of my anti censorship tools crash and psc, so it is now possible to use SOCKS5 client side connects by using -x (similar to curl) and to let the...
View ArticleRoaming trickery
I added support for roaming and suspend/resume to crash. Now you can change your IP, VPN, physlayer, NAT, VM-routing etc. at runtime and stay connected to your remote shell. You may also suspend the...
View Articlecrash + psc 37c3 release
crash and psc now build and run on Windoze systems. psc contains a new feature that lets you bounce binary data back and forth through your local pty to a e.g. remote netcat, dd or other utilities so...
View Articlerustup client sides trickery
I tried to understand some things about the rust build/eco system and were surprised how easy it is to pwn. Wonder whether its the same for golang.
View ArticleMore censorship trickery
I updated some of my git repos. crash can now be used with Disguise Filters to serve an innocent redirect webpage when certain secrets are not passed beforehand so nobody except you will ever see that...
View Article