CACHE_INFO: 127.0.0.1 | |
CF_CONNECTING_IP: 127.0.0.1 | |
CF-Connecting-IP: 127.0.0.1 | |
CLIENT_IP: 127.0.0.1 | |
Client-IP: 127.0.0.1 | |
COMING_FROM: 127.0.0.1 | |
CONNECT_VIA_IP: 127.0.0.1 | |
FORWARD_FOR: 127.0.0.1 | |
FORWARD-FOR: 127.0.0.1 | |
FORWARDED_FOR_IP: 127.0.0.1 |
Collection of BloodHound Cypher Query Examples
- I- Raw
- II- Built-In
- III- Custom
- IV- DB Manipulation
- V- REST API (PowerShell)
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
# New function naming schema: | |
# Verbs: | |
# Get : retrieve full raw data sets | |
# Find : ‘find’ specific data entries in a data set |
import requests | |
import sys | |
import json | |
def waybackurls(host, with_subs): | |
if with_subs: | |
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
else: | |
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
# Copy and paste the following snippet, including brackets, into the Terminal | |
( | |
set -e; | |
cd "$(mktemp -d)" | |
curl -LO 'http://www.newosxbook.com/tools/jtool2.tgz' | |
tar -x -f jtool2.tgz | |
lipo jtool2 -thin x86_64 -output jtool2.x86_64 | |
lipo disarm -thin x86_64 -output disarm.x86_64 | |
sudo mkdir -p /usr/local/bin |
Let's say you want to access the application shared preferences in /data/data/com.mypackage.
You could try to run adb shell
and then run-as com.mypackage
( or adb shell run-as com.mypackge ls /data/data/com.mypackage/shared_prefs
),
but on a production release app downloaded from an app store you're most likely to see:
run-as: Package 'com.mypackage' is not debuggable
// $ frida -l antiroot.js -U -f com.example.app --no-pause | |
// CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): | |
// - I added extra whitelisted items to deal with the latest versions | |
// of RootBeer/Cordova iRoot as of August 6, 2019 | |
// - The original one just fucked up (kill itself) if Magisk is installed lol | |
// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
Java.perform(function() { | |
var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
import json | |
print('Loading function') | |
def lambda_handler(event, context): | |
#1. Parse out query string params | |
transactionId = event['queryStringParameters']['transactionId'] | |
transactionType = event['queryStringParameters']['type'] | |
transactionAmount = event['queryStringParameters']['amount'] |
You might want to read this to get an introduction to armel vs armhf.
If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.
First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static
so that you can run ARM executables directly on linux
If there's no qemu-arm-static
in the package list, install qemu-user-static
instead