profile
viewpoint

greatscottgadgets/ubertooth 1355

Software, firmware and hardware designs for Ubertooth

mikeryan/crackle 564

Crack and decrypt BLE encryption

blendin/3snake 441

Tool for extracting information from newly spawned processes

greatscottgadgets/yardstick 158

Yet Another Radio Dongle

greatscottgadgets/gr-bluetooth 132

A Bluetooth receiver implementation for GNU Radio

greatscottgadgets/libbtbb 128

A Bluetooth baseband decoding library

mikeryan/n64dev 127

Open source Nintendo 64

greatscottgadgets/greatfet-hardware 111

This repository is deprecated. Go to:

mikeryan/PyBT 76

Hackable Bluetooth stack in Python

mikeryan/ems-flasher 71

EMS Flasher for the GB USB smart card 64M GameBoy flash cartridge

issue commentblendin/3snake

Support for Solaris

Couple things here. First of all a Linux bin won't work on Solaris period. You would need to compile 3snake for Solaris.

Secondly, the approach 3snake currently uses for syscall tracing is the Linux-specific ptrace system call. To support Solaris, the guts of the tool would need to be rewritten to use its Pgrab interface, and somehow monitor new process creation via dtruss. I haven't seen any solid docs on how to do the latter, so if anyone knows please link them on this ticket.

Finally, the Solaris box you're on is Sparc-based, not Intel.

kildonan5

comment created time in a month

issue commentgreatscottgadgets/ubertooth

PCAP Time Discontinuities

Just to chime in here... thank you for your analysis and insights. The original devs are long gone, and a lot of the choices made over the years are questionable at best. I am more than open to major refactors and breaking changes if they make the project overall better. @orgua if you are on the fence about making any of these contributions, know that I would welcome them with open arms.

ussjoin

comment created time in a month

pull request commentblendin/3snake

Add support for CentOS/RHEL

Tested against CentOS 6.2 and CentOS 7.8, see screenshots. Screen Shot 2020-09-27 at 3 37 48 PM Screen Shot 2020-09-27 at 3 41 02 PM

mikeryan

comment created time in a month

push eventmikeryan/3snake

Mike Ryan

commit sha faa96a3ef433f45feb96a9f44646bd39d1af72b4

disconnect from sudo after pipe2 or select Old versions of CentOS call clone repeatedly before the password is captured, causing the old behavior of detaching on clone to not capture passwords. Instead we wait on pipe2 for modern Linux and select for old CentOS, which occur shortly after the password is captured. See #2

view details

Mike Ryan

commit sha 8deee560937f3571d22c8dc6bdbf58dcdd5d8c03

restart ptrace when system calls are interrupted by SIGUSR1 Without this bit of code, we were missing interrupted system calls which often included the read of the password in su.

view details

Mike Ryan

commit sha 6bf542dec5a18dcf0580fc1440d34a858ab05ba2

detach from su on rt_sigprocmask(SIG_SETMASK, ...) The previous code that detaches on clone would miss the password on old CentOS systems. Instead we detach on rt_sigprocmask(SIG_SETMASK, ...) which occurs immediately after the password is captured. It is is still called if no password is required (as in the case of root calling su). Along with the previous commits, fixes #2

view details

push time in a month

delete branch mikeryan/3snake

delete branch : add_centos_support_test

delete time in a month

push eventmikeryan/3snake

Mike Ryan

commit sha 8deee560937f3571d22c8dc6bdbf58dcdd5d8c03

restart ptrace when system calls are interrupted by SIGUSR1 Without this bit of code, we were missing interrupted system calls which often included the read of the password in su.

view details

Mike Ryan

commit sha 6bf542dec5a18dcf0580fc1440d34a858ab05ba2

detach from su on rt_sigprocmask(SIG_SETMASK, ...) The previous code that detaches on clone would miss the password on old CentOS systems. Instead we detach on rt_sigprocmask(SIG_SETMASK, ...) which occurs immediately after the password is captured. It is is still called if no password is required (as in the case of root calling su). Along with the previous commits, fixes #2

view details

push time in a month

create barnchmikeryan/3snake

branch : add_centos_support_test

created branch time in a month

PR opened blendin/3snake

Add support for CentOS/RHEL

On CentOS/RHEL sudo support was not working. The first character returned on a read of length 1 was '\0', followed by the password characters, and there was no terminating '\0'. This code dumps the password if a read of length > 1 occurs and a password has been captured.

Fixes #11 Fixes #2

+5 -0

0 comment

1 changed file

pr created time in a month

create barnchmikeryan/3snake

branch : add_centos_support

created branch time in a month

fork mikeryan/3snake

Tool for extracting information from newly spawned processes

fork in a month

PR opened bootleg/ret-sync

[ext_ghidra] correctly handle null Address when resolving symbols

If the debugger sends an rln command with an address that does not rebase correctly (example: an address that wraps), a null Address will be passed to getSymAt. This throws a NullPointerException that requires the CodeBrowser tool to be closed and reopened before the plugin functions again.

+6 -0

0 comment

1 changed file

pr created time in 2 months

create barnchmikeryan/ret-sync

branch : fix_null_address

created branch time in 2 months

fork mikeryan/ret-sync

ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra disassemblers.

fork in 2 months

more