Skip to content

Instantly share code, notes, and snippets.

View fs0c131y's full-sized avatar
🤘
Hack The Planet

Baptiste Robert fs0c131y

🤘
Hack The Planet
View GitHub Profile
@fs0c131y
fs0c131y / TikTokLogs.txt
Last active August 18, 2020 22:39
TikTok Logs
[Log Session]
active = false
app_version = 17.2.4
duration = 0
eventIndex = 0
id = 0
launch_sent = false
non_page = true
pausetime = 1596980554524
timestamp = 1596980554524
[Log Session]
active = false
app_version = 17.2.4
duration = 0
eventIndex = 0
id = 0
launch_sent = false
non_page = true
pausetime = 1596980554524
timestamp = 1596980554524
CVEID: CVE-2019-14365
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): Intercom plugin through 1.2.1 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The Intercom plugin for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
@fs0c131y
fs0c131y / get_sqlcipher_password.js
Created January 27, 2019 20:57
Frida script to get the password of a sqlcipher database
/*
* get_sqlcipher_password.js
* Copyright (c) 2019 Elliot Alderson <fs0c131y@protonmail.com>
*
* Frida.re JS functions to get SQLCipher database passwords.
*
* Example usage:
* # frida -U -f in.gov.uidai.mAadhaarPlus -l get_sqlcipher_password.js --no-pause
*
*/

Keybase proof

I hereby claim:

  • I am fs0c131y on github.
  • I am fs0c131y (https://keybase.io/fs0c131y) on keybase.
  • I have a public key whose fingerprint is CA84 5024 A6F2 20B5 8B1B 4879 2F14 4F91 F7AE 7A48

To claim this, I am signing this object: