Skip to content

Instantly share code, notes, and snippets.

View leonjza's full-sized avatar
[hip, hip]

Leon Jacobs leonjza

[hip, hip]
587 followers · 0 following
View GitHub Profile
@leonjza
leonjza / DOCKER-IN-AN-HOUR.md
Last active January 30, 2023 10:55
Docker in an hour Workshop

docker-in-an-hour

@leonjza

Welcome to docker-in-an-hour! This is a "JIT" for docker, with many explanations being just enough to defend yourself. It is highly recommended that you go and at least Google some of the stuff here after doing the workshop. Read the official docs with real explanations.

toc

@leonjza
leonjza / picker.patch
Created January 30, 2022 08:29
objection boot target picker poc
diff --git a/objection/console/cli.py b/objection/console/cli.py
index f9738d1..4814eff 100644
--- a/objection/console/cli.py
+++ b/objection/console/cli.py
@@ -3,6 +3,8 @@ import time
from pathlib import Path
import click
+from prompt_toolkit import prompt
+from prompt_toolkit.completion import FuzzyCompleter, WordCompleter
@leonjza
leonjza / clone-and-write.ps1
Created October 29, 2021 05:29
Cobalt Strike Clone Executable Signature for code-signer Malleable Profile block
# clone the certificate for SysInternals TCPView.exe and save
# it as cert.pfx
$o = Get-PfxCertificate -FilePath .\tcpview.exe
$cl = New-SelfSignedCertificate -CloneCert $o
$p = ConvertTo-SecureString -String "password" -Force -AsPlainText
Export-PfxCertificate -FilePath cert.pfx -Cert $cl -Password $p
@leonjza
leonjza / README.md
Created September 23, 2021 15:46
SenseCon '21 Announce Challenge

Hello world!

This was the internal @sensepost SenseCon 2021 announcement email (stripped), together with the supporting challenge.

Have phun!

@leonjza
leonjza / README.md
Last active October 12, 2022 19:40
A PHP eval() reverse shell.

php eval shell

A reverse shell that lets you evaluate PHP.
This is not an OS command reverse shell per-se but you could eval a function like system("id") for that if you wanted to.

Useful to poison an existing PHP file and explore the currently loaded environment.

example

@leonjza
leonjza / README.md
Last active December 5, 2020 22:08
Traefik docker-compose with Trauth, Wildcard Certs & Metrics

traefik service docker-compose example

Traefik docker-compose with Trauth, Wildcard Certs & Metrics

Ref:

@leonjza
leonjza / dump.sh
Last active March 24, 2024 08:32
Dump iOS executable content headers using radare2
#!/usr/bin/env bash
#
# Dump headers for binaries in an extracted iOS applications'
# Payload folder using radare2.
dumpdir="headers/"
mkdir -p $dumpdir
find . -perm +111 -type f | grep -iv "libswift" | while read -r bin; do
echo "< Processing -> $bin"
@leonjza
leonjza / rename.patch
Last active March 24, 2024 08:32
frida-server remove frida references from /proc/<pid>/maps | apply to frida-core
diff --git a/server/server.vala b/server/server.vala
index d3fc39f9..3e4d11b3 100644
--- a/server/server.vala
+++ b/server/server.vala
@@ -3,7 +3,7 @@ namespace Frida.Server {
private const string DEFAULT_LISTEN_ADDRESS = "127.0.0.1";
private const uint16 DEFAULT_LISTEN_PORT = 27042;
- private const string DEFAULT_DIRECTORY = "re.frida.server";
+ private const string DEFAULT_DIRECTORY = "re.freeda.server";
@leonjza
leonjza / forward.sh
Created October 1, 2019 10:06
Forward a new host port to a running docker container.
#!/bin/bash
# Add a firewall NAT rule to expose a port open in a docker container, on a host.
#
# This is only really useful if the container is already running, and you don't
# want to/can't shut it down, but need a new incoming port open.
#
# Requires `jq` for parsing docker container information.
#
# 2019 @leonjza
@leonjza
leonjza / mettle.js
Created October 1, 2019 08:20
Mettle Frida Module Load Error
const dlib = 'mettle.dylib';
const NSDocumentDirectory = 9;
const NSUserDomainMask = 1
const p = ObjC.classes.NSFileManager.defaultManager()
.URLsForDirectory_inDomains_(NSDocumentDirectory, NSUserDomainMask).lastObject().path();
const dylibPath = p + '/' + dlib;
const cm = new CModule(""+
"#include <glib.h>" +
"" +