All posts by manatails

Backing up SHSH2 blobs with Apple Silicon M1 Mac

I’m posting this because the process wasn’t as straightforward as it did for Intel macs where you could simply use precompiled packages or run brew install libimobiledevice. Here is what I did:

1. Install Xcode from App Store

2. Install Xcode command line tools

sudo xcode-select --install

3. Install Homebrew

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"

echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> /Users/manatails/.zprofile
eval "$(/opt/homebrew/bin/brew shellenv)"

4. Install required tools

brew update
brew install --HEAD usbmuxd

brew install --HEAD libimobiledevice

brew install --HEAD libirecovery

5. Use libimobiledevice to collect necessary information

ideviceinfo // get device information

ideviceenterrecovery (UniqueDeviceID from ideviceinfo) //put the device into recovery mode

irecovery -q //you can get NONC and ECID from this command

irecovery -n //return your device to normal mode

6. Back up blobs using TSS Saver: https://tsssaver.1conan.com/v2/
Input your ECID and apnonce(NONC) and you’re done.

—-
I also kept getting strange zsh: process killed message when I first started any of the brew packages, but I fixed it by completely uninstalling brew using the uninstall script then removing the installation folder, then reinstalling homebrew.

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/uninstall.sh)"
sudo rm -rf /opt/homebrew

I also recommend saving the entire output of ideviceinfo and irecovery -q command somewhere just in case.

롤러코스터 타이쿤2 합의금 모드

항상 느끼는거지만 경비원의 정보 페이지는 너무나 빈약합니다.

고용 날짜만 덩그러니 나와 있고 실제로 무슨 일을 했는지는 알 방법이 없습니다.

그래서 코드를 뜯어서 반달을 멈춘 횟수를 기록하는 기능을 추가했습니다.

한 줄 추가했을 뿐인데 훨씬 그럴듯해 졌습니다.

그런데 이렇게 하고나니 조금 더 욕심이 생기더군요

어짜피 잡기만 해 봐야 그때만 반달을 멈출 뿐이기 때문에

실질적으로 손놈들을 좀 손봐줄 수 있었으면 좋겠다고 생각했습니다.

그래서 합의금 개념을 생각했습니다.

현실에서도 도둑질을 하다 걸리면 합의금을 내야되듯이

손놈도 기물 파손을 하다 걸리면 합의금을 거두도록 하는 모드를 만들었습니다.

손놈이 분노하기 좋은 환경인 더러운 길을 준비합니다.

손놈과 경비원을 같이 둡니다.

화를 낼때까지 조금 기다려 줍니다.

딱 걸렸습니다.

합의금으로 벌써 전재산을 다 잃었군요

(회계상 합의금은 입장료에 포함시키기로 하였습니다)

합의금의 책정은 손놈의 경제적 여건을 고려하여 새 벤치 가격의 5배인 $25로 설정하였습니다.

하지만 수중에 돈이 더이상 없다면?

돈이 없으면 몸으로 갚습니다.

수중에 돈이 요구하는 합의금보다 부족할 시 에너지가 0이 된 후 바로 공원에서 퇴출됩니다.

합의금 모드를 통해 좀 더 현실적인 경비원을 체험해 보세요

다운로드

http://laura.mananet.net/rct/OpenRCT2-Securitymod.zip

openrct2 기존 세이브와 상호 호환이 됩니다.

소스코드는 깃헙에 공개되어 있습니다.

https://github.com/manatails/OpenRCT2/tree/securitymod

Quickly move/copy thin-provisioned VMs in VMware ESXi

It’s a script I’ve been using often but I forgot to write a post about this

In VMware ESXi copying thin provisioned VMs using the web interface or console consumes a lot of time and disk IO as it defaults to allocate the new VM as a thick provisioned one.
So I created a special script that avoids default copy operations and copy files as you normally would expect.

https://git.mananet.net/manatails/vmware-thin-mover

Screenshot:

I hope this simple script saves you much of your precious time.

Compiling new Linux Kernel

Those are the commands I used to create custom kernel packages for Debian/Ubuntu based systems.

1. Install required packages

sudo apt-get install build-essential libncurses-dev bison flex libssl-dev libelf-dev

2. Extract source code and import config from current kernel

cd linux-5.x.x
cp -v /boot/config-$(uname -r) .config

make olddefconfig

3. Edit  .config file and set the following variables

CONFIG_SYSTEM_TRUSTED_KEYS = ""
CONFIG_DEBUG_INFO=n

Building without black SYSTEM_TRUSTED_KEYS will fail the build.
Building with debug info will take much more time and space

Compile code and generate deb package, add LOCALVERSION if you want to add a kernel suffix

make clean
make -j8 deb-pkg LOCALVERSION=-custom

 

UefiSeven: Easily boot Windows 7 on UEFI class 3 devices

I’ve been following some threads about installing Windows 7 on pure EFI systems.

Then I found out about VgaShim which I thought to be the best solution.
But the project was deserted a long time ago, it was buggy and was not compatible with my newest devices

After playing around with OVMF firmware and some hardware, I came up with many fixes and improvements.
I decided to take this a bit further and forked my own project named UefiSeven

https://git.mananet.net/manatails/uefiseven

It aims to be the straightforward solution for installing Windows 7 on UEFI class 3 devices.

-Easy to install
-Informative logs
-Configurable verbose mode
-Serial debug console from VGA ROM for debugging
-Experimental, hack-ish support for non-1024×768 capable screens

Usage Instructions:

1. Prepare Windows 7 installation USB Drive
2. Rename bootx64.efi at (UsbDrive)\EFI\Boot\ to bootx64.original.efi
3. Unpack bootx64.efi from UefiSeven archive and copy it to (UsbDrive)\EFI\Boot\
4. (Optional) Copy UefiSeven.verbose to the same directory to enable verbose mode
5. Install Windows
6. Rename bootmgfw.efi at (HDD)\EFI\Microsoft\Boot\ to bootmgfw.original.efi
7. Copy UefiSeven bootx64.efi to (HDD)\EFI\Microsoft\Boot\bootmgfw.efi using EFI shell

Download:
https://git.mananet.net/manatails/uefiseven/-/releases

PoC

Windows 7 running on a Samsung Galaxy Book 12 (Kaby Lake SoC), 2160×1440 screen with native 1024×768 GOP support

Windows 7 running on a GPD MicroPC (Gemini Lake SoC), 720×1280 rotated portrait screen holding 1024×768 framebuffer (Glitchy but useful enough to complete the setup)

I hope this makes life easier for many people who do not want to accept Windows 10 tyranny.

Compiling OVMF from source

I used Debian Buster for the environment

sudo apt-get install build-essential git uuid-dev iasl nasm git
git clone git://github.com/tianocore/edk2.git
cd edk2
git submodule init
git submodule update
source ./edksetup.sh
make -C BaseTools/
build -a X64 -t GCC5 -b RELEASE -p OvmfPkg/OvmfPkgX64.dsc

Find the resulting binary at Build/OvmfX64/RELEASE_GCC5/FV/OVMF.fd

Setting up a dedicated spamassassin server

Default Spamassassin install from Ubuntu is a little bit misconfigured and is not suitable for remote Anti-Spam service. So I am writing up the config changes I had to make in order to make it work flawlessly.

1. Make a dedicated user for Spamassassin, default config runs Spamassassin as root, then the executable itself would complain about it and fall back to nobody.

sudo adduser spamd --disabled-login

2. Open /etc/default/spamassassin and edit the following line

OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir /home/spamd/ --listen=0.0.0.0 --allowed-ips=(your_server_ip)"

3. Edit /etc/spamassassin/local.cf and Add/Uncomment the following lines to suit your needs

rewrite_header Subject [SPAM]
use_bayes 1

bayes_path /var/spamassassin/bayes_db/bayes
bayes_file_mode 0775

bayes_auto_learn 1

bayes_auto_learn_threshold_nonspam -0.001
bayes_auto_learn_threshold_spam 10.0

4.Make directories for Bayes database and give appropriate permissions

sudo mkdir -p /var/spamassassin/bayes_db
sudo chown -R spamd:spamd /var/spamassassin

5.Start Spamassassin Service

sudo systemctl daemon-reload
sudo systemctl restart spamassassin

 

Here are some convenient commands to manage your Spamassassin service:

1. Restore Bayes backup data

sudo -H -u spamd sa-learn --restore spamassassin.backup

2. Sync Bayes database

sudo -H -u spamd sa-learn --sync

3. Learn mail in folder as spam:

sudo -H -u spamd sa-learn --spam --showdots --dir /home/manatails/mail/spam

4. Learn mail in folder as ham

sudo -H -u spamd sa-learn --ham --showdots --dir /home/manatails/mail/ham

5. Print bayes database stats:

sudo -H -u spamd sa-learn --dump magic

In ubuntu logs are stored at /var/log/mail.log

디스코드 한글봇

한글 입력이 지원되지 않는 게임에서 디스코드에 한글 채팅을 할 수 있게 해주는 봇입니다.

카스글옵, 에이펙스 등등 많은 게임에서 한글 키보드가 활성화 되지 않아

매번 알트탭을 눌러서 불편하게 채팅을 치셨나요?

이젠 오버레이 상에서 그대로 하면 됩니다.

한글봇이 영타를 한글로 자동으로 바꾸어 줍니다.

사용예:

봇 홈페이지

https://hangulbot.mananet.net/

한글봇을 초대하시고, 편리하게 한국어로 디스코드를 이용하세요

Setting primary interface in ubuntu

Unlike CentOS, ubuntu doesn’t provide a nice tool to set default routes when there are more than 1 ethernet interfaces are connected at the same time. It is possible to set up a static route with post-up but it is still difficult to do if the DHCP range is dynamic and you can’t accurately determine the proper gateway.

I was able to reliably implement it with the following settings.
Open /etc/network/interfaces file and
Add the following line to all other interfaces that does NOT act as a default gateway.

post-up route del default dev $IFACE

 

This code, instead of setting a default route, basically removes undesired default routes as the device goes up.

Example configuration when you want to use ens160 as default route:

auto ens172
iface ens172 inet dhcp
post-up route del default dev $IFACE

auto ens192
iface ens192 inet dhcp
post-up route del default dev $IFACE

# The primary network interface
auto ens160
iface ens160 inet dhcp

Converting Killer LAN / WLAN cards to Atheros cards

If you feel frustrated by buggy drivers and softwares of Killer ethernet cards that come with your new gaming laptop or motherboard, it is possible to get rid of them by force replacing the drivers. I experienced continuous disconnection while creating a testnet with this card and it was unacceptable. I honestly have no idea why manufacturers even use this chipset even though people were complaining about this for a long time.

Killer chipsets are basically rebranded versions of existing Atheros chipsets, so  you can simply override the default driver settings to make it function as an Atheros card.

 

1. Open the device manager
2018-11-23 02_07_04-Device Manager

 

2. Right click on the LAN card and choose to update driver software
2018-11-23 02_07_50-NVIDIA GeForce Overlay

3. Browse my computer for drivers
2018-11-23 02_08_11-Update Driver Software - Killer E2400 Gigabit Ethernet Controller

4. Pick from a list on my computer
2018-11-23 02_08_45-Update Driver Software - Killer E2400 Gigabit Ethernet Controller

5. Have driver disk
2018-11-23 02_09_04-Update Driver Software - Killer E2400 Gigabit Ethernet Controller

6. Choose the appropriate inf file for your device. There is a list of compatible drivers at the end of this article
2018-11-23 02_09_43-Device Manager

7. If the inf file contains multiple definitions, choose the appropriate model
2018-11-23 02_10_04-Update Driver Software - Killer E2400 Gigabit Ethernet Controller

8. Ignore the warning and proceed
2018-11-23 02_10_15-Update Driver Warning

9.You have a functional Atheros card now, goodbye retarded Killer drivers
2018-11-18 13_13_00-Device Manager

10. Remove the Killer suite from Add/Remove Programs if you installed them

 

List of compatible drivers:

Killer E2200 – Atheros AR8151
Killer E2400 – Atheros AR8171

Killer Wireless 1535 – Qualcomm QCA61x4A

 

Please tell me if you know any other compatible pairs, I’ll add them to this list.