I went to upgrade my home Gitlab server with sudo apt update && sudo apt upgrade -y and was met with the following error.
Preparing to unpack .../gitlab-ce_16.6.0-ce.0_armhf.deb ... gitlab preinstall: It seems you are upgrading from 16.2 to 16.6. gitlab preinstall: It is required to upgrade to the latest 16.3.x version first before proceeding. gitlab preinstall: Please follow the upgrade documentation at https://docs.gitlab.com/ee/update/index.html#upgrade-paths dpkg: error processing archive /var/cache/apt/archives/gitlab-ce_16.6.0-ce.0_armhf.deb (--unpack): new gitlab-ce package pre-installation script subprocess returned error exit status 1 Errors were encountered while processing: /var/cache/apt/archives/gitlab-ce_16.
Read moreIts been a while since I last posted here, I've like most people been busy with work and life in general, and that's let a few things slide. One of those was my emacs configuration. Being put on bed rest for a few weeks while I recover from an operation, I thought I'd go through my configuration and see if I can tidy it up a bit, and maybe try out a few different packages.
Read moreRecently I’ve discovered the wonderful life of code review, and although I tried VS code, it felt clunky, and hard to navigate. Don’t get me wrong VS code has its place, and its a decent editor. But I felt more ate home with emacs.
Anyone doing code review will most likely tell you to up your grep game. Or maybe if you spoke to me about code review, I’d tell you that.
Read moreSod it, its my blog, I’ll write about what I want.
Its also letting me trial out ox-hugo and spoiler, I love it. But anyway, Rotten Sound… One of my favorite bands of all time, and nearly (by 1 year) as old as me. I got into Rotten Sound when I was 15 with the Cycles album. The cover alone got the young me very intrigued.
Still to this day, some 15 years later, this is still very much a goto album of mine.
Read moreData Type Format Specifiers Size Range Signed char %c 1 Byte -128 to 127 Unsigned char %c 1 Byte 0 to 255 Int or Long Int or Signed or Long Int %d 4 Bytes -2147483648 to 2147483647 Unsigned Int or Unsigned Long Int %u 4 Bytes 0 to 4 Gb Short Int %hd 2 Bytes -32768 to 32767 Unsigned short Int %hu 2 Bytes 0 to 65535 Float %f 4 Bytes 3.
Read moreIn January 2021, Qualys released a blog post detailing a terrifying new vulnerability in the Unix sudo program. Specifically, this was a heap buffer overflow allowing any user to escalate privileges to root – no misconfigurations required. This exploit works with the default settings, for any user regardless of sudo permissions, which makes it all the scarier. The vulnerability has been patched, but affects any unpatched version of the sudo program from 1.
Read moreI need to get rid of some of these notes I’ve gathered over the years of being a pentester, that although are cool, I never ended up using. So I doubt there will be much in here, I’m not going to explain each one in detail, I just need them gone from my life.
Golang HTTP Within golang you can make http(s) requests like so.
package main import ( "fmt" "io/ioutil" "net/http" ) func main() { resp, err := http.
Read moreThroughout my career I’ve always been the one that knew more that your typical ssh command. Colleges would often ping me if they ever needed to do anything “advanced” with ssh. Recently I found myself in the depths of man ssh and scripting my fair share of ssh shell scripts. So I thought I’d dump some of that knowledge in a post.
The Config File If you ever find yourself making an alias like alias foo=ssh you@192.
Read moreTrying to get a ARM32 host to run 32bit assembly is harder than I expected. This is how to run 32bit assembly on a ARM64 bit host.
First install some cross compilation tools.
sudo apt install gcc-arm-linux-gnueabihf binutils-arm-linux-gnueabihf binutils-arm-linux-gnueabihf-dbg gcc gdb-multiarch Now trying to assemble the following 32 bit example, that just prints “Hello World” will fail with the as command.
.section .text .global _start _start: /* syscall write(int fd, const void *buf, size_t count) */ mov r0, #1 ldr r1, =msg ldr r2, =len mov r7, #4 svc #0 /* syscall exit(int status) */ mov r0, #0 mov r7, #1 svc #0 msg: .
Read moreI forgot about this note, and its saved me in the past. The code signature from a mach-o file can easily be extracted with tools like dd or jtool2 as the code signature is always at the end of the file in the LC_CODE_SIGNATURE section.
For example, here is how to do it with dd
% file ./TwoDots ./TwoDots: Mach-O 64-bit executable arm64 % jtool2 -l TwoDots | grep SIG LC 42: LC_CODE_SIGNATURE Offset: 50448, Size: 21040 (0xc510-0x11740) % dd if=.
Read more