Generating QR codes is supported by various high quality libraries. Generating PDF using JavaScript in browsers is also very well-supported nowadays. In this post I want to present a method which has the following features:

TL;DR: Just tell me what to use! Mounting file systems over a network can be very helpful. For example if you have a NAS (Network Attached Storage) and want to make the remote files available locally.

RFC 7464 defines a text file format based on the popular JSON format. Its intention is to write JSON texts as a sequence delimited by some character. This can be especially helpful for structured logging using JSON.

Stencil testing refers to a technique in computer graphics programming which allows conditional processing of fragments. Stencil testing is closely related to depth testing which is used to determine which fragment precedence based on its depth within the scene.

Background With Android 11 the method for connecting to Android phones via ADB over the network has changed. Unfortunately, the new method requires to know the port on which the ADB service on the phone is running.

For our tlspuffin fuzzer we use Rust to implement the testing harness. The harness is statically linked to OpenSSL via the openssl-sys and openssl-src crates, where the latter just provides a Rust Build Script.

While trying to reproduce the implementation bug CVE-2021-3449, I had to implement secure renegotiation as specified in RFC 5746. Often it is unclear which RFC is responsible for specific protocol behavior.

TLS, like most cryptographic protocols, depend on random numbers to generate keying material. These numbers should come from a trusted and truly random source. While this is necessary for production use, for testing purposes it is beneficial to use a pseudorandom number generator (PRNG).

Traditionally, fuzzing mutates bits and bytes. That means that the semantics of the protocol are not directly used to mutate the fuzzing input. Symbolic-model Guided Fuzzers fuzz on a more abstract level.

TLS is a beast of a protocol with at least 50 extensions and over 20 years of history. This indicates that implementing can be challenging and that it is important to take a close look at its security.

Research in Fuzzing has gained a lot of traction in the last decade. A lot of open source fuzzers have been implemented and are available on Github. Everyone who already developed any application knows the pain of naming things.

Sometimes you want to have a ScrollView which scrolls from right to left or from bottom. This can be handy when you use calendar views which often to from present to past.

Keeping a secret like GPG keys safe is not a trivial task. It gets even more complicated if you want to backup it and have access in the more distant future.

Link to the project: github.com/maxammann/ndove Sometimes you want to expose a port running on localhost to the internet. This can be challenging because of multiple reasons: Your internet provider does not provide you with a unique IPv4 address There is a firewall between you and the internet through which you can not poke holes You do not want to modify your system just to expose some port There are commercial platforms which offer this as a service like Ngrok.

This probably happens to every analog photographer sooner or later. You finished developing your black and white film and you don’t remember in which container the used developer and in which the fixer is.

If is possible to flash a new firmware from Linux or BSD on an APU embedded system. If the system no longer boots because the board war bricked during a firmware upgrade then you have to flash the flash memory directly over SPI.

It is very convenient to switch between different monitor layouts when using a laptop with multiple external monitors. A very good guide can be found on GitHub Gist by seanf. This post should contain the necessary information for getting it to work on a ThinkPad Thunderbolt Dock.

A docker setup can be very helpful when trying to separate services if they are not packaged otherwise. We don’t only want to separate configuration in this post, but also the network configuration.

VueScan for the Nikon LS-2000 offers a future proof way of using old scanners over the legacy SCSI standard. The not that small Small Computer System Interface is not easy to setup in 2020.

We are going to visualize the timestamps of messages in the Telegram database. This also includes encrypted chats as we analyze the SQLite database of the app. Obtaining the database We pull the database of Telegram using the ADB tool.

The documentation about setting up Tiny Core Linux to flash a new coreboot version on APU boards is quite outdated. If you are interested in flashing the APU using a Raspberry PI then head over to this post.

This guide is tested on Armbian 20.8 The default Armbian images do not offer an encrypted root partition. Unfortunately it is requied to build the image yourself inorder to use LUKS on your root partition.

The firmware and drivers for the Fingerprint Reader for Linux are finally ready as promised a few months ago. I’m not sure whether this was an accomplishment of Lenovo of the open-source community ¯_(ツ)_/¯.

I recently got my hands on a Nikon Coolscan 2000 (LS-2000) scanner. The drivers and the scanning software VueScan is distributed by Hamrick Software. The original software Nikon Scan is discontinued.

I received a free Yubikey from an untrusted source on the CCCamp 2019. Therefore I looked for a way to verify its authenticity. The device appeared physically to be an original and not tampered with.

I had problem to connect a InfluxDB from the pfSense because of a invalid certificate chain. The main problem here is that if you are configuring Telegraf with the pfSense UI then you are not using the system certificate chain (on FreeBSD that is /etc/ssl/cert.

If you previously converted a raw image using qemu-img convert to a qcow2 image you maybe want to mount it to retrieve and modify data: 1modprobe nbd max_part=8 2qemu-nbd --connect=/dev/nbd0 db1_old.

Disclaimer: This is probably not a step by step guide because there are a lot of dependencies involved. I tried to cover all the important aspects of cross-compiling ROS or actually any other software for Raspbian and ARMv6.

This post represents a slow way to compile ROS. In a new post I show how to crosscompile ROS. This post should guide you through the process of compiling ROS on a virtualized Raspberry PI Zero.

Sometimes it makes sense to connect to the PI Zero by using the g_ether kernel module. This connection is way more reliable than the WiFi connection in certain environments. The setup is quite simple.

Writing a slack bot which pushes content to a workspace is quite simple and fast to do. So if there is an updating piece of information in the internet from which your teams needs regular updates this is an easy.

I created a updated guide here! Sometimes you want to expose a port running on localhost to the internet. The use of NAT with IPv4 or firewalls make it difficult to expose a port.

At the company I work at we sometimes throw a party to celebrate the day! Unfortunately we have very different tastes of music. So solve that I setup a Raspberry PI so everyone can vote for their music.

I did the orw challange on pwnable.tw yesterday. It is very streight forward. You just have to send some x86 shellcode to stdin and the orw binary will execute it.

In case you migrated from Jira Cloud to the self-hosted version your server id probably got corrupted. You can revert this by searching your Jira logs for the ID and manually change it in the database.

Preparation Hardware requirements An USB stick (2.0 or 3.0 should work both) RS232 serial to USB adaptor (chipset PL2303 works fine on linux) (I went with this) RS232 null modem cable D-Sub (I went with this) APU2C4.

Visualizing audio can be quite complicated if you suffer the mathematical premises. But with some trial-and-error the final code is not that complicated. You start by defining a few data structures:

MPD is an excellent way to play your music collection, but you do not want to depend on MPD or its database. Maybe you want to use your library also in other playback programms.

Playing compressed audio contains can be quiete complicated and needs some process power. So I’m going to start to play .WAV, .AIFF and raw PCM data. The first step will be to read a container format and decode the contained audio stream.

When using a tiling window you often want to hide the title bar of windows to achive a nicer look and save some space. But at the same time you don’t want to miss important information which sometimes is only exposed through the name of a window which is displayed in the title bar by default.

PulseAudio is a network-capable sound server hosted at freedesktop.org. Supported operating systems include Linux, the BSDs, Solaris as well as Microsoft Windows. Problem I experienced some weird behaviour with my Logitech: Z10 speakers.

Can you see this symbol? 🔊 Nice, this means you have a good set of fonts and a good browser. Mostly easy so view a good part of the Unicode Character Set.

Rendering fonts was a pain in the ass! Took me some time to get around with all these glyphs, transformations and bitmaps. Nonetheless, let’s get started! Setting up FreeType2 Just include

Next step is going to be to find a way to render stuff on our matrix! Data structures Register output: io-bits (For RPi Model B Rev2) 1union io_bits { 2 struct { 3 bits_t unused : 2; // 0-1 4 bits_t output_enable_rev2 : 1; // 2 5 bits_t clock_rev2 : 1; // 3 6 bits_t strobe : 1; // 4 7 bits_t unused2 : 2; // 5.

In my “RPi Matrix” project I wanted to render UTF-8 fonts on a 2D-Raster. To rasterize and vector fonts I used a library called FreeType, which accepts unsigned long* as input to render a single character.

So let’s get this project started. My goal is to create some shiny physical device which allows me to display some super awensome stuff, control my desktop computer. Input will be handled by an Android app.