Angel T. Durán atorralb

## root.sh
#!/bin/bash

# Give the usual warning.
clear;
echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @ https://goo.gl/E2nmLF\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds...";
sleep 10;
clear;

# Download and extract exploit files.
echo "[INFO] Downloading exploit files from GitHub...";

## xml-to-har.py
#!/usr/bin/env python
"""
Converts Internet Explorer 'capture network traffic' XML to a HAR file.

Turns out that XML is just a HAR file anyways, but in XML form. So this
just converts it to JSON, and Bob's your uncle.

Requires Python 2.7+ and LXML.
"""
from __future__ import unicode_literals

## RAA_Ransom_beautified.js
var CryptoJS = CryptoJS || function(u, p) {
    var d = {},
        l = d.lib = {},
        s = function() {},
        t = l.Base = {
            extend: function(a) {
                s.prototype = this;
                var c = new s;
                a && c.mixIn(a);
                c.hasOwnProperty("init") || (c.init = function() {

## archive.txt
061997d DELEGATE ALL THE THINGS
092aa231f  wait, wrong place
09e7fd3 RERECORD ALL THE THINGS!!!
0c27fb3 yeah, fix things will ya
0f4549133   New ascii art task (\!important stuff) , and a few DAO tweaks (mino...
12aa7ef34  LE NONNNNNN LE MADNESS
13233e7 Less PHP
154c535 Once more, now with feeling and a proper master head
184e754 Dear Past-Friday David :Remember the textarea that seemed totally random and misterioys? It was $.ajax... obviously
19a8700 MAKE IT BIGGER

## connected_components.js
var graph = {"0": ["1", "2", "3"], "1": ["2"], "2": [], "3": ["4", "6"], "4": [], "5": ["7"], "6": [], "7": []};
//       0
//     / | \
//    1--2  3
//          | \
//          4  6
//    5--7

function connected_components(graph) {
  var seen = [], push = Array.prototype.push;

## pwn.php
<?php
	// Start with PHP CLI (php pwn.php)
	set_time_limit(0);

	// Adjust this :)
	define('SLEEP_TIME', '4');
	define('PAGE_TIME',  4);
	define('URL',        'http://localhost/Phase/');

	echo('attacking ' . URL . PHP_EOL);

## gifjs.asm
; a hand-made GIF containing valid JavaScript code
; abusing header to start a JavaScript comment

; inspired by Saumil Shah's Deadly Pixels presentation

; Ange Albertini, BSD Licence 2013

; yamal gifjs.asm -o img.gif

WIDTH equ 10799 ; equivalent to 2f2a, which is '/*' in ASCII, thus starting an opening comment

## dirtywebserver.ps1
$Hso = New-Object Net.HttpListener
$Hso.Prefixes.Add("http://+:8000/")
$Hso.Start()
While ($Hso.IsListening) {
    $HC = $Hso.GetContext()
    $HRes = $HC.Response
    $HRes.Headers.Add("Content-Type","text/plain")
    $Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl)))
    $HRes.ContentLength64 = $Buf.Length
    $HRes.OutputStream.Write($Buf,0,$Buf.Length)

## SVGText.js
fabric.SVGText = fabric.util.createClass(fabric.Object, {

    type        :'text-block',
    text        :'',
    fontSize    :14,
    color       :undefined,
    lineColors  :undefined,
    selectedLine:0,
    realWidth   :0,
    realHeight  :0,

## client.js
$(function(){
    var socket = io.connect('http://localhost:8080');
    socket.on('tweet', function(tweet) {
        $('body').append('<div class="tweet">' + tweet.text + '</div>');
    });
});
	#!/bin/bash

	# Give the usual warning.
	clear;
	echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @ https://goo.gl/E2nmLF\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds...";
	sleep 10;
	clear;

	# Download and extract exploit files.
	echo "[INFO] Downloading exploit files from GitHub...";
	#!/usr/bin/env python
	"""
	Converts Internet Explorer 'capture network traffic' XML to a HAR file.

	Turns out that XML is just a HAR file anyways, but in XML form. So this
	just converts it to JSON, and Bob's your uncle.

	Requires Python 2.7+ and LXML.
	"""
	from __future__ import unicode_literals
	var CryptoJS = CryptoJS \|\| function(u, p) {
	var d = {},
	l = d.lib = {},
	s = function() {},
	t = l.Base = {
	extend: function(a) {
	s.prototype = this;
	var c = new s;
	a && c.mixIn(a);
	c.hasOwnProperty("init") \|\| (c.init = function() {
	061997d DELEGATE ALL THE THINGS
	092aa231f wait, wrong place
	09e7fd3 RERECORD ALL THE THINGS!!!
	0c27fb3 yeah, fix things will ya
	0f4549133 New ascii art task (\!important stuff) , and a few DAO tweaks (mino...
	12aa7ef34 LE NONNNNNN LE MADNESS
	13233e7 Less PHP
	154c535 Once more, now with feeling and a proper master head
	184e754 Dear Past-Friday David :Remember the textarea that seemed totally random and misterioys? It was $.ajax... obviously
	19a8700 MAKE IT BIGGER
	var graph = {"0": ["1", "2", "3"], "1": ["2"], "2": [], "3": ["4", "6"], "4": [], "5": ["7"], "6": [], "7": []};
	// 0
	// / \| \
	// 1--2 3
	// \| \
	// 4 6
	// 5--7

	function connected_components(graph) {
	var seen = [], push = Array.prototype.push;
	<?php
	// Start with PHP CLI (php pwn.php)
	set_time_limit(0);

	// Adjust this :)
	define('SLEEP_TIME', '4');
	define('PAGE_TIME', 4);
	define('URL', 'http://localhost/Phase/');

	echo('attacking ' . URL . PHP_EOL);
	; a hand-made GIF containing valid JavaScript code
	; abusing header to start a JavaScript comment

	; inspired by Saumil Shah's Deadly Pixels presentation

	; Ange Albertini, BSD Licence 2013

	; yamal gifjs.asm -o img.gif

	WIDTH equ 10799 ; equivalent to 2f2a, which is '/*' in ASCII, thus starting an opening comment
	$Hso = New-Object Net.HttpListener
	$Hso.Prefixes.Add("http://+:8000/")
	$Hso.Start()
	While ($Hso.IsListening) {
	$HC = $Hso.GetContext()
	$HRes = $HC.Response
	$HRes.Headers.Add("Content-Type","text/plain")
	$Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl)))
	$HRes.ContentLength64 = $Buf.Length
	$HRes.OutputStream.Write($Buf,0,$Buf.Length)
	fabric.SVGText = fabric.util.createClass(fabric.Object, {

	type :'text-block',
	text :'',
	fontSize :14,
	color :undefined,
	lineColors :undefined,
	selectedLine:0,
	realWidth :0,
	realHeight :0,
	$(function(){
	var socket = io.connect('http://localhost:8080');
	socket.on('tweet', function(tweet) {
	$('body').append('<div class="tweet">' + tweet.text + '</div>');
	});
	});