wget https://gist.githubusercontent.com/Fuzion24/6dd7552a1c594911416f/raw/server.rb
wget https://s3.amazonaws.com/uploads.hipchat.com/35420/441986/5xRGtuTBdBnuisN/twitter.apk
gem install sinatra --no-rdoc
ruby server.rb ./twitter.apk
Fuzion24
/ Description
Created
May 6, 2012 17:00
Android Reversing - Showing an uber basic conditional patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Running apktool d APKNAME.apk will result in output that can be modified and later repackaged and ran. | |
| isRegistered() is hardcoded to return false. | |
| Changing | |
| const/4 v0, 0x0 | |
| to | |
| const/4 v0, 0x1 | |
| will cause isRegistered to ALWAYS return true. Thus always telling the application that it is registered. |
Fuzion24
/ AndroidManifest.xml
Created
May 6, 2012 16:53
Code that will install and remove apks from an Android device without user interaction
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <manifest xmlns:android="http://schemas.android.com/apk/res/android" | |
| package="com.packagemanager.poc" | |
| android:versionCode="1" | |
| android:versionName="1.0" > | |
| <uses-sdk android:minSdkVersion="8" /> | |
| <uses-permission android:name="android.permission.INSTALL_PACKAGES" /> | |
| <uses-permission android:name="android.permission.DELETE_PACKAGES" /> |
Fuzion24
/ sock_diag.c
Created
February 13, 2014 04:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * CVE-2013-1763 SOCK_DIAG bug in kernel 3.3-3.8 | |
| * | |
| * Ported by fuzion24 | |
| * | |
| * Tested on Nexus 4 | |
| * cshell@mako:/ $ cat /proc/version | |
| * Linux version 3.4.0-perf-gf43c3d9 (android-build@vpbs1.mtv.corp.google.com) (gcc version 4.6.x-google 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jun 17 16:55:05 PDT 2013 | |
| * shell@mako:/data/local/tmp $ ./diag_sock_exploit | |
| * Sock diag handlers c11d8048 |
Fuzion24
/ chrome_tor.sh
Last active
September 26, 2018 21:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/sh | |
| #Opens Chrome canary (or Chromium or w/e CHROME_PATH points to) in igcognito mode. | |
| #Uses very popular user agent | |
| #Sets Tor as the socks proxy | |
| CHROME_PATH="/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary" | |
| tor &> /dev/null & \ |
O-LLVM + Overclok's Kryptonite Obfuscation with Android NDK.
Fuzion24
/ RootChecker.java
Last active
May 27, 2016 12:27
A few different mechanisms to check for root on an Android device
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.test.rootchecker; | |
| import java.io.File; | |
| import java.util.List; | |
| import java.util.Map; | |
| import android.content.Context; | |
| import android.content.pm.ApplicationInfo; | |
| public class RootChecker { |
Fuzion24
/ kasan_results
Created
February 23, 2016 15:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ 0.000000] Linux version 4.5.0-rc2+ (fuzion24@bitbox) (gcc version 6.0.0 20160221 (experimental) (GCC) ) #4 SMP Mon Feb 22 14:12:37 EST 2016 | |
| [ 0.000000] Command line: root=/dev/sda | |
| [ 0.000000] x86/fpu: Legacy x87 FPU detected. | |
| [ 0.000000] x86/fpu: Using 'lazy' FPU context switches. | |
| [ 0.000000] e820: BIOS-provided physical RAM map: | |
| [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable | |
| [ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved | |
| [ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved | |
| [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007fffdfff] usable | |
| [ 0.000000] BIOS-e820: [mem 0x000000007fffe000-0x000000007fffffff] reserved |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* CVE-2014-0196 DOS PoC [Written May 5th, 2014] | |
| * by DigitalCold <digitalcold0@gmail.com> | |
| * | |
| * Note: this crashes my i686 Gentoo system running 3.12.14 | |
| * and an old Backtrack 5r3 running 3.2.6. Any advice on how to gain | |
| * code exec would be greatly appreciated. | |
| * | |
| * Usage: gcc -O2 -o pty pty.c -lutil && ./pty | |
| * | |
| * CVE: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0196.html |
Fuzion24
/ all_tz_functions.md
Created
September 16, 2015 14:30
LOAD:FE82CDA8 DCD aTzbsp_pil_init ; "tzbsp_pil_init_image_ns"
LOAD:FE82CDAC DCD 0x3D
LOAD:FE82CDB0 DCD tzbsp_pil_init_image_ns+1
LOAD:FE82CDB4 DCD 2
LOAD:FE82CDB8 DCD 4
LOAD:FE82CDBC DCD 4
LOAD:FE82CDC0 DCD 0x805
LOAD:FE82CDC4 DCD aTzbsp_pil_auth ; "tzbsp_pil_auth_reset_ns"
LOAD:FE82CDC8 DCD 0x3D
NewerOlder