iNarcissuss

# -*- coding: UTF-8 -*-

import zipfile
import biplist
import tempfile
import shutil
import re
import os

iNarcissuss

#!/bin/bash -xe
nc_running()
{
    NC_RUN=$(adb shell busybox ps -w | grep "NCRUN='1'" > /dev/null 2>&1; echo $?)
}

tcpdump_running()
{
    TCP_RUN=$(adb shell busybox ps -w | grep -v "NCRUN='1'" | grep 'TCPRUN="1"' > /dev/null 2>&1; echo $?)
}

iNarcissuss

#!/bin/bash
#Based off of http://code.activestate.com/recipes/491264/
if [ "$1" == "startserver" ]; then
    ncat -u -l 5355 -c $(readlink -f $0) -k
    exit
fi
timeout 1s cat /dev/stdin > input
req=$(cat input | xxd -p)

#Functions from http://ubuntuforums.org/showthread.php?t=735140&p=4584216#post4584216

iNarcissuss

#!/usr/bin/python
import subprocess
import sys

functions = subprocess.check_output(['./arm-eabi-nm', '-DCnS', 'libminecraftpe.so']).splitlines()
for functions_line in functions:
    if "MobFactory::CreateMob" in functions_line:#if "Packet::write" in functions_line:
        functions_line_split = functions_line.split(' ')
        stop_address = hex(int(functions_line_split[0], 16)  + int(functions_line_split[1], 16))
        function =  subprocess.check_output(['./arm-eabi-objdump',

iNarcissuss

# INSTALL INSTRUCTIONS: save as ~/.gdbinit
#
# DESCRIPTION: A user-friendly gdb configuration file.
#
# REVISION : 7.3 (16/04/2010)
#
# CONTRIBUTORS: mammon_, elaine, pusillus, mong, zhang le, l0kit,
#               truthix the cyberpunk, fG!, gln
#
# FEEDBACK: https://www.reverse-engineering.net

iNarcissuss

/*
* CVE-2013-1763 SOCK_DIAG bug in kernel 3.3-3.8
*
* Ported by fuzion24
*
* Tested on Nexus 4 
*   cshell@mako:/ $ cat /proc/version
*   Linux version 3.4.0-perf-gf43c3d9 (android-build@vpbs1.mtv.corp.google.com) (gcc version 4.6.x-google 20120106 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jun 17 16:55:05 PDT 2013
*   shell@mako:/data/local/tmp $ ./diag_sock_exploit
*   Sock diag handlers c11d8048

iNarcissuss

/* exec-notify, so you can watch your acrobat reader or vim executing "bash -c"
 * commands ;-)
 * Requires some 2.6.x Linux kernel with proc connector enabled.
 *
 * $  cc -Wall -ansi -pedantic -std=c99 exec-notify.c
 *
 * (C) 2007-2010 Sebastian Krahmer <krahmer@suse.de> original netlink handling
 * stolen from an proc-connector example, copyright folows:
 */
/*

iNarcissuss

#!/bin/bash
#Basic set up for an Application AndroidManifest Fuzzer
#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
#this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/
#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
#NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue

APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR
APP_PACKAGE_NAME="..." #<-- PACKAGE NAME
APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME

iNarcissuss

#!/bin/sh

# base directory, at top of source tree; replace with absolute path
base=`pwd`

# configure root dir of interesting stuff
root=$base/out/host/linux-x86
export ANDROID_ROOT=$root

# configure bootclasspath

iNarcissuss

#!/usr/bin/env sh

sudo update-alternatives --install \
        /usr/bin/llvm-config       llvm-config      /usr/bin/llvm-config-3.6  200 \
--slave /usr/bin/llvm-ar           llvm-ar          /usr/bin/llvm-ar-3.6 \
--slave /usr/bin/llvm-as           llvm-as          /usr/bin/llvm-as-3.6 \
--slave /usr/bin/llvm-bcanalyzer   llvm-bcanalyzer  /usr/bin/llvm-bcanalyzer-3.6 \
--slave /usr/bin/llvm-cov          llvm-cov         /usr/bin/llvm-cov-3.6 \
--slave /usr/bin/llvm-diff         llvm-diff        /usr/bin/llvm-diff-3.6 \
--slave /usr/bin/llvm-dis          llvm-dis         /usr/bin/llvm-dis-3.6 \