traefik service docker-compose example
Traefik docker-compose with Trauth, Wildcard Certs & Metrics
Ref: https://sensepost.com/blog/2020/building-a-hipster-aware-pi-home-server/
View dump.sh
| #!/usr/bin/env bash | |
| # | |
| # Dump headers for binaries in an extracted iOS applications' | |
| # Payload folder using radare2. | |
| dumpdir="headers/" | |
| mkdir -p $dumpdir | |
| find . -perm +111 -type f | grep -iv "libswift" | while read -r bin; do | |
| echo "< Processing -> $bin" |
leonjza
/ rename.patch
Last active Jan 11, 2021
frida-server remove frida references from /proc/<pid>/maps | apply to frida-core
View rename.patch
| diff --git a/server/server.vala b/server/server.vala | |
| index d3fc39f9..3e4d11b3 100644 | |
| --- a/server/server.vala | |
| +++ b/server/server.vala | |
| @@ -3,7 +3,7 @@ namespace Frida.Server { | |
| private const string DEFAULT_LISTEN_ADDRESS = "127.0.0.1"; | |
| private const uint16 DEFAULT_LISTEN_PORT = 27042; | |
| - private const string DEFAULT_DIRECTORY = "re.frida.server"; | |
| + private const string DEFAULT_DIRECTORY = "re.freeda.server"; |
View forward.sh
| #!/bin/bash | |
| # Add a firewall NAT rule to expose a port open in a docker container, on a host. | |
| # | |
| # This is only really useful if the container is already running, and you don't | |
| # want to/can't shut it down, but need a new incoming port open. | |
| # | |
| # Requires `jq` for parsing docker container information. | |
| # | |
| # 2019 @leonjza |
View mettle.js
| const dlib = 'mettle.dylib'; | |
| const NSDocumentDirectory = 9; | |
| const NSUserDomainMask = 1 | |
| const p = ObjC.classes.NSFileManager.defaultManager() | |
| .URLsForDirectory_inDomains_(NSDocumentDirectory, NSUserDomainMask).lastObject().path(); | |
| const dylibPath = p + '/' + dlib; | |
| const cm = new CModule(""+ | |
| "#include <glib.h>" + | |
| "" + |
View build-steps.sh
| # Build the target application (PewPew is the name for my app) | |
| xcodebuild build build -workspace PewPew.xcworkspace -scheme PewPew -sdk iphonesimulator12.2 | |
| # | |
| # iOS Simulator setup | |
| # | |
| echo "Simulator Setup" | |
| echo "===============" |
View README.md
objection Flex plugin
This plugin should sideload Flex[1], loaded as a plugin in objection[2]. Flex itself should be a shared library (with your target's architecture as either a thin/fat Mach-o).
The source code for a shared library called libFlex is included in this gist as .h and .m files. You need to copy the Classes/ directory from the official Flex project[1] into your project.
[1] https://github.com/Flipboard/FLEX
[2] https://github.com/sensepost/objection
leonjza
/ pinning.ts.diff
Created May 16, 2019
SSLCertificateChecker-PhoneGap-Plugin Pinning Disable
View pinning.ts.diff
| diff --git a/agent/src/ios/pinning.ts b/agent/src/ios/pinning.ts | |
| index 1f9407a..aa2152a 100644 | |
| --- a/agent/src/ios/pinning.ts | |
| +++ b/agent/src/ios/pinning.ts | |
| @@ -283,6 +283,38 @@ export namespace sslpinning { | |
| }); | |
| }; | |
| + const cordovaCustomURLConnectionDelegate = (ident: string): InvocationListener => { | |
| + // https://github.com/EddyVerbruggen/SSLCertificateChecker-PhoneGap-Plugin/blob/ |
View README.md
objection stetho plugin
This plugin should sideload Facebook's Stetho [1], loaded as a plugin in objection[2].
[1] http://facebook.github.io/stetho/
[2] https://github.com/sensepost/objection
leonjza
/ cve-2018-6671.txt
Last active Sep 26, 2019
cve-2018-6671 McAfee ePO 5.9.1 Registered Executable Local Access Bypass
View cve-2018-6671.txt
| # CVE-2018-6671 McAfee ePO 5.9.1 Registered Executable Local Access Bypass | |
| # Specifying an X-Forwarded-For header bypasses the local only check | |
| # https://kc.mcafee.com/corporate/index?page=content&id=SB10240 | |
| # https://nvd.nist.gov/vuln/detail/CVE-2018-6671 | |
| # | |
| # 2019 @leonjza | |
| # | |
| # Tested on ePO v5.9.1, missing hotfix EPO5xHF1229850 | |
| POST /Notifications/testRegExe.do HTTP/1.1 |
NewerOlder