|
1 2 |
2408:8000:1010:1::8 2408:8000:1010:2::8 |
之前google搜的时候,看到有人说一个 好像是 dnslab.net 的,千万别用!!!
北京联通IPv6 DNS by @sskaje: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/
Incoming search terms:
Link to this post!
Category: 笔记
北京联通EdgeRouter开启IPv6
看到说北京联通的pppoe也开始启用ipv6了,在EdgeRouter Lite上开了一下设置。
联通给了个 /56 的prefix。
我的eth1接了上行,pppoe拨号,eth0是lan。
|
1 2 3 4 5 6 |
set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf set interfaces ethernet eth1 pppoe 0 ipv6 enable set interfaces ethernet eth1 pppoe 0 ipv6 dup-addr-detect-transmits 1 set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 interface eth0 service slaac set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 prefix-length /56 |
lan
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
interface { ethernet eth0 { ipv6 { router-advert { cur-hop-limit 64 link-mtu 0 managed-flag false max-interval 600 other-config-flag false prefix ::/64 { autonomous-flag true on-link-flag true valid-lifetime 2592000 } reachable-time 0 retrans-timer 0 send-advert false } } } } |
记住配置防火墙
北京联通EdgeRouter开启IPv6 by @sskaje: https://sskaje.me/2018/12/china-unicom-beijing-edgerouter-enable-ipv6-pppoe/
Incoming search terms:
- castlegr1
- dailyugs
- environmentqbb
- hisvgx
- hurryjnd
- jack88x
- nearestf4t
- poetryrgw
- spendidr
- wearaiz
- willinge2k
Link to this post!
Convert PDF to Image
using GraphicsMagick
Convert full page to %d.png
|
1 |
gm convert -verbose -density 200 aaa.pdf -quality 100 -sharpen 0x1.0 +adjoin aaa-%d.png 2>&1"; |
Convert first page
|
1 |
gm convert -verbose -density 200 aaa.pdf[0] -quality 100 -sharpen 0x1.0 +adjoin aaa-%d.png 2>&1"; |
Convert PDF to Image by @sskaje: https://sskaje.me/2018/05/convert-pdf-image/
Link to this post!
lldb 断点自动执行命令
By @sskaje
Link: https://sskaje.me/2018/03/lldb-%e6%96%ad%e7%82%b9%e8%87%aa%e5%8a%a8%e6%89%a7%e8%a1%8c%e5%91%bd%e4%bb%a4/
Link: https://sskaje.me/2018/03/lldb-%e6%96%ad%e7%82%b9%e8%87%aa%e5%8a%a8%e6%89%a7%e8%a1%8c%e5%91%bd%e4%bb%a4/
调试某软件,需要取到断点时候的内存数据。
之前是每次到断点,一个地址一个地址地 p 或者 memory read,后来看到 breakpoint command 命令,于是有了:
添加断点
|
1 2 |
(lldb) breakpoint set -a 0x100110000 Breakpoint 1: where = someapp`___lldb_unnamed_symbol10122$$global, address = 0x0000000100110000 |
添加命令
|
1 2 |
(lldb) breakpoint command add 1.1 Enter your debugger command(s). Type 'DONE' to end. |
输入命令
|
1 2 3 |
> memory read -f Y -c 0x100 $x1 > memory read -f Y -c 0x100 $x2 > DONE |
这样,每次运行到断点的时候,就会执行这两条命令。
lldb 断点自动执行命令 by @sskaje: https://sskaje.me/2018/03/lldb-%e6%96%ad%e7%82%b9%e8%87%aa%e5%8a%a8%e6%89%a7%e8%a1%8c%e5%91%bd%e4%bb%a4/
Link to this post!
Run HelloWorld on Jailbroken iOS 11
iPhone 5s, iOS 11.1
Jailbroken by Electra
How to jailbreak
Cydia Impactor and a new Apple ID required (You can use your own Apple ID at your risk).
If any error occurs on Cydia Impactor, try to login in Xcode and remove useless app/cert.
Trust your developer certificate in iOS Settings => General => Profiles & Device Management => DEVELOPER APP.
Write HelloWorld
helloworld.c
|
1 2 3 4 5 6 |
#include <stdio.h> int main() { printf("Hello, world!\n"); return 0; } |
build
|
1 |
clang -arch arm64 -mios-version-min=10.2 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -o helloworld helloworld.c |
sign with jtool
|
1 |
ARCH=arm64 jtool --sign --ent ent.xml helloworld |
ent.xml
|
1 2 3 4 5 6 7 8 |
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>platform-application</key> <true/> </dict> </plist> |
upload and run helloworld
|
1 2 3 4 5 |
iPhone:~ root# /tmp/helloworld -sh: /tmp/helloworld: Operation not permitted iPhone:~ root# mv /tmp/helloworld /bin/ iPhone:~ root# helloworld Hello, world! |
If this binary is not signed with platform-application entitlement, it will get a ‘Killed’ if it’s under /bin/
More
I wrote a cli based memory editor, which requires more than a hello world.
1 entitlements
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.springboard.debugapplications</key> <true/> <key>get-task-allow</key> <true/> <key>proc_info-allow</key> <true/> <key>task_for_pid-allow</key> <true/> <key>run-unsigned-code</key> <true/> <key>platform-application</key> <true/> </dict> </plist> |
2 patch_setuid() from coolstar’s example. But I’m using code from electra’s cydia fork, also mentioned after his example.
3 Special thanks to ThisTakenIsUsername.
Run HelloWorld on Jailbroken iOS 11 by @sskaje: https://sskaje.me/2018/03/run-helloworld-on-jailbroken-ios-11/
Incoming search terms:
Link to this post!