summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorShubham Saini <me@ubh.sh>2023-02-09 00:19:28 +0000
committerShubham Saini <me@ubh.sh>2023-02-09 00:19:28 +0000
commitd7da16ecfa5cadb643df78694db44963ba665cbe (patch)
tree00c5234f542f7064e91827064767bcf59f094a2c /content
init
Diffstat (limited to 'content')
-rwxr-xr-xcontent/about.md18
-rwxr-xr-xcontent/favicon.icobin0 -> 2508 bytes
-rwxr-xr-xcontent/posts/binary-exp.md300
-rwxr-xr-xcontent/posts/dynamic-img.md39
-rwxr-xr-xcontent/posts/hosting-email.md8
-rwxr-xr-xcontent/posts/optimus-void.md98
-rwxr-xr-xcontent/posts/setup.md28
-rwxr-xr-xcontent/pubkey.gpg52
8 files changed, 543 insertions, 0 deletions
diff --git a/content/about.md b/content/about.md
new file mode 100755
index 0000000..2357ba4
--- /dev/null
+++ b/content/about.md
@@ -0,0 +1,18 @@
1---
2title: "About"
3draft: false
4---
5
6I'm Shubham and I goes by `shubh` or `rinzler` on the internet. This site is mostly about opensource, privacy, infrastructure and security.
7
8I am currently pursuing my Master's in Computer Science with primary interest in cybersecurity. I live in Vancouver and work as a Cloud Engineer at [Fispan](https://fispan.com/). I play CTFs, crack boxes on hackthebox to pass my time. I also write opensource stuff, rice my desktop. Have a look at my [github](https://github.com/sh-ubh).
9
10Want to contact, send an message using email/xmpp to me@ubh.sh
11
12## Profiles
13
14hackthebox - [rinzl3r](https://app.hackthebox.com/profile/116082)
15
16pgp - [E0404DDE4BCF9DB5](/pubkey.gpg)
17
18`A504 C5F4 B9AD 213F A8A3 A901 E040 4DDE 4BCF 9DB5`
diff --git a/content/favicon.ico b/content/favicon.ico
new file mode 100755
index 0000000..725af1f
--- /dev/null
+++ b/content/favicon.ico
Binary files differ
diff --git a/content/posts/binary-exp.md b/content/posts/binary-exp.md
new file mode 100755
index 0000000..e3c0704
--- /dev/null
+++ b/content/posts/binary-exp.md
@@ -0,0 +1,300 @@
1---
2title: "Basics of Binary Exploitation"
3date: 2019-08-19T11:53:57+05:30
4description: "All you need to get started with binary exploitation"
5draft: false
6---
7
8## Intro into assembly
9Each personal computer has a microprocessor that manages the computer’s arithmetical, logical, and control activities.
10
11Each family of processors has its own set of instructions for handling operations like getting user input, displaying info on screen etc. These set of instructions are called ‘machine language instructions’. A processor can only understand these machine language instructions which is basically 0’s & 1’s. So, here comes the need of our low-level assembly.
12
13Assembly can be intimidating so I will sum it up for you and this is (pretty) enough to start pwning some binaries.
14
15- In assembly you are given 8-32 global variables of fixed size to work with which are called “registers”.
16- There are some special registers also. MOst important is “program counter”, which tells the cpu which instruction we’re executing next. This is same as IP(instruction pointer) - don’t get confused.
17- Technically, all the computation is executed on registers. A 64-bit processor requires 64-bit registers, since it enables the CPU to access 64-bit memory addresses. A 64-bit register can also store 64-bit instructions, which cannot be loaded into a 32-bit register. Therefore, most programs written for 32-bit processors can run on 64-bit computers, while 64-bit programs are not backward compatible with 32-bit machines.
18- But big programs need more space so they access memory. Memory is accessed by using memory location or through push & pop op. on a stack.
19- Control flow is handled via altering program counter directly using jumps, branches, or calls. These inst. are called “GOTOs”.
20- Status flags are generally of 1-bit. They tells about wheather flag is set or reset.
21- Branches are just GOTOs that are predicated on a status flag, like, “GOTO this address only if the last arithmetic operation resulted in zero”.
22- A CALL is just an unconditional GOTO that pushes the next address on the stack, so a RET instruction can later pop it off and keep going where the CALL left off.
23
24I think this is enough info about assembly and you’re ready to dive into binary exploitation. Wanna learn more then this book is awesome - [here](https://beginners.re/RE4B-EN.pdf)
25
26## Let’s start pwning binaries
27To start you will need a disassembler(converts 0’s & 1’s [machine code] into assembly) like radare2, IDA, objdump etc. and a debugger(used to debug programs) like gdb, OllyDbg etc.
28
29Let’s get started: Here is the code that I wrote and we will try to exploit it. It’s a simple license checker which check two strings. Source will be available on my [github](https://github.com/anon6405/binary_exploit).
30
31crackme1.c
32```c
33#include <stdio.h>
34#include <string.h>
35int main(int argc, char *argv[]){
36 if(argc==2){
37 printf("Checking Licence: %s\n", argv[1]);
38 if(strcmp(argv[1], "hello_stranger")==0){
39 printf("Access Granted!\n");
40 printf("Your are 1337 h4xx0r\n");
41 }
42 else{
43 printf("Wrong!\n");
44 }
45 }
46 else{
47 fprintf(stderr, "Usage: %s <name>\n", argv[0]);
48 return 1;
49 }
50
51 return 0;
52}
53```
54
55This code is pretty simple and I hope you can understand it. So lets compile it.
56```shell
57$ gcc crackme1.c -o crackme1
58```
59
60Now we will use gdb to debug our program
61```
62$ gdb crackme1
63```
64
65Now we know that every program has main function. So lets disassemble it.
66```
67(gdb) disassemble main
68```
69
70It will through this:
71```shell
72Dump of assembler code for function main:
73 0x0000000000001169 <+0>: push %rbp
74 0x000000000000116a <+1>: mov %rsp,%rbp
75 0x000000000000116d <+4>: sub $0x10,%rsp
76 0x0000000000001171 <+8>: mov %edi,-0x4(%rbp)
77 0x0000000000001174 <+11>: mov %rsi,-0x10(%rbp)
78 0x0000000000001178 <+15>: cmpl $0x2,-0x4(%rbp)
79 0x000000000000117c <+19>: jne 0x11e3 <main+122>
80 0x000000000000117e <+21>: mov -0x10(%rbp),%rax
81 0x0000000000001182 <+25>: add $0x8,%rax
82 0x0000000000001186 <+29>: mov (%rax),%rax
83 0x0000000000001189 <+32>: mov %rax,%rsi
84 0x000000000000118c <+35>: lea 0xe71(%rip),%rdi # 0x2004
85 0x0000000000001193 <+42>: mov $0x0,%eax
86 0x0000000000001198 <+47>: callq 0x1040 <printf@plt>
87 0x000000000000119d <+52>: mov -0x10(%rbp),%rax
88 0x00000000000011a1 <+56>: add $0x8,%rax
89 0x00000000000011a5 <+60>: mov (%rax),%rax
90 0x00000000000011a8 <+63>: lea 0xe6b(%rip),%rsi # 0x201a
91 0x00000000000011af <+70>: mov %rax,%rdi
92 0x00000000000011b2 <+73>: callq 0x1050 <strcmp@plt>
93 0x00000000000011b7 <+78>: test %eax,%eax
94 0x00000000000011b9 <+80>: jne 0x11d5 <main+108>
95 0x00000000000011bb <+82>: lea 0xe67(%rip),%rdi # 0x2029
96 0x00000000000011c2 <+89>: callq 0x1030 <puts@plt>
97 0x00000000000011c7 <+94>: lea 0xe6b(%rip),%rdi # 0x2039
98 0x00000000000011ce <+101>: callq 0x1030 <puts@plt>
99 0x00000000000011d3 <+106>: jmp 0x120c <main+163>
100 0x00000000000011d5 <+108>: lea 0xe72(%rip),%rdi # 0x204e
101 0x00000000000011dc <+115>: callq 0x1030 <puts@plt>
102 0x00000000000011e1 <+120>: jmp 0x120c <main+163>
103 0x00000000000011e3 <+122>: mov -0x10(%rbp),%rax
104 0x00000000000011e7 <+126>: mov (%rax),%rdx
105 0x00000000000011ea <+129>: mov 0x2e6f(%rip),%rax # 0x4060 <stderr@@GLIBC_2.2.5>
106 0x00000000000011f1 <+136>: lea 0xe5d(%rip),%rsi # 0x2055
107 0x00000000000011f8 <+143>: mov %rax,%rdi
108 0x00000000000011fb <+146>: mov $0x0,%eax
109 0x0000000000001200 <+151>: callq 0x1060 <fprintf@plt>
110 0x0000000000001205 <+156>: mov $0x1,%eax
111 0x000000000000120a <+161>: jmp 0x1211 <main+168>
112 0x000000000000120c <+163>: mov $0x0,%eax
113 0x0000000000001211 <+168>: leaveq
114 0x0000000000001212 <+169>: retq
115End of assembler dump.
116```
117
118This looks ugly right. Well it’s AT&T syntax, change it to intel using:
119```
120(gdb) set disassembly-flavor intel
121```
122
123For permanent change, create ~/.gdbinit and add
124```
125set disassembly-flavor intel
126```
127
128Again disassemble main and you will get a more readable code
129```shell
130Dump of assembler code for function main:
131 0x0000000000001169 <+0>: push rbp
132 0x000000000000116a <+1>: mov rbp,rsp
133 0x000000000000116d <+4>: sub rsp,0x10
134 0x0000000000001171 <+8>: mov DWORD PTR [rbp-0x4],edi
135 0x0000000000001174 <+11>: mov QWORD PTR [rbp-0x10],rsi
136 0x0000000000001178 <+15>: cmp DWORD PTR [rbp-0x4],0x2
137 0x000000000000117c <+19>: jne 0x11e3 <main+122>
138 0x000000000000117e <+21>: mov rax,QWORD PTR [rbp-0x10]
139 0x0000000000001182 <+25>: add rax,0x8
140 0x0000000000001186 <+29>: mov rax,QWORD PTR [rax]
141 0x0000000000001189 <+32>: mov rsi,rax
142 0x000000000000118c <+35>: lea rdi,[rip+0xe71] # 0x2004
143 0x0000000000001193 <+42>: mov eax,0x0
144 0x0000000000001198 <+47>: call 0x1040 <printf@plt>
145 0x000000000000119d <+52>: mov rax,QWORD PTR [rbp-0x10]
146 0x00000000000011a1 <+56>: add rax,0x8
147 0x00000000000011a5 <+60>: mov rax,QWORD PTR [rax]
148 0x00000000000011a8 <+63>: lea rsi,[rip+0xe6b] # 0x201a
149 0x00000000000011af <+70>: mov rdi,rax
150 0x00000000000011b2 <+73>: call 0x1050 <strcmp@plt>
151 0x00000000000011b7 <+78>: test eax,eax
152 0x00000000000011b9 <+80>: jne 0x11d5 <main+108>
153 0x00000000000011bb <+82>: lea rdi,[rip+0xe67] # 0x2029
154 0x00000000000011c2 <+89>: call 0x1030 <puts@plt>
155 0x00000000000011c7 <+94>: lea rdi,[rip+0xe6b] # 0x2039
156 0x00000000000011ce <+101>: call 0x1030 <puts@plt>
157 0x00000000000011d3 <+106>: jmp 0x120c <main+163>
158 0x00000000000011d5 <+108>: lea rdi,[rip+0xe72] # 0x204e
159 0x00000000000011dc <+115>: call 0x1030 <puts@plt>
160 0x00000000000011e1 <+120>: jmp 0x120c <main+163>
161 0x00000000000011e3 <+122>: mov rax,QWORD PTR [rbp-0x10]
162 0x00000000000011e7 <+126>: mov rdx,QWORD PTR [rax]
163 0x00000000000011ea <+129>: mov rax,QWORD PTR [rip+0x2e6f] # 0x4060 <stderr@@GLIBC_2.2.5>
164 0x00000000000011f1 <+136>: lea rsi,[rip+0xe5d] # 0x2055
165 0x00000000000011f8 <+143>: mov rdi,rax
166 0x00000000000011fb <+146>: mov eax,0x0
167 0x0000000000001200 <+151>: call 0x1060 <fprintf@plt>
168 0x0000000000001205 <+156>: mov eax,0x1
169 0x000000000000120a <+161>: jmp 0x1211 <main+168>
170 0x000000000000120c <+163>: mov eax,0x0
171 0x0000000000001211 <+168>: leave
172 0x0000000000001212 <+169>: ret
173End of assembler dump.
174```
175
176Now make a assumption how this binary works. When you run it without any argument it will display the usage message. If you pass two arguments where first one is program name itself and second one is license key, it will display a access granted or access denied message. Now apply that assumption to assembly code.
177
178For exploitation, we can ignore most of the stuff. So at 0x1178, you can see a cmp function which is comparing a pointer to hex 0x2(which is 2 in decimal). According to our assumption, that must be checking arguments. Just below that 0x117c have a jne(basically jump not equal). So if those strings don’t match, control flow will jump to addr 0x11e3. Now at addr 0x1198, it is calling a printf function, which maybe printing “Checking License:” when you run the binary. Next interesting addr is 0x11b2, it is calling a strcmp(string compare) function. It should be comparing our key with the correct key to verify. Next we have 0x11b7 which is a test function and returns value 0 if strings match. After that we have addr 0x11b9 which is jne(jump not equal), jumps to addr 0x11d5 if strings are not equal. After that we have 0x11c2 and 0x11ce which is calling a puts(it just prints stuff) function, this will print “Access Granted!” and some other text if we give correct key. Next is 0x11d3 which will jump to 0x120c and terminates our program. Now let’s exploit it using gdb to print access granted without using key.
179
180First set breakpoint at main. Breakpoint is a point in memory where your execution stops.
181```
182(gdb) break *main
183```
184
185Now run the program and watch the control flow. You can use pen-paper for better understanding.
186```
187(gdb) run
188(gdb) ni
189```
190
191ni is to execute next instruction. After that just press enter and it will execute the next instruction. Now try running the program with a key.
192```
193(gdb) run random_key
194(gdb) ni
195```
196
197Carefully watch the control flow this time. Now according to our assumption, if we change the value of eax at addr 0x11b7, we are telling the program that the strings matched and it will print the access granted message. So for that set breakpoint 2 to the address of test eax, eax.
198```
199(gdb) disass main
200(gdb) break *0x00005555555551b7
201```
202
203Again run the program with a random_key.
204```
205(gdb) run random_key
206```
207
208After hitting the first breakpoint, type continue to jump to next breakpoint.
209```
210(gdb) continue
211(gdb) info registers
212(gdb) set $eax=0
213(gdb) ni
214```
215
216Here I set the value of eax to 0 and run the program instruction by instruction. After setting eax=0, next addr 0x00005555555551b9 will not be executed as it is jne. Use ni to continue executing next instruction.
217```shell
218(gdb) run random_key
219The program being debugged has been started already.
220Start it from the beginning? (y or n) y
221Starting program: crackme1 random_key
222
223Breakpoint 1, 0x0000555555555169 in main ()
224(gdb) continue
225Continuing.
226Checking Licence: random_key
227
228Breakpoint 2, 0x00005555555551b7 in main ()
229(gdb) info registers
230rax 0x3 3
231rbx 0x0 0
232rcx 0xfff7fdff 4294442495
233rdx 0x68 104
234rsi 0x55555555601a 93824992239642
235rdi 0x7fffffffe563 140737488348515
236rbp 0x7fffffffe170 0x7fffffffe170
237rsp 0x7fffffffe160 0x7fffffffe160
238r8 0xffffffff 4294967295
239r9 0x1d 29
240r10 0xfffffffffffff1a9 -3671
241r11 0x7ffff7f36140 140737353310528
242r12 0x555555555070 93824992235632
243r13 0x7fffffffe250 140737488347728
244r14 0x0 0
245r15 0x0 0
246rip 0x5555555551b7 0x5555555551b7 <main+78>
247eflags 0x206 [ PF IF ]
248cs 0x33 51
249ss 0x2b 43
250ds 0x0 0
251es 0x0 0
252fs 0x0 0
253gs 0x0 0
254(gdb) set $eax=0
255(gdb) info registers
256rax 0x0 0
257rbx 0x0 0
258rcx 0xfff7fdff 4294442495
259rdx 0x68 104
260rsi 0x55555555601a 93824992239642
261rdi 0x7fffffffe563 140737488348515
262rbp 0x7fffffffe170 0x7fffffffe170
263rsp 0x7fffffffe160 0x7fffffffe160
264r8 0xffffffff 4294967295
265r9 0x1d 29
266r10 0xfffffffffffff1a9 -3671
267r11 0x7ffff7f36140 140737353310528
268r12 0x555555555070 93824992235632
269r13 0x7fffffffe250 140737488347728
270r14 0x0 0
271r15 0x0 0
272rip 0x5555555551b7 0x5555555551b7 <main+78>
273eflags 0x206 [ PF IF ]
274cs 0x33 51
275ss 0x2b 43
276ds 0x0 0
277es 0x0 0
278fs 0x0 0
279gs 0x0 0
280(gdb) ni
2810x00005555555551b9 in main ()
282(gdb)
2830x00005555555551bb in main ()
284(gdb)
2850x00005555555551c2 in main ()
286(gdb)
287Access Granted!
2880x00005555555551c7 in main ()
289(gdb)
2900x00005555555551ce in main ()
291(gdb)
292Your are 1337 h4xx0r
2930x00005555555551d3 in main ()
294(gdb)
295```
296
297Voila! You have cracked the program without knowing the correct key.
298
299This one is just a basic intro into binary exploitation and enough to get you started.
300
diff --git a/content/posts/dynamic-img.md b/content/posts/dynamic-img.md
new file mode 100755
index 0000000..4ae5e59
--- /dev/null
+++ b/content/posts/dynamic-img.md
@@ -0,0 +1,39 @@
1---
2title: "Dynamic Image Sources"
3date: 2020-06-13T13:20:34+05:30
4description: Using dynamic image source for dynamic CSS
5draft: false
6---
7My site uses dynamic css to generate dark or white theme based on user's system theme. So sometimes, I need to use different image colors to fit my needs. There is a very easy fix which involves using javascript but
8
9![](https://media1.tenor.com/images/ee55cce2b19a8a3731a14b0348ffe4ad/tenor.gif)
10
11(well accept for feather icons. i'll add only few icons once i get time.)
12
13## Using invert color filter in CSS
14```css
15img {
16 -webkit-filter: invert(1);
17 filter: invert(1);
18}
19```
20But sometimes it's just not the right way.
21
22## Using @media
23This is a better approach as it changes the source of the image.
24
25main.css
26```css
27<img class="class_name" src='img_light.png'/>
28```
29
30dark.css
31```css
32@media {
33 .class_name{
34 content: url(img_dark.png);
35 }
36}
37```
38
39
diff --git a/content/posts/hosting-email.md b/content/posts/hosting-email.md
new file mode 100755
index 0000000..f82bd2e
--- /dev/null
+++ b/content/posts/hosting-email.md
@@ -0,0 +1,8 @@
1---
2title: "Selfhosted Email that actually works"
3date: 2022-12-07T12:10:56+05:30
4description: This is probably a bad idea
5draft: true
6---
7
8## Why it's so hard?
diff --git a/content/posts/optimus-void.md b/content/posts/optimus-void.md
new file mode 100755
index 0000000..6ae889c
--- /dev/null
+++ b/content/posts/optimus-void.md
@@ -0,0 +1,98 @@
1---
2title: "Using Optimus on Void or Non Systemd Distros"
3date: 2019-09-13T12:10:56+05:30
4description: This article is for those who are a victim of laptop vendors but want to squeeze out maximum performance of their machine.
5draft: false
6---
7
8## What is optimus technology?
9According to gentoo wiki
10> NVIDIA Optimus is a proprietary technology that seamlessly switches between two GPUs. It is typically used on systems that have an integrated Intel GPU and a discrete NVIDIA GPU. The main benefit of using NVIDIA Optimus is to extend battery life by providing maximum GPU performance only when needed.
11
12There is a great wiki about using bumblebee(not transformer) on void linux but bumblebee’s project last commit was in 2013 and it doesn’t support vulkan, so no luck for linux gamers. A better way is to use a utility like nvidia-prime which is available for ubuntu or optimus-manager which is available for arch-based distros(available in AUR). Sadly, these projects require systemd as a init system. There is only one project which uses shell script and partly depends on systemd but is pretty hackable - [nvidia-xrun](https://github.com/Witko/nvidia-xrun).
13
14## Problem on void
15libglvnd is broken in void repos which makes it hard to have multiple drivers from different vendors to coexist on the same filesystem. This results in having either openGL libraries from mesa or nvidia.
16
17## The Hack
18Install nvidia openGL libraries in /opt directory and point nvidia-xrun to use them. This is just a workaround of libglvnd.
19
20First of all install these packages:
21- nvidia-dkms - for kernel modules
22- libGL libEGL - mesa drivers
23- xrandr xorg - display server
24- any wm/de
25
26Create a file /etc/modprobe.d/nvidia.conf for blacklisting nvidia kernel modules so that they won’t be loaded at boot. Add the following text:
27```
28blacklist nvidia
29blacklist nvidia-drm
30blacklist nvidia-modeset
31blacklist nvidia-uv
32blacklist nouveau
33```
34
35Next create some directories
36```shell
37$ sudo mkdir /opt/nvidia
38$ sudo mkdir -p /opt/nvidia/fakeroot/usr/lib
39$ sudo mkdir -p /opt/nvidia/fakeroot/usr/lib32
40$ sudo mkdir /etc/X11/nvidia
41```
42
43Now we have to create a fakeroot directory with nvidia openGL libraries
44```shell
45$ sudo ln -s /opt/nvidia/fakeroot/usr/lib /opt/nvidia/fakeroot/lib
46$ sudo ln -s /opt/nvidia/fakeroot/usr/lib32 /opt/nvidia/fakeroot/lib32
47$ sudo chmod 755 -R /opt/nvidia/fakeroot
48$ xbps-install --rootdir /opt/nvidia/fakeroot --repository https://alpha.de.repo.voidlinux.org/current --repository https://alpha.de.repo.voidlinux.org/current/nonfree --repository https://alpha.de.repo.voidlinux.org/current/multilib --repository https://alpha.de.repo.voidlinux.org/current/multilib/nonfree --yes --sync nvidia nvidia-libs nvidia-libs-32bit
49```
50
51Next clone my repo and move the scripts to respective location
52```shell
53$ git clone https://github.com/fd0e/optimus-hack.git
54$ cd optimus-hack/
55$ sudo cp -r xorg.conf xorg.conf.d /etc/X11/nvidia/
56$ sudo cp run.sh /opt/nvidia/
57```
58
59There is also off.sh which ensures that GPU is off. Run this as root at boot.
60
61Also add these lines in your ~/.xinitrc.
62```shell
63# load additional configs
64if [ "$2" = "nvidia" ]; then
65 XINIT_D="/etc/X11/nvidia/xinit/xinitrc.d"
66else
67 XINIT_D="/etc/X11/xinit/xinitrc.d"
68fi
69
70if [ -d "$XINIT_D" ]; then
71 for f in "$XINIT_D/?*.sh" ; do
72 [ -x "$f" ] && . "$f"
73 done
74 unset f
75fi
76unset XINIT_D
77
78# additional nvidia specific settings
79if [ "$2" = "nvidia" ]; then
80 xrandr --setprovideroutputsource modesetting NVIDIA-0
81 xrandr --auto
82fi
83```
84
85Now close your X session and run /opt/nvidia/run.sh.
86
87And boom! Your X session is now running on nvidia opengl libraries.
88
89## Troubleshooting
90If steam complains about missing libGL. Run steam using this command
91```shell
92$ STEAM_RUNTIME_PREFER_HOST_LIBRARIES=0 steam
93```
94
95## Conclusion
96I don’t recommend using this method but this is the only thing that worked for me.
97
98See this article for more details - [here](https://www.ifnull.org/articles/void_optimus_nvidia_intel/#disqus_thread)
diff --git a/content/posts/setup.md b/content/posts/setup.md
new file mode 100755
index 0000000..5b3ccd9
--- /dev/null
+++ b/content/posts/setup.md
@@ -0,0 +1,28 @@
1---
2title: "My Setup"
3date: 2020-05-19T19:21:39+05:30
4description: Hardware & Software that I use
5draft: false
6---
7## Hardware
8I have one laptop and one PC at home but I only use my laptop [`HP Pavilion 15-au620tx`] as a daily driver. It's a nice machine with a i5-7200U processor, 8 gigs ram and a nvidia 940mx for gaming.
9
10I also have a `Zenfone Max Pro M2`. For listening, I use `Skullcandy Uproar`.
11
12## Software
13![](/images/rice.png)
14
15My software of choice is very minimal. I like things to do what they are supposed to do, nothing less, nothing more. I run gentoo linux with nomultilib/hardened profile. I use suckless software like dwm, st, dmenu, slock to handle my daily needs - if you don't know what they are check them [out](https://suckless.org/). My browser of choice is hardened firefox with tips from [privacytools](https://www.privacytools.io/browsers/).
16
17> You need a bloated browser to browse the bloated web - Luke Smith
18
19Some more tools that I regularly use - `cmus` for music, `bash` as my shell, `zathura` for PDFs, `pass` for managing passwords, `weechat` for IRC, `aerc` for mail.
20
21For pentesting, I use blackarch in virtualbox with just the tools that I need.
22
23## Android
24Coming to my android setup - I use [LineageOS with microG patches](https://lineage.microg.org/) because the name `OpenGApps` is very misleading. My browser of choice for android is [bromite](https://www.bromite.org/) (which is pretty much degoogled chromium). I use [F-Droid](https://f-droid.org/) for installing additional apps. For most of my social media, I use PWAs. I also have [Aurora Store](https://auroraoss.com/) installed just for whatsapp (mostly for my uni groups). Lawnchair is my launcher of choice. Sometimes I do ROM-hoping (i don't even know if that's a thing). To make other ROMs degoogled, I use [nanodroid patches](https://nanolx.org/nanolx/nanodroid) or [minMicrog](https://github.com/friendlyneighborhoodshane/minmicrog_releases/releases).
25
26Some other apps that I use - `K9` for mail, `feeder` for RSS feeds, `Infinity` for reddit, `Revolution IRC` for IRC, `Go Player` for music, `newspipe` for youtube, `OsmAnd` for directions, `PasswordStore` for passwords, `termux` as terminal.
27
28That's it for today, Peace
diff --git a/content/pubkey.gpg b/content/pubkey.gpg
new file mode 100755
index 0000000..f385801
--- /dev/null
+++ b/content/pubkey.gpg
@@ -0,0 +1,52 @@
1-----BEGIN PGP PUBLIC KEY BLOCK-----
2
3mQINBF8KGTgBEACzB5CFji1F+wLSsuvS0K1O+uUES/oNrd+mZmXpcXmfT/U4JEvP
4zmTKt3knEI3kMEHtcbMnejzGpbVBqWiO5nH1NUA4LROe1g1pUDGS4ha5xxdiNaX/
5PQLS6CIb0UHGsQ6GKZnDykL8YC9JApNkZD3Ql8OMaj0EIVxLnVX4yDrqHICILUKm
6wUrCM6RLi0HUc+UQ6Y/ksezpURrSwnkL+g3RgdhDO3hmnAtcnGATJQhOpHcNLaIW
7sLx6Woh8cJCMI8uQ4+zLBenHEw0zLmPVI/PZUcQc+OgExjiV1qX8JX6qpx17IQ4H
8u092NKhf4Wxecrun2SREuRtyLBHd367fyqQ0gw4PpuTLMzkhNcvy0gEkhxf06pmk
9yuO1fP9kZXs4NIZFHVdHMmTojMbHemTOzgK9KkUSqoOhaSK63pqHFdaF1id9U2OF
10jFycy6t2bg9KJ+VSMEWIVIXXFDPy4a1n3ip7tf68jfF3XX1LbHuby0RFfrBjrDHr
115FrHQSIJshvwbox03whRjRKETu0YG6dKDHaV/gGIPli/RAeVi9eDyzzK/WT+yf7q
129Zeyp4Syy2HeKoh4go3DOc7Nej8KgLiWt9WONWKLmj24DTHW68YZWIPrztu44O7n
13oUHiSL25EHcXUHCSveMUJCkAhFU9Al5+nqUGqoVGcn3sCxzw/4V5NB35CQARAQAB
14tCRTaHViaGFtIFNhaW5pIChwcnlyKSA8cHJ5ckBwcnlyLnh5ej6JAlQEEwEIAD4W
15IQSlBMX0ua0hP6ijqQHgQE3eS8+dtQUCXwoZOAIbAwUJBaOagAULCQgHAgYVCgkI
16CwIEFgIDAQIeAQIXgAAKCRDgQE3eS8+dtZdaEACnFzMjFrygXTumAg04Cvmq4Ker
17CdAzvYm66zSdzZHRUrmqwdzpQjMQ7P3AGKiMP5Uga/wGguN4q6zLZFx6DtGHW+1R
18vKcHHUm6zhlWQuzZGAWg4HEE1zxFsGJgR7F3t4T24WHKiMBS3zPLUkNa/EvbeiH8
19hCh8zUJH3wzWGW0Z6oGbXXXFYRHqoDhhtpf3qAD2ys8rpi8ocaIXG59pI58ZxLmx
20HmqxhWHWnKyass2EMeHa1d9S/UJNN++9Z+wDN5Skfv1B/SfeZmAtdLUarSSnS8ST
21F5aln66U4j40/oyWHC5Vx78WwpbM827X+dTn/ahnblZnZP3kAVMfFeiaOevRB6EZ
22usNcSCU5aaHLCDYBaqehplHyDs/ezXUTtvaXLT5Ow4nRwMl7mP8tKjnLornr/X3L
23I5ILoB/Jmt+bxuDGRksSOlMkXL9dkH03pPkY44E8ZMOOxXGJP4XYoQWqRavqRnId
2497nZq5V/RxkGZzesZkOFz9DsPNs2zqkJRf4SXEOZxWll3EcDt4O6588GV9WEH2Pi
25SBT/ynxxcMbKG9ov3y+CkG3PL8HdljMqmC29KKcacf0WH1eKhf+b9X2n+d206jqm
26WpqMHko6Mdylqm+ssNgr9n+Y7iV7Ci2uoRdDtD3ap59k7tV5mOvRM3wj+tgHT6Qu
27mkuv/rbUOs4WT50/Q7kCDQRfChk4ARAA0YMCdHUYuzlZNU6vREXSCCxG8rqSjR5e
28OtVMC3o8EgW0TCvLpmrwYZEkp7OktVLmX32pv7SvJgjIo3ZMEXe/8lqMd1ofzcvn
297fGdL1zS0hj3zMG7jG3ft6VTJX0+5k32tMJZNeLNJAnKmVIJ+XKIsMB8vp5JxnZT
30hfYaHYOeJxnUDcCncSKGSuwQoy1M+WyAHMW1HKBnfCKTDzjlgkXX7Gx/mqxHJQfJ
31QB7Ax7DIICxcWEUZiTpA/AeJ3YqnaDBihm/YGqvTJUOBLDjD53SUl5pWCGopoQrr
323aUkkl//u3Iwr2kygd2aMaXqlS3ENcFYb1rvrKq+cCoUYE0U2hyv3BaQ/Pygtqcm
33tx4Sk3PW7kVeZF4QKGace/BSPmqevu4FxtcRu4ttrfYAJhE7sn20gBi3iWwTSM7Z
34CHWey47XOVVwNa/ceox8KXI4FfEhCWfsywMbOm0EsadlpTAKN/9dsAwK5jqRzXwq
35itBJxv+e+PBo4VUvvCkfHzm4AG8z/gwVslQe7HYvO1MgXed7gPG3cpa6vTKrw1Nr
36kXShXBIERasPzc1OZlnymFeiZBASPzIPtICkKILrvACL8HGoRn9Kz+U7Q3M+sqvD
373ijOttZyLNkgttwd5oCtFd9uVrRXVqPMjCkMX6u1agXWjUh1Wf00UumB7YkdzdEu
38R+iCRy1jCz8AEQEAAYkCPAQYAQgAJhYhBKUExfS5rSE/qKOpAeBATd5Lz521BQJf
39Chk4AhsMBQkFo5qAAAoJEOBATd5Lz5216TsP/0fmSsOdOm751D399h/M7fDngv/s
40nglZXHSe29Lt0b6At4ZzZ0rW8yT/nnpXLdJlpKijqbpagI4hLKgrxe/YEhqnXhWD
41qE5SIOG3o5pyoTJqbmu+j1IKb3eYjRgRxZBP87lQqJ+ZIbAtlYSy5qK0hivydiIJ
42/g0zU8TbK9ackIFb0E3uHeU0Ic4pXgOfay2dhS5tnx6BXptocCvwtWS3piA8mR8o
43wIIZMtWnn0troAmN1hPECn5bgLvi6MoJ4/oKe6P6H5N5yW7KTLEOKMohNxG7gWPe
44QhOKyG/OEM+rWPc/ylAl3+WPswIc0ilHIiuQB9GEOlnEAwQJntwDe0GPN7mm/PR8
45NUCpvEH/TmXemBBq+CwYBndZpws5gwKX8+rR4FivxwWy7D5HhxfX+qpMTGMvfjXJ
46b0bPsJVDFpkXCxhTQDX0+nz54vfDPm2BOlHntWA+kvbXK14YyjfnCaRuajQ+REyw
47UhHvbS+Odrc59pjWjfID+K7ZUygcb3oVq94I9aMMOSC2JA3AXtknWuuDjfEXFsY0
48+CtFOrzdgs5OWHspJgF36t4jNFF3+KsQPKkpPOdVjpowXbDHEDaxAiuLXbnYKAXI
49UZiENBgfhgWi2FiJsVJu5Sv0dgedKSXll5tvvNL9DRGAjxlOzjl670AfqJk4nllF
50b3qQAzTOKTJ6sE8S
51=l0PM
52-----END PGP PUBLIC KEY BLOCK-----