Stefan Reimer's web blog
Projects, ideas or business opportunities around FOSS and security in the Greater Vancouver area? Contact me...

Nvidia binary blob works with PAX / Grsecurity kernel

The current open source OpenGL stack, especially for nvidia hardware, is not really capable of supporting games like EVE Online or SC2 using Wine. This is why myself, like so many others, still have to use the nvidia binary blob.

Since several versions of the nvidia kernel module one has to apply at least one minor patch to get the module compiled against a Pax / grsecuirty kernel. In order to successfully enable the PAX_USERCOPY option a second patch is needed. Initially the patch only allowed using the SLAB memory allocator, but thanks to the Pax team, an updated version now also allows the use of the default SLUB allocator.

See grsecurity forums for details.

I added a nvidia-driver ebuild incl. both patches to my overlay and filed a bug to get them added upstream, see #385837


My overlay is now in offical layman list

How to use my overlay

As my overlay was recently added to the layman list of overlays you can now easily add it running:

layman -S && layman -a quarks

or you checkout out the repository manually:

git clone git://
git clone

ebuilds for dnsenum and regripper

Again I created ebuilds for tools I came across recently:

  • net-analyzer/dnsenum

    DESCRIPTION="A perl script to enumerate DNS from a server"

    Very useful DNS information gathering tool during reconnaissance phase. Also part of the BackTrack distribution.
    Both the standard and the big hosts file for brute forcing are provided in /usr/share/dnsenum !
  • app-forensics/regripper

    DESCRIPTION="Perl scripts to parse Windows registry files"

    Set of perl scripts which take a Windows registry file as input, parse it and output the requested information, e.g:
# regripper -r /tmp/NTUSER.DAT -p printers

They are part of my overlay !


Gentoo ebuilds for Dradis, fierce and theHarvester

While doing some security consulting I have been updating some ebuilds on the way.
All the ebuilds are based on the ebuilds provided by !

  • net-analyzer/fierce   1.0.3

DESCRIPTION="Fierce is a DNS reconnaissance tool written in perl"

  • net-analyzer/theHarvester   2.1

DESCRIPTION="The Harvester is a tool designed to collect email accounts of the target domain"

  • app-misc/dradis

DESCRIPTION="A framework for effective information sharing"

Check out my overlay.



Using the Android SDK on Gentoo


1. Unmask and install the Android SDK update manager:

emerge dev-util/android-sdk-update-manager

2. Add all users who should be allowed using it to the 'android' group:

gpasswd -a <user> android

3. In case you added yourself relog now, then run:


and install at least the platform-tools package

ADB will be at /opt/android-sdk-update-manager/platform-tools/adb

5. Finally edit your .bashrc file to add adb to your PATH:

 export PATH="/opt/android-sdk-update-manager/platform-tools/:${PATH}" 


Add the following udev rules to e.g. /etc/udev/rules.d/80-android.rules:

SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", MODE="0666", GROUP="plugdev"
SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", MODE="0666", GROUP="plugdev"
SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", MODE="0666", GROUP="plugdev"
SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0666", GROUP="plugdev"
Restart udevd and make sure you are member of the plugdev group.

Plugin your Android device via usb

Test the connection

adb devices

That should give you a list of connected Android devices

Now what ?


© | Design by: