Revert "remove crosbreaker kajigs, highlight quicksilver in unenrollment.mdx (#55)"

This reverts commit 07499ce.

Author: xmb9

src/content/docs/kajigs/sh1ttyexec.mdx

@@ -0,0 +1,23 @@
+---
+title: Sh1ttyExec
+description: Sh1ttyExec is an exploit that can be used to run unverified recovery images on a keyrolled device
+author: lxrd
+keywords: ["chromeos exploits", "kernver 6"]
+kernver: 6
+---
+
+import PageHeader from "/src/components/PageHeader.astro";
+
+<PageHeader title={frontmatter.title} description={frontmatter.description} author={frontmatter.author} link={frontmatter.link} kernver={frontmatter.kernver} nolower={frontmatter.nolower} />
+
+#### Steps
+
+1. Powerwash the device
+2. Start enrolling the device then open powerwash menu (ctrl+alt+shift+r) on Enrollmet screen not the please wait and wait till it crashes back to OOBE
+3. Try enrolling again but the moment enrollment starts (the screen that says enrollment, not please wait) esc+refresh+power ( its timing sensitive so don’t expect to get it first try), and you are done, block_devmode is set to 0 and you can do bad reco unverified which can help facilitate exploits/unenrollments like quicksilver on keyrolled devices (kv6). To enter an unverified recovery image, esc+refresh+power then ctrl+d and enter, esc+refresh+power again and plug in usb.
+
+Explanation: This is due to the fact that when you enroll you go through state determination and if you crash back to oobe and try to enroll again, state determination happens a second time. As a result, it tries to clear fwmp but it can’t because the tpm is locked, however it does set block_devmode in vpd to 0. Shortly after, it sets it back to 1 but we can simply restart or enter recovery menu before it is able to. This allows us to boot unverified recovery images and gain/lead to code execution via badrecovery unverified. A project called recomm3r is being released by carbon soon which is an unverified recovery image that has a clean GUI and many utilities like sh1mmer.
+
+Video tutorial:
+
+https://drive.google.com/file/d/1Z4Lv82w_QGy-TTdSvdMAu0gf8NOJyKfx/view

src/content/docs/kajigs/sh1ttyoobe.mdx

@@ -0,0 +1,22 @@
+---
+title: Sh1ttyOOBE
+description: Sh1ttyOOBE is a pseudounenrollment exploit that can be used to fully unenroll with Br0ker
+author: lxrd
+keywords: ["unenrollment", "chromeos exploits", "kernver 5"]
+kernver: 5
+unenrollment: true
+---
+
+import PageHeader from "/src/components/PageHeader.astro";
+
+<PageHeader title={frontmatter.title} description={frontmatter.description} author={frontmatter.author} link={frontmatter.link} kernver={frontmatter.kernver} nolower={frontmatter.nolower} />
+
+#### Steps
+
+1. Powerwash your Chromebook
+2. On the "welcome to your Chromebook" screen, click the android button
+3. Hit CTRL+ALT+SHIFT+R and click "cancel"
+4. Click "Enter your google account email and password" it should say to connect to a network
+5. Open quick settings from the bottom right and connect to a network
+
+After signing in you can sign out and you will be back on the welcome screen, progress through oobe as normal by clicking get started and next, you will be greeted with three options to sign in. Sign in with the same email and when you sign in it will hang on the please wait screen, simply restart or alt+volup+x and you will be placed on the lockscreen. After that you are done and can sign out/reboot and it will be persistent until next powerwash.

src/content/docs/kajigs/unenrollment.mdx

@@ -11,7 +11,7 @@ import PageHeader from "/src/components/PageHeader.astro";
 
 All Unenrollment exploits can be used on previous kernvers.
 
-For example, Quicksilver can be used on any Kernver that can be used below 143, which would be Kernvers 1, 2, 3, 4, 5, and 6.
+For example, Br0ker can be used on any Kernver that can be used below 137, which would be Kernvers 1, 2, 3, 4, and 5.
 
 import { getkajigs, kernvers } from '../../config.ts';
 export const kernver = await getkajigs(true)