| /* | |
| * | |
| * Author: @javierprtd | |
| * Date : 01-08-2024 | |
| * Kernel: 5.10.177 | |
| * Samsung A25 NPU: CVE-2022-22265 (bug patched - reintroduced) | |
| * | |
| */ | |
| // echo 1 > /sys/module/memlogger/holders/npu/drivers/platform:exynos-npu/npu_exynos/npu_err_in_dmesg |
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
| // | |
| // This file should be used in the following way: | |
| // - reload executable into IDA with using switch -c | |
| // - use File, Load IDC file and load this file. | |
| // | |
| // NOTE: This file doesn't contain all information from the database. | |
| // | |
| #define UNLOADED_FILE 1 | |
| #include <idc.idc> |
Gain adb root.
$ adb shell am start -n com.android.engineeringmode/.qualcomm.DiagEnabled --es "code" "angela"
Download Magisk-v14.0 and extract it somewhere. Download MagiskManager.
This is a writeup about how to install Ubuntu 16.04.1 Xenial Xerus for the 32-bit hard-float ARMv7 (armhf) architecture on a Qemu VM via Ubuntu netboot.
The setup will create a Ubuntu VM with LPAE extensions (generic-lpae) enabled. However, this writeup should also work for non-LPAE (generic) kernels.
The performance of the resulting VM is quite good, and it allows VMs with >1G ram (compared to 256M on versatilepb and 1G on versatile-a9/versatile-a15). It also supports virtio disks whereas versatile-a9/versatile-a15 only support SD cards via the -sd argument.
Note: I've only briefly read the related CPI paper (PDF), this is just initial impressions after playing around with it a bit.
All the code and binaries I used can be downloaded here. Note that I removed -DFORTIFY_SOURCE=2 to make the examples a bit simpler.
-fsanitize=safe-stack basically seems to move stack based buffers off the actual stack, onto another segment of memory (I'll call it the fake stack). The actual stack then stores references to this segment. For example:
char buf[20];
printf("%p\n", buf);
You might want to read this to get an introduction to armel vs armhf.
If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.
First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux
public class UpdateApp extends AsyncTask<String,Void,Void>{
private Context context;
public void setContext(Context contextf){
context = contextf;
}
@Override
protected Void doInBackground(String... arg0) {
try {
Android의 Binder를 활용하여 RPC(Remote procedure call)을 구현하는 예제를 만들어 보았다. 본 예제에서는 Server/Client가 별도의 Application이 되며 Server의 Service에 Client의 Activity가 Bind되는 구조이다. 그리고 Client는 Server의 Service에 직접 Call을 하여 결과를 받는 예제이다.
RPC를 이해하기 위해서 우선 다음 두가지 개념을 이해해여야 한다.