Skip to content

Instantly share code, notes, and snippets.

View obfusk's full-sized avatar
🏳️‍🌈
hacking ⇒ ¬sleeping 😸

FC (Fay) Stegerman obfusk

🏳️‍🌈
hacking ⇒ ¬sleeping 😸
View GitHub Profile
@obfusk
obfusk / zipdup.py
Last active April 11, 2024 19:19
create a ZIP file with two CD entries pointing to the same file
#!/usr/bin/python3
import sys
import zipfile
# Usage: zipdup.py ZIPFILE ENTRY_NAME ENTRY_DATA
zfile, zentry, data = sys.argv[1:]
with zipfile.ZipFile(zfile, "w") as zf:
info = zipfile.ZipInfo(filename=zentry)
zf.writestr(info, data)
@obfusk
obfusk / detect-apk.py
Last active April 11, 2024 17:04
Detect APK files
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: AGPL-3.0-or-later
import fnmatch
import os
import struct
import sys
@obfusk
obfusk / Cert.java
Last active April 15, 2024 18:51
verify APK and get SHA-256 of first cert
import java.io.File;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.List;
import com.android.apksig.ApkVerificationIssue;
import com.android.apksig.ApkVerifier;
import com.android.apksig.apk.ApkFormatException;
import zipfile
def test(filename):
_orig_EndRecData = zipfile._EndRecData
eocd_offset = None
def _EndRecData(fh):
endrec = _orig_EndRecData(fh)
if endrec:
@obfusk
obfusk / fix-pg-map-id.py
Last active March 21, 2024 04:11
fix pg-map-id
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: GPL-3.0-or-later
import hashlib
import os
import re
import struct
import zipfile
@obfusk
obfusk / delete-tag.py
Last active March 9, 2024 15:32
rbtlog: merge logs
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: AGPL-3.0-or-later
import argparse
import json
import os
from typing import Any, Dict
@obfusk
obfusk / wrapper-log
Last active February 27, 2024 01:09
+ git clone --recurse-submodules -b 1.0.0 -- https://github.com/FossifyOrg/File-Manager.git /build/repo
++ git rev-parse HEAD
+ test feef6998a0fc79aa859f54699d783df4f0a0c147 = feef6998a0fc79aa859f54699d783df4f0a0c147
+ '[' yes = yes ']'
+ git clone https://github.com/obfusk/gradle-wrapper-verify /tmp/gradle-wrapper-verify
Cloning into '/tmp/gradle-wrapper-verify'...
+ shopt -s globstar
+ /tmp/gradle-wrapper-verify/gradle-wrapper-verify ./gradle/wrapper/gradle-wrapper.jar
checking ./gradle/wrapper/gradle-wrapper.jar ...
OK
@obfusk
obfusk / wkd.py
Created February 6, 2024 00:04
wkd encoding
import base64
import hashlib
import sys
t = str.maketrans("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567", "ybndrfg8ejkmcpqxot1uwisza345h769")
print(base64.b32encode(hashlib.sha1(sys.argv[1].encode().lower()).digest()).decode().translate(t))
@obfusk
obfusk / cat_sigblock.py
Last active February 3, 2024 23:35
APK signing block manipulation scripts
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: GPL-3.0-or-later
import apksigtool
import dataclasses
import sys
# Usage: cat_sigblock.py [--prepend] APK_A APK_B
@obfusk
obfusk / leaving-fdroid.md
Last active January 1, 2024 09:24
Leaving F-Droid

Edit: originally posted here on 2023-11-17.

Edit 2: "blocking protecting marginalised community members from abuse" refers to the events during the incident (which was never made public, which unfortunately leaves me unable to provide more detail) that prompted the creation of the Community Council to begin with.

Edit 3: please note that this statement was originally addressed to the F-Droid team, not a general audience.

Leaving F-Droid

With a heavy heart, I have no choice but to leave @fdroid, effective immediately.