coelner/gedankensplitter
1
0
Fork 0
Code Pull Requests Releases Activity

minor

Browse Source
This commit is contained in:
coelner 2023-01-14 16:54:44 +01:00
parent 0ae97be204
commit af7d5ed0ef
8 changed files with 168 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
SDR.md
View File

@ -3,6 +3,10 @@ SDR
### links ### links
https://github.com/jopohl/urh/ https://github.com/jopohl/urh/
https://www.windytan.com/ https://www.windytan.com/
https://triq.net/bitbench
https://blog.atx.name/reverse-engineering-radio-weather-station/
https://docs.google.com/document/d/1yjAO3jTBa9lAFIuiteK_GLWh7-Xk-kSD2d0DUxQe_vU/edit
### flipper zero ### flipper zero
https://gist.github.com/paucoma/57080d2845ba4b21b980b90842c38eb1 https://gist.github.com/paucoma/57080d2845ba4b21b980b90842c38eb1

9
archlinux.md
View File

@ -63,6 +63,15 @@ sudo mkinitcpio -p linux
- reboot and pray - reboot and pray
- enable pcsc.socket - enable pcsc.socket
### uefi update cd
1. download iso image
2. extract the upgrade image `geteltorito.pl -o r1qur08w.img r1qur08w.iso`
3. put it on the usb stick `dd if=r1qur08w.img o=/dev/sda bs=64K`
4. reboot to disable SecureBoot
5. reboot to boot
6. reboot (UEFI), reboot (EC) and reboot (reasons)
7. reboot to activate SecureBoot again
### git use credential store ### git use credential store
https://gist.github.com/maelvls/79d49740ce9208c26d6a1b10b0d95b5e https://gist.github.com/maelvls/79d49740ce9208c26d6a1b10b0d95b5e
well, no: well, no:

53
firmware_sammelbecken.md
View File

@ -1,4 +1,4 @@
Willkommen im Wiki. Willkommen im Wiki.
Hier wird ein Sammelsurium angelegt, welches Snippets für alles enthält, was mir über den Weg läuft. Hier wird ein Sammelsurium angelegt, welches Snippets für alles enthält, was mir über den Weg läuft.
#### TS100 soldering iron #### TS100 soldering iron
@ -23,9 +23,9 @@ VoLTE sowie WiFiCall kann erst mit neuem Update kommen, da der APN von 07 auf 03
#### Odroid HC1 sdcard handling #### Odroid HC1 sdcard handling
Mirror second bootstage Mirror second bootstage
dd if=/dev/mmcblk0 of=/dev/sdc bs=512 count=8192 `dd if=/dev/mmcblk0 of=/dev/sdc bs=512 count=8192`
partclone (maybe some resize due different sdcard size is required) partclone (maybe some resize due different sdcard size is required)
partclone.ext4 -N -b -s /dev/mmcblk0p1 -o /dev/sdc1 `partclone.ext4 -N -b -s /dev/mmcblk0p1 -o /dev/sdc1`
##### STM32 F103 clones ##### STM32 F103 clones
@ -93,6 +93,47 @@ mgos_sys_config.c:232 Loading conf9.json
mgos_sys_config.c:306 Switching debug to UART-1 mgos_sys_config.c:306 Switching debug to UART-1
``` ```
well, that it's all folks. The device can not connect to a wifi AP. The self-owned AP works so far, but it can not connect to a different AP, more precisely, it can not get an IP well, that it's all folks. The device can not connect to a wifi AP. The self-owned AP works so far, but it can not connect to a different AP, more precisely, it can not get an IP. the guide explains it well: https://asperti.com/2022/shelly-firmware/
`68:C6:3A:F9:38:9C` ```
https://asperti.com/2022/shelly-firmware/ rBoot v1.2.1-cesanta1 - richardaburton@gmail.com
Flash Size: unknown
Flash Mode: DOUT
Flash Speed: 80 MHz
rBoot Option: Big flash
Writing default boot config @ 0x7000.
Booting rom 0 (0x8000).
syѕ<EFBFBD><EFBFBD>param error, use last saved param!
mismatch map 1,spi_size_map 15
emap1
map 1 err
system param partition error
ota2 partition <20>V2
Mo
Backup
Exception 20 @ 0x00000023, vaddr 0x00000020
A0: 0x4027d46a A1: 0x3fffeac0 A2: 0x0001c610 A3: 0x00000088
A4: 0x3ffe9818 A5: 0x00000004 A6: 0x40000000 A7: 0x3fffdca0
A8: 0x0000001e A9: 0x00000000 A10: 0x00000000 A11: 0x00000002
A12: 0x3ffee8ac A13: 0x3ffef024 A14: 0x3ffef0c2 A15: 0x00000023
(exc SP: 0x3fffe920)
```
however, the guide is not working completely. Some research later, I found out that rboot needs the flash size detection. Otherwise it seems to fail. you need to add `--fs detect` to get the flash size into rboot.
```
esptool -p /dev/ttyUSB0 --baud 115200 write_flash -fm dout --flash_freq 80m --fs detect 0x0 rboot.bin 0xBB000 fs.bin 0x8000 shelly-plug-s.bin 0x1FC000 esp_init_data_default_v08.bin
```
and should see this:
```
rBoot v1.2.1-cesanta1 - richardaburton@gmail.com
Flash Size: 16 Mbit
Flash Mode: DOUT
Flash Speed: 80 MHz
rBoot Option: Big flash
Booting rom 0 (0x8000).
V2
Mo
Backup
```

4
git_usage.md Normal file
View File

@ -0,0 +1,4 @@
## git
### git file permission ignore
`git config core.fileMode false`

108
gnuk.md
View File

@ -38,10 +38,10 @@ You could however use a Masterkey deployment, which adds overhead to your key ha
alternative is: alternative is:
- File encryption: https://github.com/FiloSottile/age https://github.com/FiloSottile/age/discussions/432 - File encryption: https://github.com/FiloSottile/age https://github.com/FiloSottile/age/discussions/432
- File signing: https://github.com/jedisct1/minisign/ - File signing: https://github.com/jedisct1/minisign/
- Mail Verschlüsselung: as intermediate solution: p≡p and a workaround: https://de.wikipedia.org/wiki/Autocrypt and DKIM by the mail provider - Mail encryption: as intermediate solution: p≡p and a workaround: https://de.wikipedia.org/wiki/Autocrypt and DKIM by the mail provider
- git commit sign https://github.com/git/git/pull/1041 - git commit sign https://github.com/git/git/pull/1041
- linux login: pam-poldi -> pam-u2f - linux login: pam-poldi --> pam-u2f
- full disk encryption Luks2: -> TPM2 + PIN (for device bundled storage) or FIDO2 based - full disk encryption Luks2: --> TPM2 + PIN (for device bundled storage) or FIDO2 based
- SSH:FIDO2 openssh native support - SSH:FIDO2 openssh native support
## Gnuk ## Gnuk
offical Repo: https://salsa.debian.org/gnuk-team offical Repo: https://salsa.debian.org/gnuk-team
@ -68,8 +68,6 @@ https://s14-eu5.startpage.com/cgi-bin/serveimage?url=https:%2F%2Fembdev.net%2Fwi
[new] https://gist.github.com/rot42/cd6ff46be45f0b7d7cd461a7bcc14d79 [new] https://gist.github.com/rot42/cd6ff46be45f0b7d7cd461a7bcc14d79
----------mailgroup questions---------------- ----------mailgroup questions----------------
firmware upgrade with public RSA --> lost of all data?
upgrade manual?
get random data from gnuk more than 32byte? get random data from gnuk more than 32byte?
https://raw.githubusercontent.com/comio/comio-overlay/master/app-crypt/scdtools/files/scdrand.service https://raw.githubusercontent.com/comio/comio-overlay/master/app-crypt/scdtools/files/scdrand.service
https://github.com/vletoux/OpenPGP-CSP/issues https://github.com/vletoux/OpenPGP-CSP/issues
@ -77,13 +75,13 @@ https://incenp.org/dvlpt/scdtools.html
``` ```
echo scd random 32 | gpg-connect-agent | xxd echo scd random 32 | gpg-connect-agent | xxd
``` ```
----------------- --------------—
### best practise
Nutzer PIN erst mit Zertifikat Nutzer PIN erst mit Zertifikat
adminless Modus mit PIN über 8 Zeichen, User Pin min 6 Zeichen PIN adminless Modus mit PIN über 8 Zeichen, User Pin min 6 Zeichen PIN
---------UPGRADE----------— #### regnual firmware upgrade
```bash ```bash
koelner ~/src/gnuk/tool $./upgrade_by_passwd.py ../regnual/regnual.bin ../src/build/gnuk.bin koelner ~/src/gnuk/tool $./upgrade_by_passwd.py ../regnual/regnual.bin ../src/build/gnuk.bin
Admin password: Admin password:
@ -126,10 +124,89 @@ koelner ~/src/gnuk/tool $./usb_strings.py
Sys: 3.0 Sys: 3.0
``` ```
------- #### openocd firmware flash
```
Make Gnuk
cm@system-legacy:~/src/gnuk/src$ ./configure --vidpid=234b:0000 --target=BLUE_PILL --enable-factory-reset --enable-certdo
./configure --vidpid=234b:0000 --target=ST_DONGLE --enable-factory-reset --enable-certdo --disable-sys1-compat
cm@system-legacy:~/src/gnuk/src$ make -j4
cm@system-legacy:~/src/gnuk/src$ make build/gnuk-vidpid.elf
Flash Gnuk
0. build it like descibed in the offical documentation.
1. connect STLink and then the blue pill itself (GND, 3.3V SWDCLK, SWDIO)
2. use openocd
$ openocd -f interface/stlink-v2.cfg -f target/stm32f1x_stlink.cfg -OR-
$ openocd -f interface/stlink-v2.cfg -f target/stm32f1x.cfg
3. telnet to openocd server
cm@system-legacy:~/src$ telnet 127.0.0.1 4444
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Open On-Chip Debugger
> stm32f1x unlock 0
device id = 0x20036410
flash size = 64kbytes
Target not halted
> reset halt
target halted due to debug-request, current mode: Thread
xPSR: 0x01000000 pc: 0x08000250 msp: 0x20005000
> stm32f1x unlock 0
target halted due to breakpoint, current mode: Thread
xPSR: 0x61000000 pc: 0x2000003a msp: 0x20005000
stm32x unlocked.
INFO: a reset or power cycle is required for the new settings to take effect.
> reset halt
target halted due to debug-request, current mode: Thread
xPSR: 0x01000000 pc: 0x08000250 msp: 0x20005000
> flash write_bank 0 /home/cm/src/gnuk/src/build/gnuk-vidpid.bin 0
flash write algorithm aborted by target
flash write failed at address 0x8000002
flash memory not erased before writing
error writing to flash at address 0x08000000 at offset 0x00000000
> stm32f1x mass_erase 0
stm32f1x mass erase complete
> flash write_bank 0 /home/cm/src/gnuk/src/build/gnuk-vidpid.bin 0
target halted due to breakpoint, current mode: Thread
xPSR: 0x61000000 pc: 0x2000003a msp: 0x20005000
wrote 114688 bytes from file /home/cm/src/gnuk/src/build/gnuk-vidpid.bin to flash bank 0 at offset 0x00000000 in 3.447206s (32.490 KiB/s)
> reset halt
target halted due to debug-request, current mode: Thread
xPSR: 0x01000000 pc: 0x08003264 msp: 0x20005000
> stm32f1x lock 0
target halted due to breakpoint, current mode: Thread
xPSR: 0x61000000 pc: 0x2000003a msp: 0x20005000
stm32x locked
> reset
> shutdown
shutdown command invoked
Connection closed by foreign host.
```
one liner
```
openocd -f interface/stlink.cfg \
-c 'transport select hla_swd' \
-f target/stm32f1x.cfg \
-c 'adapter_speed 400' \
-c init \
-c 'reset halt' \
-c 'stm32f1x unlock 0' \
-c 'reset halt' \
-c 'stm32f1x mass_erase 0' \
-c 'flash write_bank 0 /home/koelner/Downloads/gnuk.bin 0' \
-c 'stm32f1x lock 0' \
-c reset \
-c shutdown
```
#### links
https://github.com/gl-sergei/u2f-token https://github.com/gl-sergei/u2f-token
https://riseup.net/en/security/message-security/openpgp/best-practices https://riseup.net/en/security/message-security/openpgp/best-practices
------ https://blog.josefsson.org/tag/openpgp/
## gnuk root key station ## gnuk root key station
rpi zero WH 1.1, CPU-Kühler, USB-A Mod, USB Hub Hat, 1.44 LCD with Buttons rpi zero WH 1.1, CPU-Kühler, USB-A Mod, USB Hub Hat, 1.44 LCD with Buttons
@ -141,13 +218,20 @@ additional installed software: vim.tiny, vim, stress, gnupg, libccid, opensc, sc
activate timedatectl 4 activate timedatectl 4
register i2c-rtc and usb-serial, login with dietpi:dietpi register i2c-rtc and usb-serial, login with dietpi:dietpi
------------- ```
root@gnupg-root:~# cat hwmon-ds3231.sh root@gnupg-root:~# cat hwmon-ds3231.sh
#!/usr/bin/env bash #!/usr/bin/env bash
rtctemp=$(cat /sys/class/i2c-adapter/i2c-1/1-0068/hwmon/hwmon0/temp1_input) rtctemp=$(cat /sys/class/i2c-adapter/i2c-1/1-0068/hwmon/hwmon0/temp1_input)
rtctemp=$(bc -l <<< "$rtctemp / 1000") rtctemp=$(bc -l <<< "$rtctemp / 1000")
echo "RTC temp = $rtctemp" echo "RTC temp = $rtctemp"
----------- ```
```
root@gnupg-root:~# cat hwmon-ds3231.sh
#!/usr/bin/env bash
rtctemp=$(cat /sys/class/i2c-adapter/i2c-1/1-0068/hwmon/hwmon0/temp1_input)
echo "$rtctemp / 1000" | bc
echo "RTC temp = $rtctemp"
```
First run First run
Check for RNG pool Check for RNG pool

2
lenovo_L13YOGA_G2_AMD.md
View File

@ -15,4 +15,4 @@ My own system: https://linux-hardware.org/?probe=6dfbd97685
1. keyboard backlight https://wiki.archlinux.org/title/Keyboard_backlight#On_GNOME 1. keyboard backlight https://wiki.archlinux.org/title/Keyboard_backlight#On_GNOME
2. keyboard FN keys 2. keyboard FN keys
3. bluetooth daemon disabled by default 3. bluetooth daemon disabled by default
4. touchscreen not detected - suddenly then it appears 4. touchscreen not detected - suddenly then it appears - and again gone

2
openwrt-selfbuild.md
View File

@ -136,6 +136,8 @@ fi
## package list ## package list
#### useful packages #### useful packages
``` ```
ath10k-firmware-qca988x base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-ath10k kmod-ath9k kmod-gpio-button-hotplug kmod-nft-offload kmod-usb-ledtrig-usbport kmod-usb2 libc libgcc libustream-wolfssl logd mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uboot-envtools uci uclient-fetch urandom-seed urngd
wget-ssl wget-ssl
curl curl
wireguard-tools wireguard-tools

3
proxmox.md
View File

@ -1,4 +1,7 @@
## Proxmox ## Proxmox
### subscription nag screen
https://johnscs.com/remove-proxmox51-subscription-notice/
`sed -Ezi.bak "s/(Ext.Msg.show\(\{\s+title: gettext\('No valid sub)/void\(\{ \/\/\1/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js && systemctl restart pveproxy.service`
### packages ### packages
tmux, powertop,htop, cryptsetup,vim, cpu-frequ-utils tmux, powertop,htop, cryptsetup,vim, cpu-frequ-utils