masbog

function bytes sequence signature

arm 32

2D E9 F0 4F A3 B0 81 46 50 20 10 70 D9 F8 98 70 00 2F

arm 64

FF 03 05 D1 FC 6B 0F A9 F9 63 10 A9 F7 5B 11 A9 F5 53 12 A9 F3 7B 13 A9 08 0A 80 52 48 00 00 39 16 54 40 F9 56 07 00 B4 C8 02 40 F9 08 07 00 B4 29 20 40 A9 F3 03 02 AA

masbog

SockPuppet 3

This is a kernel exploit targeting iOS 12.0-12.2 and 12.4. It exploits a dangling kernel pointer to craft a fake task port corresponding to the kernel task and gets a send right to it.

This code is not readily compilable — some common sense is a prerequisite. If you do get it going though, it is extremely reliable on any device with more than a gigabyte of RAM. Interested readers may want to investigate how reallocations can be prevented -- this might improve reliability even more.

License

masbog

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <fcntl.h>
#include <termios.h>
#include <errno.h>
#include <time.h>

#define BUFSIZE (65536+100)

masbog

tmpElem_input_words = WebDriverWait(self.driver, 2).until(EC.presence_of_element_located((By.XPATH, '//div[@id="wordsbox"]')))
current_text = WebDriverWait(tmpElem_input_words, 2).until(EC.presence_of_element_located((By.XPATH, '//span[@class="currentword"]')))
inputan = WebDriverWait(self.driver, 5).until(EC.presence_of_element_located((By.XPATH, "//input[@autocomplete='off' and @autocapitalize='none' and @placeholder='type the words here']")))
ActionChains(self.driver).move_to_element(inputan).perform()
spans = tmpElem_input_words.find_elements_by_tag_name("span")
for span in spans:
    print(current_text.text)
    listresp = list(map(list, current_text.text))
    listff =[]
    #print (listresp)

masbog

List command # as root user*

# pkg install apache24 mysql56-server mysql56-client rubygem-passenger curl nano vim wget
# sysrc mysql_enable="YES"
# sysrc apache24_enable="YES
# cd /usr/local/www/
# curl -O http://www.redmine.org/releases/redmine-3.4.2.tar.gz
# tar xvf redmine-3.4.2.tar.gz 
# cd redmine-3.4.2
# service mysql-server onestart

masbog

#!/usr/bin/python
# yowsup utilities for getting new whatsapp.apk and processing it to get whatsapp version and classdex md5
# 
# Output : 
# WhatsApp Version: 2.17.296
# WhatsApp ClassesDex: YrJNPljM3TuNFPIOZ+jziw==
#
# @MasBog

import os

masbog

#!/usr/bin/env python3
# tweak up from https://github.com/mgp25/classesMD5-64/blob/master/dexMD5.py
# build AXML library from https://github.com/mikusjelly/axmlparser
# add xml manifest parse for getting WhatsApp Version
# to use this $ python3 dexMD5.py apk/WhatsApp.apk
# Output : 
# WhatsApp Version : 2.17.296
# WhatsApp ClassesDEX MD5 : b'YrJNPljM3TuNFPIOZ+jziw=='
#
# @MasBog

masbog

#!/bin/bash

function shutdown()
{
    date
    echo "Shutting down Tomcat"
    unset CATALINA_PID # Necessary in some cases
    unset JAVA_OPTS # Necessary in some cases

    $CATALINA_HOME/bin/catalina.sh stop

masbog

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

/*
 * MCrypt API available online:
 * http://linux.die.net/man/3/mcrypt
 */
#include <mcrypt.h>

masbog

int main(int argc, char **argv)
{
    char text[1024];
    static int some_value = -72;

    strcpy(text, argv[1]); /* ignore the buffer overflow here */

    printf("This is how you print correctly:\n");
    printf("%s", text);
    printf("This is how not to print:\n");