izadgot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @import com.saurik.substrate.MS | |
| var old_method_pointer = {} | |
| MS.hookMessage(PersonalPhotoStorageVC, @selector(viewDidLoad), function(){ | |
| old_method_pointer->call(this); | |
| this.theTextField.text = this->_pw; | |
| this.theTextField.textColor = [UIColor redColor]; | |
| },old_method_pointer) |
izadgot
/ PersonalPhotoStorageVC.h
Created
May 1, 2019 14:17
example Tweak header file for PersonalPhotoStorageVC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @interface PersonalPhotoStorageVC : UIViewController { | |
| NSString *_pw; | |
| UITextField *_theTextField; | |
| } | |
| @property(nonatomic, retain) UITextField *theTextField; | |
| @end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #import <PersonalPhotoStorageVC.h> | |
| %hook PersonalPhotoStorageVC | |
| // Hooking an instance method with no arguments. | |
| - (void)viewDidLoad { | |
| %orig; | |
| self.theTextField.text = [self valueForKey:@"_pw"]; | |
| self.theTextField.textColor = [UIColor redColor]; | |
| } |
izadgot
/ PoC CVE-2019-15130 and CVE-2019-15129.txt
Created
August 18, 2019 08:02
PoC Humanica Humatrix 7 version 1.0.0.203, 1.0.0.681 Recruitment module - Arbitrary File Upload (CVE-2019-15130) and Unauthorized Access File (CVE-2019-15129)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Product Description] | |
| Humatrix offers you the most comprehensive Human Resource management solution to cover all of your HR needs in a single integrated, easy to configure & use system that is accessible 24×7 through the web and mobile. | |
| The modular nature of Humatrix solution allows you to personalize and roll out only the modules you need, when you need it, | |
| helping you to reduce complexity, improve usability and productivity. (Information from Humanica homepage) | |
| 1. CVE-2019-15129 | |
| [Details] | |
| The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 | |
| allows an unauthenticated attacker to access all candidates' files | |
| in the photo folder on the website by specifying a "user id" parameter and |
izadgot
/ PoC CVE-2019-16307.txt
Created
September 14, 2019 16:03
PoC A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 (CVE-2019-16307)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Product Description] | |
| Xerox DocuShare is enterprise content management (ECM) designed with usability, flexibility and convenience in mind. It helps knowledge workers be more efficient every day by focusing on the intersection of people, paper and processes – the lifeblood of today’s work environment. (Information from Humanica homepage) | |
| [Details] | |
| A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the "handle" parameter (webExMeetingLogin.jsp) and "meetingKey" parameter (deleteWebExMeetingCheck.jsp). | |
| [Impact] | |
| Running malicious web script or HTML script on victim's web browser. | |
| [Affected component] |
izadgot
/ ios-jailbreak-detection-bypass.js
Last active
August 2, 2023 01:59
This is a Frida script used for bypassing iOS jailbreak detection by hooking following methods/functions: fileExistsAtPath, fopen, canOpenURL, libSystemBFork
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Moved to https://github.com/Incognito-Lab/Frida-iOS-Jailbreak-detection-bypass | |
| /* | |
| This is a Frida script used for bypass iOS jailbreak detection by hooking following methods/functions | |
| - fileExistsAtPath | |
| - fopen | |
| - canOpenURL | |
| - libSystemBFork | |
| This script is a modified version of Objection script: https://github.com/sensepost/objection/blob/master/agent/src/ios/jailbreak.ts |
izadgot
/ iOS_WebViews_inspector.js
Last active
April 7, 2023 04:32
sample Frida script for analyse iOS WebViews
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Moved to https://github.com/Incognito-Lab/Frida-WebView-Inspector | |
| //frida -U <ProcessName> -l iOS_WebViews_inspector.js | |
| //This Frida script checks if the Webview class is available in the current process. If it is available, it proceeds to use Frida's `choose` method to enumerate all instances of the class, and for each instance it calls the `onMatch` function. | |
| //After Webview classes instance is initialized, in Frida CLI, `%reload` should be used to reload this script. | |
| if (ObjC.available) { | |
| //Check iOS Version | |
| function iOSVersionFunc() { | |
| var processInfo = ObjC.classes.NSProcessInfo.processInfo(); |
izadgot
/ Android_WebView_inspector.js
Last active
May 22, 2024 17:22
sample Frida script for analyse Android WebView
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Moved to https://github.com/Incognito-Lab/Frida-WebView-Inspector | |
| //frida -U "<ProcessName>" -l Android_WebView_inspector.js | |
| let Webview = Java.use("android.webkit.WebView"); | |
| // inspect settings of android.webkit.WebView class | |
| Java.choose("android.webkit.WebView", { | |
| // check if there are any running webview instances | |
| onMatch: function(instance) { | |
| // webview must be running on the main thread, so scheduleOnMainThread() will force the function to run on the main thread | |
| Java.scheduleOnMainThread(function(){ |