Skip to content

Instantly share code, notes, and snippets.

View AushaTeam's full-sized avatar
🎯
Focusing

AushaTeam AushaTeam

🎯
Focusing
26 followers · 155 following
  • Telefonika Service Center EG
  • EGYPT,Alexandria
  • X @aushateam1
View GitHub Profile
@AushaTeam
AushaTeam / gist:0677210605f72f4bb12b5bdce01c286b
Created February 24, 2022 12:03 — forked from DD3Boh/gist:6c51fd3c5f91b1042e956771483714de
How to merge a newer CAF tag in an android kernel
First go here:
https://wiki.codeaurora.org/xwiki/bin/QAEP/release
This site gives information about all msm soc release details with tag + android version
Search your msm here.. Check the latest one and look for correct android version and mark that tag.
Now open one of the following links (dependent on your linux kernel version)
@AushaTeam
AushaTeam / modernizr.js
Created January 18, 2022 10:42 — forked from patrickkettner/modernizr.js
/**package
{ "name": "modernizr",
"version": "2.8.3",
"description":"Modernizr, without the complaints" }
**/
/*!
* Modernizr v2.8.3
* www.modernizr.com
*
@AushaTeam
AushaTeam / mac-efi-firmware-password.md
Created January 1, 2022 14:23 — forked from willzhang05/mac-efi-firmware-password.md

Removing a Mac's Firmware Password By Reflashing EFI ROM

According to Apple, the only way to remove an unknown firmware password from a MacBook (2011 and later) is to take it to the Apple Store with the original proof-of-purchase. However, I've found that there is another way, which I've been successful with for the unibody MacBook Pro--it's essentially just modifying a couple bytes in the EFI ROM, which should be simple. What's not simple, however, is figuring out how to read and write to the EFI chip. In this post, I'll talk about the process that I figured out and what worked for me.

The Official Method

Apple's method of resetting the firmware password is not reproducible, as Apple generates an SCBO file that unlocks the EFI using their private key. You can read more about this process here. The problem with this system is that, if you are in the unfortunate situation of neither having the firmware unlock pass

@AushaTeam
AushaTeam / ps4.html
Created December 17, 2021 17:15 — forked from sleirsgoevy/ps4.html
PS4 WebKit exploit on 9.00
<script>
var PAGE_SIZE = 16384;
var SIZEOF_CSS_FONT_FACE = 0xb8;
var HASHMAP_BUCKET = 208;
var STRING_OFFSET = 20;
var SPRAY_FONTS = 0x1000;
var GUESS_FONT = 0x200430000;
var NPAGES = 20;
var INVALID_POINTER = 0;
var HAMMER_FONT_NAME = "font8"; //must take bucket 3 of 8 (counting from zero)
@AushaTeam
AushaTeam / apollo.txt
Created December 10, 2021 21:45 — forked from littlelailo/apollo.txt
Apple Bootrom Bug
This bug was also called moonshine in the beginning
Basically the following bug is present in all bootroms I have looked at:
1. When usb is started to get an image over dfu, dfu registers an interface to handle all the commands and allocates a buffer for input and output
2. if you send data to dfu the setup packet is handled by the main code which then calls out to the interface code
3. the interface code verifies that wLength is shorter than the input output buffer length and if that's the case it updates a pointer passed as an argument with a pointer to the input output buffer
4. it then returns wLength which is the length it wants to recieve into the buffer
5. the usb main code then updates a global var with the length and gets ready to recieve the data packages
6. if a data package is recieved it gets written to the input output buffer via the pointer which was passed as an argument and another global variable is used to keep track of how many bytes were recieved already
7. if all the data was recieved th
@AushaTeam
AushaTeam / ios_14_downgrade.md
Created December 10, 2021 20:17
How to downgrade from iOS 15 to iOS 14

How to downgrade from iOS 15 to iOS 14

The latest SEP/BB as of right now is iOS 15.1, and is partially or fully compatible with iOS 14 depending on your device. See the appropriate section for exact compatibility info.

Prequisites

Notes

  • If the exploit fails even after multiple attempts or your device reboots out of DFU mode, you'll have to start over from the beginning and be quicker next time. (You don't have to redownload anything though.) You may have to force restart your device if it's stuck in DFU.
@AushaTeam
AushaTeam / ios_14_downgrade.md
Created December 10, 2021 19:39 — forked from pharaoh1/ios_14_downgrade.md
How to downgrade from iOS 15 to iOS 14

How to downgrade from iOS 15 to iOS 14

The latest SEP/BB as of right now is iOS 15.1, and is partially or fully compatible with iOS 14 depending on your device. See the appropriate section for exact compatibility info.

Prequisites

Notes

  • If the exploit fails even after multiple attempts or your device reboots out of DFU mode, you'll have to start over from the beginning and be quicker next time. (You don't have to redownload anything though.) You may have to force restart your device if it's stuck in DFU.
@AushaTeam
AushaTeam / checkm8_a8_a9.patch usage.md
Created December 9, 2021 23:13 — forked from a1exdandy/checkm8_a8_a9.patch usage.md
checkm8_a8_a9.patch usage
@AushaTeam
AushaTeam / checkm8_a8_a9.patch
Created December 7, 2021 21:13 — forked from a1exdandy/checkm8_a8_a9.patch
ipwndfu patch for s8000/s8003/t7000
diff --git a/Makefile b/Makefile
index 96e99b7..4884309 100644
--- a/Makefile
+++ b/Makefile
@@ -43,6 +43,10 @@ arm64:
gobjcopy -O binary -j .text bin/checkm8_arm64.o bin/checkm8_arm64.bin
rm bin/checkm8_arm64.o
+ xcrun -sdk iphoneos clang src/checkm8_nopaddingcorruption_arm64.S -target arm64-apple-darwin -Wall -o bin/checkm8_nopaddingcorruption_arm64.o
+ gobjcopy -O binary -j .text bin/checkm8_nopaddingcorruption_arm64.o bin/checkm8_nopaddingcorruption_arm64.bin