References: https://twitter.com/cyb3rops/status/1499514240008437762 https://twitter.com/GossiTheDog/status/1499781976835993600
More background: https://twitter.com/FuzzySec/status/1499462430275084307
incogbyte
/ mixunpin.js
Last active
September 3, 2025 14:40
Frida script to bypass common methods of sslpining Android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("[*] SSL Pinning Bypasses"); | |
| console.log(`[*] Your frida version: ${Frida.version}`); | |
| console.log(`[*] Your script runtime: ${Script.runtime}`); | |
| /** | |
| * by incogbyte | |
| * Common functions | |
| * thx apkunpacker, NVISOsecurity, TheDauntless | |
| * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that. | |
| * !!! THIS SCRIPT IS NOT A SILVER BULLET !! |
gnh1201
/ howtofix.md
Last active
June 21, 2025 22:45
How to fix "can not open access to console the root account is locked"
I recently experienced this problem, but I only had answers that did not help. Then, I was able to get a hint from the short opinion of the Linux Forum.
This problem is related to the change of the drive. If it is not properly reflected in /etc/fstab, such an error may occur.
-
Download SystemRescueCD and make a bootdisk: https://www.system-rescue.org/
-
FDISK and MOUNT
michel-pi
/ MemoryApi.cs
Created
January 7, 2021 22:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.CompilerServices; | |
| using System.Runtime.InteropServices; | |
| using System.Security; | |
| namespace ProcessMemoryTest.Native | |
| { | |
| [SuppressUnmanagedCodeSecurity] | |
| public static unsafe class Kernel32 | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| """ | |
| @author:000000 | |
| @file: opt_enum | |
| @time: 2018/10/11 | |
| """ | |
| import idaapi |
ulidtko
/ Exploiting Lua 5.1 bytecode.md
Last active
August 19, 2025 20:32
— forked from corsix/Exploiting Lua 5.1 on 32-bit Windows.md
The following Lua program generates a Lua bytecode program called lua-sandbox-rce.luac, which in turn spawns a shell from within Lua 5.1 sandbox. The remainder of this document attempts to explain how this program works by a whirlwind tour of relevent bits of the Lua 5.1 virtual machine.
function outer()
local magic -- In bytecode, the stack slot corresponding to this local is changed
local function middle()
local co, upval
local ub1 = {[0] = -- Convert uint8_t to char[1]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * snoopy.c - Snoop on another tasks memory. | |
| * Fergus In London <fergus@fergus.london> | |
| * | |
| * This is a pretty basic demo of the process_vm_readv syscall, a syscall which | |
| * provides a nicer interface than ptrace for accessing memory used by another | |
| * task. | |
| * | |
| * To play with simply use `ps` to get a PID for the process you'd like to snoop | |
| * on, and `pmap` for the relevant memory address. |
1lann
/ rsa-crypt.lua
Last active
February 24, 2025 05:01
RSA encryption and decryption library in pure Lua for ComputerCraft
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- | |
| -- RSA Encryption/Decryption Library | |
| -- By 1lann | |
| -- | |
| -- Refer to license: http://pastebin.com/9gWSyqQt | |
| -- | |
| -- See gists comment at the bottom of the page for FAQ and updates! | |
| -- | |
| -- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CURLOPT_NOTHING = 0; | |
| CURLOPT_FILE = 10001; | |
| CURLOPT_URL = 10002; | |
| CURLOPT_PORT = 3; | |
| CURLOPT_PROXY = 10004; | |
| CURLOPT_USERPWD = 10005; | |
| CURLOPT_PROXYUSERPWD = 10006; | |
| CURLOPT_RANGE = 10007; | |
| CURLOPT_INFILE = 10009; | |
| CURLOPT_ERRORBUFFER = 10010; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Simple JavaScript tokenizer (not a full parser!!!) | |
| * | |
| * Portions taken from Narcissus by Brendan Eich <brendan@mozilla.org>. | |
| */ | |
| /*jshint evil: true, regexdash: false, regexp: false */ | |
| var KEYWORDS = [ | |
| 'break', |
NewerOlder