Skip to content

Instantly share code, notes, and snippets.


Liam Cottle liamcottle

View GitHub Profile
liamcottle / script.txt
Created Dec 29, 2021
Retrieve the public IP address of a specific Mikrotik RouterBoard interface.
View script.txt
:global getPublicIP do={
# tag for temporary configurations
:local tag "get-public-ip-via-$interface"
# service that provides public ip address in http response
:local lookupProtocol "https"
:local lookupHostname ""
# add temporary address list for lookup service
liamcottle / plex_maintenance_notification.js
Created Aug 15, 2021
A NodeJS script for sending custom notifications to Plex Users in the mobile app.
View plex_maintenance_notification.js
const axios = require('axios');
* PLEX_TOKEN: Your X-Plex-Token
* PLEX_IDENTIFIER: Your Plex Server Identifier
* PLEX_SERVER_NAME: Your Plex Server Name
const PLEX_TOKEN = '';
const PLEX_SERVER_NAME = '';
liamcottle /
Last active Dec 21, 2021
SafetyNet Attestation Bypass

SafetyNet Attestation Bypass

Proof that with a few hours work, you can easily provide aribitrary data to the Google SafetyNet API and receive a valid Attestation signed by

I've captured the HARDWARE_BACKED flag. Check this comment.

This is only a software backed attestation, as you can see with the evaluationType=BASIC. I don't have any devices that support hardware backed attestations via TEE, however once I do, I'll be taking a look into them 🤠

  • nonce: base64(
  • packageName:
liamcottle /
Last active May 15, 2019
Disable SSL Pinning on Instagram for Android

Disable SSL Pinning on Instagram for Android

Create the file /data/data/ and add the following content. (You will need root access to modify it)

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
    <string name="debug_allow_user_certs_ttl">1557909551442:86400000</string>
    <boolean name="debug_allow_user_certs" value="true" />