Skip to content

Instantly share code, notes, and snippets.

View LeadroyaL's full-sized avatar
😘
Love EndlessLoop Everyday~

LeadroyaL LeadroyaL

😘
Love EndlessLoop Everyday~
View GitHub Profile
@LeadroyaL
LeadroyaL / unflower_cms.py
Last active March 8, 2024 12:04
Unicorn实战(一):去掉libcms.so的花指令
from elftools.elf.constants import P_FLAGS
from elftools.elf.elffile import ELFFile
from unicorn import Uc, UC_ARCH_ARM, UC_MODE_LITTLE_ENDIAN, UC_HOOK_CODE, UC_PROT_READ, UC_PROT_WRITE, UC_PROT_EXEC
from unicorn.arm_const import *
from capstone import Cs, CS_ARCH_ARM, CS_MODE_THUMB, CsInsn
from keystone import Ks, KS_MODE_THUMB, KS_ARCH_ARM
# 找到.text节
filename = "./libcms.so"
@LeadroyaL
LeadroyaL / decrypt_armariris.py
Created September 15, 2019 08:46
Unicorn实战(二):去掉armariris的字符串加密
from elftools.elf.constants import P_FLAGS
from elftools.elf.elffile import ELFFile
from elftools.elf.sections import SymbolTableSection
from unicorn import Uc, UC_ARCH_ARM, UC_MODE_LITTLE_ENDIAN, UC_PROT_WRITE, UC_PROT_READ, UC_PROT_EXEC
from unicorn.arm_const import *
from capstone import Cs, CS_ARCH_ARM, CS_MODE_THUMB, CsInsn
from keystone import Ks, KS_MODE_THUMB, KS_ARCH_ARM, KS_MODE_ARM
import struct
filename = "./libcms.so"
@LeadroyaL
LeadroyaL / decrypt_hikari.md
Created September 17, 2019 09:27
Unicorn实战(三):去掉hikari的字符串加密
@LeadroyaL
LeadroyaL / graph_demo.py
Created October 13, 2019 15:44
从汇编语句生成CFG:以balsnctf2019 Hack Compiler为例
# coding:utf-8
from graphviz import Digraph
# 先加载asm文件,按照列表的方式去存
fd = open("main.asm")
lines = [l.strip('\n') for l in fd.readlines()]
fd.close()
# 遍历label,找到label对应的addr(应该是第一个label的addr)
@LeadroyaL
LeadroyaL / Entry.java
Created May 10, 2020 13:25
使用xposed跳过小米USB安装应用确认
package com.leadroyal.miuiusb;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
@LeadroyaL
LeadroyaL / Entry.java
Last active August 24, 2020 09:19
使用xposed跳过oppo USB安装应用确认
package com.leadroyal.oppousb;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
public class Entry implements IXposedHookLoadPackage {
@Override
@LeadroyaL
LeadroyaL / Entry.java
Last active September 2, 2020 06:20
使用 xposed 自动开启 oppo usb 调试
package com.leadroyal.oppousb;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XC_MethodReplacement;
import de.robv.android.xposed.XposedBridge;