2014-03

| tags: asm code

Have you ever wondered how Intel comes up with such high-quality mnemonics as VPBROADCASTMB2Q, VPCLMULHQLQDQ, and many more besides? Well, wonder no more! Here is an entirely automatic generator for you to make as many new opcodes as you please.

more...

| tags: photo

Continuing on the fringes of photography, here are some initial results from an experiment involving long-term time-lapse photos.

To summarize, I've taken (with a phone) a picture of the Aalto University main building, from two different angles, (almost) every morning when arriving at work. So far, there are approximately 28 pictures from both angles, from 2014-02-11 to 2014-03-25. I'm still collecting more, and thinking about how to post-process the images, but here are some quick blends.

more...

| tags: asm sec

Quite some time ago (late 2011) I got sufficiently bored to poke and prod the firmware of a ZTE ZXDSL 931WIIA brand VDSL2 device, primarily to find out if it had a usable telnet interface and/or a convenient way to run arbitrary code. I always meant to write up a description of what was hiding under this particular rock, but never got around to. Well, here we (belatedly) are.

Disclaimers: Most things in the following are likely to be — more or less — particular to the exact model and firmware version (ZXDSL931WIIA_ElisaV2.8.2a_Z40_FI) I have. The model is probably discontinued by now, but perhaps the illustrated principles may be helpful for someone. If you still have one, don't try any of this at home if you're very attached to the device. Finally, the approach taken is a very "manual" one (GNU binutils, dd, etc.), and more intelligent tools could well make it simpler.

tl;dr? There is a telnet interface (in this version), with hardcoded ZTE "debugging" username:password pairs, allowing for full root shell access.

more...