2020年8月23日星期日

Install tips for python3 virtualenvwrapper

  • Do not install with apt, use pip.

sudo pip3 install virtualenvwrapper

  • Edit ~/.bashrc

export WORKON_HOME="/home/xxx/you_name_it"

export VIRTUALENVWRAPPER_PYTHON="/usr/bin/python3"

source /usr/local/bin/virtualenvwrapper.sh


2020年7月17日星期五

A Piece Of Cake @www.jarvisoj.com

nit yqmg mqrqn bxw mtjtm nq rqni fiklvbxu mqrqnl xwg dvmnzxu lqjnyxmt xatwnl, rzn nit uxnntm xmt zlzxuuk mtjtmmtg nq xl rqnl. nitmt vl wq bqwltwlzl qw yivbi exbivwtl pzxuvjk xl mqrqnl rzn nitmt vl atwtmxu xamttetwn xeqwa tsftmnl, xwg nit fzruvb, nixn mqrqnl ntwg nq gq lqet qm xuu qj nit jquuqyvwa: xbbtfn tutbnmqwvb fmqamxeevwa, fmqbtll gxnx qm fiklvbxu ftmbtfnvqwl tutbnmqwvbxuuk, qftmxnt xznqwqeqzluk nq lqet gtamtt, eqdt xmqzwg, qftmxnt fiklvbxu fxmnl qj vnltuj qm fiklvbxu fmqbtlltl, ltwlt xwg exwvfzuxnt nitvm twdvmqwetwn, xwg tsivrvn vwntuuvatwn rtixdvqm - tlftbvxuuk rtixdvqm yivbi evevbl izexwl qm qnitm xwvexul. juxa vl lzrlnvnzntfxllvldtmktxlkkqzaqnvn. buqltuk mtuxntg nq nit bqwbtfn qj x mqrqn vl nit jvtug qj lkwnitnvb rvquqak, yivbi lnzgvtl twnvnvtl yiqlt wxnzmt vl eqmt bqefxmxrut nq rtvwal nixw nq exbivwtl.   


################################################

{'a': 'g',
 'b': 'c',
 'c': '*',
 'd': 'v',
 'e': 'm',
 'f': 'p',
 'g': 'd',
 'h': '*',
 'i': 'h',
 'j': 'f',
 'k': 'y',
 'l': 's',
 'm': 'r',
 'n': 't',
 'o': '*',
 'p': 'q',
 'q': 'o',
 'r': 'b',
 's': 'x',
 't': 'e',
 'u': 'l',
 'v': 'i',
 'w': 'n',
 'x': 'a',
 'y': 'w',
 'z': 'u',
 ' ': ' ',
 ',': ',',
 '.': '.',
 ':': ':',
 '-': '-'}

wifi.cap.d4e4d22bc8fe925bf0ccb9382056ce8e crack problem

wifi.cap.d4e4d22bc8fe925bf0ccb9382056ce8e is a challenge @ https://www.jarvisoj.com.

It is in the BASIC Tab.

I got the cap file, and run with aircrack-ng in WSL, then got the output below:

aircrack-ng -w p.txt wifi.cap.d4e4d22bc8fe925bf0ccb9382056ce8e
Reading packets, please wait...
Opening wifi.cap.d4e4d22bc8fe925bf0ccb9382056ce8e
Read 6539 packets.

   #  BSSID              ESSID                     Encryption

   1  56:0A:64:FF:E9:17  Flag_is_here              WPA (0 handshake)

Choosing first network as target.

Reading packets, please wait...
Opening wifi.cap.d4e4d22bc8fe925bf0ccb9382056ce8e
Read 6539 packets.

1 potential targets

Packets contained no EAPOL data; unable to process this AP.

But I tried it again on my VPS, and got the key normally...

                                 Aircrack-ng 1.2 beta3


                   [00:00:00] 1 keys tested (700.40 k/s)


                           KEY FOUND! [ 11223344 ]


      Master Key     : 38 19 96 51 DB 57 C2 29 A4 5A 55 D9 20 25 6C 3B
                       D5 21 9B C7 8C 0B 42 EB 01 67 BB 4E 38 EC 44 42

      Transient Key  : 76 BD EF 88 51 07 CA B3 DC 30 7D 7E AA 49 AC 2E
                       9A 38 29 FD AF 1E 59 C7 A3 9F 9D C0 1C 91 53 AA
                       DA BE 57 43 0C 21 FA CA 66 DE F4 72 47 E0 B0 35
                       72 55 6E 13 16 66 D0 2E 74 4E 4C 05 DE 46 BC 9B

      EAPOL HMAC     : 91 B7 11 2F 71 48 42 6E 20 02 F7 CC 79 FA 6C 31

Then I found the versions of aircrack-ng in different machines were different. One is 1.2 beta, the other is 1.6 .

I don't know if it's the version or the WSL caused this problem.
 

2020年7月2日星期四

How to Cheat in Clicker Hero2 with CE

Clicker Hero2 is a fun game.
For having more fun with this game, I want to use my cheat engine on it.

Some values can be easily found. Like ruby, energy, mana . But others can not be simply found with the value displayed in the game.

After some analazing, I sovled the mystery.
The values are saved in the format of  Scientific notation.(https://en.wikipedia.org/wiki/Scientific_notation)
A value is divided into 2 double(8 byte) memory.
The first is coefficient(the value before "e"), the second is the exponent(The value after "e").

If the gold displayed on the screen is 44.3e10 or 443e9,  just scan the double value 4.43(NOT 44.3, NOT 443) .
When you found the address, add it to the address list.
Then right click the list item we just added, choose "Browse this memory region".
In the "Memory Viewer", right click the value displayed as hex, choose "Display type -> Double".
Now you can find your GOLD here. Double click to change the value.

UPDATE:
About Skill Point.

Skill point is not saved in memory directly, but the difference between Level and Points.

SavedValue = Level - Points -1

And SavedValue is also in the format of  Scientific notation.

Enjoy!

2020年6月8日星期一

brut.common.BrutException when using apktool build apk

 When rebuild an APK using apktool, I run into this problem:
brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1):

Try this:

apktool b --use-aapt2 -o unsigned_apk.apk .\app-debug\

It works for me this time,
but this may not working for any APK for all the time.

2020年5月3日星期日

Windows GNU Radio “Failed to open HackRF device” when using osmocom sink with Hackrf One

Got my new Hackrf One today. It works fine in GNU Radio as an osmocom source. But when I tried to use it with as an osmocom sink , I got a problem.

First the grc graph:
 
For making GNU Radio to connect Hackrf One, I set the "Device Arguments" to "hackrf=0" same as in osmocom source block which works fine. And I found this argument in the documentation of the block.
 

Then I execute the flow graph and get the error:


This really confuses me... Same hardware, same driver, same pc...

OK, time to read some codes.
At last, I found this code:
https://git.osmocom.org/gr-osmosdr/tree/lib/hackrf/hackrf_common.cc



It seems when osmocom block is finding a hackrf device with specified serail number given by the block properties window.
Then I tried to remove the "=0" texts from arguments.
Yeah, it worked...

 Just like the osmocom source block.

But the "=0" argment takes no effect on osmocom source block...
Why...
🤔🤔🤔🤔🤔🤔🤔🤔🤔🤔🤔🤔🤔

2020年4月20日星期一

Install Kali tools into chroot

#Install debootstrap

sudo apt-get install debootstrap

#Install Ubuntu 18.04 into chroot

mkdir chroot_root
sudo debootstrap --arch amd64 bionic ./chroot_root/

#If you run into this error:
#/usr/sbin/debootstrap: cannot create /media/XXXXX/chroot_root/test-dev-null: #Permission denied


#Try to remount or your block device without noexec and nodev options.
#For example:
#sudo mount -t ext4 -o remount,rw,relatime,uhelper=udisks2 /dev/sda1 /media/MOUNT_POINT
#Or adjust your mount options in "disks" 

#Bind nodes:
sudo mount --bind /proc ./chroot_root/proc
sudo mount --bind /dev ./chroot_root/dev
sudo mount --bind /sys ./chroot_root/sys
#ATTENTION: Only run these commands when the dirs are empty.

#Run chroot

sudo chroot ./chroot_root

#Install katoolin

apt update
apt install python git gnupg

git clone https://github.com/LionSec/katoolin.git
cp katoolin/katoolin.py /usr/bin/katoolin
chmod +x /usr/bin/katoolin
katoolin

#Enjoy!


#Backup
sudo tar -czf chroot_root_bak.tar.gz ./chroot_root




2020年4月15日星期三

临时本地解决DNS污染


在本地启动一个DoH的DNS服务器
proxychains sudo cloudflared proxy-dns
nslookup twitter.com 127.0.0.1


如果只是想临时解析一下域名的话,
proxychains dig +tcp @1.1.1.1 twitter.com

2020年2月21日星期五

[Cheat Engine] Communication between LUA and Auto Assemble


autoAssemble([[{$STRICT}
aobscan(test_sym1,01 B7)
registerSymbol(test_sym1)]])

local s = readQword("test_sym1")
print(type(s))

if s == nil then
print("NULL")
else
print(string.format("%X",s))
end