0x2e2f rodnt

## mixunpinv2.js
/**
 * by rodnt
 * twitter: 0xrodnt
 * Github: rodnt
*/

const config = {
    flutterPatterns: {
        android: "F? 0F 1C F8 F? 5? 01 A9 F? 5? 02 A9 F? ?? 03 A9 ?? ?? ?? ?? 68 1A 40 F9"
    },

## paths.txt
/swagger-ui.html
/swagger-ui/
/swagger-ui/index.html
/api-docs
/v2/api-docs
/v3/api-docs
/swagger.json
/openapi.json
/api/swagger.json
/docs

## win11Pendrive.sh
#!/bin/bash

# Function to select the USB device
select_usb_device() {
  echo "Available USB devices:"
  local devices=(/dev/sd*)
  select usb_device in "${devices[@]}"; do
    if [ -z "$usb_device" ]; then
      echo "Invalid selection, please try again."
    else

## pwntools-cheatsheet.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rodnt
                / pwntools-cheatsheet.md
            
            
              Created
              September 17, 2023 21:02
                — forked from anvbis/pwntools-cheatsheet.md
            
              
                pwntools-cheatsheet.md
              
          
    Pwntools Cheatsheet


Program Interaction
Environment and Contexts
Logging and Output
Encoding, Packing and Utility
Assembly and Shellcraft
ELFs, Strings and Symbols
Return Oriented Programming
SROP and Sigreturn Frames


## gdb.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rodnt
                / gdb.md
            
            
              Created
              September 11, 2023 10:36
            
              
                gdb - basics
              
          
    How to use GDB (Basics)


Load the program

gdb <program>


Run the program

run
run with arguments

run arga argb argc ..


Breakpoint


## ds_store.py
# -*- encoding: utf-8 -*-

from ds_store import DSStore
from tqdm import tqdm
import argparse

parser = argparse.ArgumentParser()
parser.add_argument("-p", "--path", help="Path to the DS_Store file", required=True)
parser.add_argument("-t", "--type", help="Type : Iloc, bwsp, lsvp, lsvP, icvp", default='Iloc')
args = parser.parse_args()

## gist:962a0382a15fec71755a23bd7ad8294d
Burp Suite > Proxy > Options > TLS Pass Through.
Add these:
*.google\.com
.*.gstatic).com
*.mozilla\.com
.*\.googleapis\.com
*.pkil.goog

## proof.md

      
              1 file
            
          
              0 forks
            
          
              2 comments
            
          
              0 stars
            
          
                rodnt
                / proof.md
            
            
              Created
              April 18, 2023 14:03
            
              
                POC - Authenticated SQL injection Piwigo 13.5.0 - CVE-2023-26876
              
          
    POC - Authenticated SQL injection Piwigo 13.5.0
Payload: 12 UNION ALL SELECT CONCAT(0x4141414141,IFNULL(CAST(VERSION() AS NCHAR),0x20),0x4141414141)-- --

  
## Playground.swift
func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
if let serverTrust = challenge.protectionSpace.serverTrust {
var secresult = SecTrustResultType.invalid
let status = SecTrustEvaluate(serverTrust, &secresult)

if (errSecSuccess == status) {
if let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0) {
let serverCertificateData = SecCertificateCopyData(serverCertificate)
let data = CFDataGetBytePtr(serverCertificateData);

## metricsDumper.rb
=begin

author: unp4ck

usage:

$ gem install http
$ ruby metricsDumper.rb -u https://example.com/prometheus

=end
	/**
	* by rodnt
	* twitter: 0xrodnt
	* Github: rodnt
	*/

	const config = {
	flutterPatterns: {
	android: "F? 0F 1C F8 F? 5? 01 A9 F? 5? 02 A9 F? ?? 03 A9 ?? ?? ?? ?? 68 1A 40 F9"
	},
	/swagger-ui.html
	/swagger-ui/
	/swagger-ui/index.html
	/api-docs
	/v2/api-docs
	/v3/api-docs
	/swagger.json
	/openapi.json
	/api/swagger.json
	/docs
	#!/bin/bash

	# Function to select the USB device
	select_usb_device() {
	echo "Available USB devices:"
	local devices=(/dev/sd*)
	select usb_device in "${devices[@]}"; do
	if [ -z "$usb_device" ]; then
	echo "Invalid selection, please try again."
	else
	# -- encoding: utf-8 --

	from ds_store import DSStore
	from tqdm import tqdm
	import argparse

	parser = argparse.ArgumentParser()
	parser.add_argument("-p", "--path", help="Path to the DS_Store file", required=True)
	parser.add_argument("-t", "--type", help="Type : Iloc, bwsp, lsvp, lsvP, icvp", default='Iloc')
	args = parser.parse_args()
	Burp Suite > Proxy > Options > TLS Pass Through.
	Add these:
	*.google\.com
	.*.gstatic).com
	*.mozilla\.com
	.*\.googleapis\.com
	*.pkil.goog
	func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
	if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
	if let serverTrust = challenge.protectionSpace.serverTrust {
	var secresult = SecTrustResultType.invalid
	let status = SecTrustEvaluate(serverTrust, &secresult)

	if (errSecSuccess == status) {
	if let serverCertificate = SecTrustGetCertificateAtIndex(serverTrust, 0) {
	let serverCertificateData = SecCertificateCopyData(serverCertificate)
	let data = CFDataGetBytePtr(serverCertificateData);
	=begin

	author: unp4ck

	usage:

	$ gem install http
	$ ruby metricsDumper.rb -u https://example.com/prometheus

	=end