- All content keys were redacted, they should be 128-bit hex strings.
- These methods involve the use of ffmpeg and -cenc_decryption_key which is not part of stable releases as of July 2022. Use nightlies from gyan.dev or some other autobuild in the meantime. Hopefully it gets added in the next stable release.
- On my end none of these were particularly reliable. This may change in the future as FFmpeg evolves. The direct method of playing with ffplay is currently the most reliable out of the listed methods.
steinxborg
steinxborg
/ gist:0e452ce1481699926c3414c773a0dd19
Last active
December 10, 2024 15:23
mpv reconnect flags
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --stream-lavf-o-append=reconnect_on_http_error=4xx,5xx --stream-lavf-o-append=reconnect_delay_max=30 --stream-lavf-o-append=reconnect_streamed=yes --stream-lavf-o-append=reconnect_on_network_error=yes --stream-lavf-o-append=reconnect=1 --stream-lavf-o-append=reconnect_at_eof=1 |
steinxborg
/ _restream_cenc.md
Created
November 14, 2024 09:42
— forked from rlaphoenix/_restream_cenc.md
Ways to re-stream and decrypt MPEG-CENC live streams. (or just play on desktop)
steinxborg
/ README.md
Created
November 13, 2024 21:57
— forked from mrbar42/README.md
bash scripts to create VOD HLS stream with ffmpeg almighty (tested on Linux and OS X)
running:
bash create-vod-hls.sh beach.mkv
will produce:
beach/
|- playlist.m3u8
|- 360p.m3u8
steinxborg
/ _deobfuscating-unminifying-obfuscated-web-app-code.md
Created
November 13, 2024 08:33
— forked from 0xdevalias/_deobfuscating-unminifying-obfuscated-web-app-code.md
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/ohmyzsh/ohmyzsh | |
| plugins: | |
| https://github.com/Aloxaf/fzf-tab | |
| https://github.com/zsh-users/zsh-syntax-highlighting | |
| https://github.com/zsh-users/zsh-autosuggestions | |
| https://github.com/zsh-users/zsh-history-substring-search | |
| https://github.com/zsh-users/zsh-completions | |
| # plugins=(git copybuffer dirhistory fzf-tab zsh-history-substring-search zsh-autosuggestions zsh-syntax-highlighting) |
steinxborg
/ gist:33d623230f6f02d5c79dea347604864f
Created
October 13, 2024 08:08
Decode _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b''))
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import builtins | |
| original_exec = builtins.exec | |
| def exec_with_print(code, globals=None, locals=None): | |
| if isinstance(code, bytes) and not code.startswith(b'exec('): | |
| print("Decoded Code:", code.decode()) | |
| return original_exec(code, globals, locals) |
steinxborg
/ Fix touchpad not working after suspend
Last active
April 16, 2023 04:26
Fix touchpad not working after suspend/sleep - Ubuntu 22.04.2 LTS - Dell Vostro 5515
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dell Vostro 5515 | |
| # Ubuntu 22.04.2 LTS Wayland | |
| # Issue: | |
| # Touchpad becomes unresponsive out of nowhere. Touchpad gestures does not work after suspend/sleep. | |
| # Solution: | |
| # The commands below will restart the driver responsible for touchpad. | |
| ➜ ~ lsmod | grep touch | |
| hid_multitouch 32768 0 |
steinxborg
/ mixunpin.js
Created
April 7, 2023 08:26
— forked from incogbyte/mixunpin.js
Frida script to bypass common methods of sslpining Android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("[*] SSL Pinning Bypasses"); | |
| console.log(`[*] Your frida version: ${Frida.version}`); | |
| console.log(`[*] Your script runtime: ${Script.runtime}`); | |
| /** | |
| * by incogbyte | |
| * Common functions | |
| * thx apkunpacker, NVISOsecurity, TheDauntless | |
| * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that. | |
| * !!! THIS SCRIPT IS NOT A SILVER BULLET !! |
steinxborg
/ README.md
Created
April 5, 2023 14:55
— forked from coaxial/README.md
unpinning SSL certs on Android apps with Frida to inspect network traffic with mitmproxy
Most of the time, applications won't pin the certificate. Running mitmproxy and passing all Android traffic through it is as simple as adb connect <IP> && adb shell settings put global http_proxy <mitmproxy host>:<mitmproxy port> (or use Android's UI)
Some applications, however, pin the certificate and will refuse to do any network calls if using mitmproxy.
Luckily, Frida is here!
This assumes Android x86 is running in a VM, that you are a developer in Android (tap the build version enough times), adb debugging is enabled, and that android tools are installed on the host.
- start mitmproxy on host
- visit mitm.it on the target (after setting the proxy) and install the spoofed cert