Claud Xiao secmobi

## MainActivity.java
package com.nexus5.dos;

import android.content.Intent;
import android.support.v7.app.ActionBarActivity;
import android.os.Bundle;
import android.view.Menu;
import android.view.MenuItem;
import android.view.View;
import android.widget.Button;
public class MainActivity extends ActionBarActivity {

## ios-jailbroken-malware-scan.sh
#!/usr/bin/env bash
set -e

YOUR_IPHONE=${1-root@172.20.10.1}
MALWARES='Unflod AdThief AppBuyer'

# folks say http://insanelyi.com/topic/17406-newly-discovered-ios-malware/
Unflod() { # aka SSLCreds
  cat << PWND
/Library/MobileSubstrate/DynamicLibraries/Unflod.dylib

## 0readme.md

      
              2 files
            
          
              1 fork
            
          
              0 comments
            
          
              5 stars
            
          
                ericbroska
                / 0readme.md
            
            
              Last active Dec 15, 2015
            
              
                Code injection for CleanMyMac 2.0.2
              
          
      View 0readme.md
  
    
    How to build this up and inject in the app yourself?

Note: you must have an Xcode to do all that stuff.


$ git clone https://github.com/andymatuschak/Sparkle.git MySparkleForInjection

$ cd MySparkleForInjection

$ open SUAppcast.m

(sure, you can use any other file with «.m» extension in there)

  
## AndroidManifestFuzzer
#!/bin/bash
#Basic set up for an Application AndroidManifest Fuzzer
#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
#this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/
#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
#NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue

APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR
APP_PACKAGE_NAME="..." #<-- PACKAGE NAME
APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME

## README
These two files should help you to import passwords from mac OS X keychains to 1password.

Assumptions:
1) You have some experience with scripting/are a power-user. These scripts worked for me
   but they haven't been extensively tested and if they don't work, you're on your own!
   Please read this whole document before starting this process. If any of it seems
   incomprehensible/frightening/over your head please do not use these scripts. You will
   probably do something Very Bad and I wouldn't want that.
2) You have ruby 1.9.2 installed on your machine. This comes as standard with Lion, previous
   versions of OS X may have earlier versions of ruby, which *may* work, but then again, they

## usr.sbin.sshd
# ------------------------------------------------------------------
#
#    Copyright (C) 2002-2005 Novell/SUSE
#    Copyright (C) 2012 Canonical Ltd.
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

## AdwareCheckExtensionAttribute.py
#!/usr/bin/python
"""Identify or remove files known to be involved in Adware/Malware
infection.

Most of the code applies to building a list of malware files. Thus,
both extension attribute and removal handling are included.

Cleans files as a Casper script policy; thus, it expects four total
arguments, the first three of which it doesn't use, followed by
--remove

## top100AppProjects.csv

          
            Project
            # of Top 100 Free Apps (US)

            
              facebook-ios-sdk
              67

            
              Bolts-iOS
              48

            
              AFNetworking
              39

            
              Google-Mobile-Ads-SDK
              38

            
              Reachability (Apple)
              38

            
              Crashlytics
              37

            
              Flurry-iOS-SDK
              31

            
              CocoaPods
              30

            
              GoogleConversionTracking
              29

## DexGuardStringDecoder.java
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.Dex;
import jeb.api.dex.DexCodeItem;
import jeb.api.dex.DexFieldData;
import jeb.api.dex.DexMethod;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;

## DexGuardDecoder.java
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.*;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;

import java.util.Arrays;
import java.util.HashMap;
	package com.nexus5.dos;

	import android.content.Intent;
	import android.support.v7.app.ActionBarActivity;
	import android.os.Bundle;
	import android.view.Menu;
	import android.view.MenuItem;
	import android.view.View;
	import android.widget.Button;
	public class MainActivity extends ActionBarActivity {
	#!/usr/bin/env bash
	set -e

	YOUR_IPHONE=${1-root@172.20.10.1}
	MALWARES='Unflod AdThief AppBuyer'

	# folks say http://insanelyi.com/topic/17406-newly-discovered-ios-malware/
	Unflod() { # aka SSLCreds
	cat << PWND
	/Library/MobileSubstrate/DynamicLibraries/Unflod.dylib
	#!/bin/bash
	#Basic set up for an Application AndroidManifest Fuzzer
	#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
	#this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/
	#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
	#NOTE: you should probably monitor $(adb logcat)\|\|(/system/bin/gdbserver) for responsiveness to the issue

	APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR
	APP_PACKAGE_NAME="..." #<-- PACKAGE NAME
	APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME
	These two files should help you to import passwords from mac OS X keychains to 1password.

	Assumptions:
	1) You have some experience with scripting/are a power-user. These scripts worked for me
	but they haven't been extensively tested and if they don't work, you're on your own!
	Please read this whole document before starting this process. If any of it seems
	incomprehensible/frightening/over your head please do not use these scripts. You will
	probably do something Very Bad and I wouldn't want that.
	2) You have ruby 1.9.2 installed on your machine. This comes as standard with Lion, previous
	versions of OS X may have earlier versions of ruby, which may work, but then again, they
	# ------------------------------------------------------------------
	#
	# Copyright (C) 2002-2005 Novell/SUSE
	# Copyright (C) 2012 Canonical Ltd.
	#
	# This program is free software; you can redistribute it and/or
	# modify it under the terms of version 2 of the GNU General Public
	# License published by the Free Software Foundation.
	#
	# ------------------------------------------------------------------
	#!/usr/bin/python
	"""Identify or remove files known to be involved in Adware/Malware
	infection.

	Most of the code applies to building a list of malware files. Thus,
	both extension attribute and removal handling are included.

	Cleans files as a Casper script policy; thus, it expects four total
	arguments, the first three of which it doesn't use, followed by
	--remove
	Project	# of Top 100 Free Apps (US)
	facebook-ios-sdk	67
	Bolts-iOS	48
	AFNetworking	39
	Google-Mobile-Ads-SDK	38
	Reachability (Apple)	38
	Crashlytics	37
	Flurry-iOS-SDK	31
	CocoaPods	30
	GoogleConversionTracking	29
	import jeb.api.IScript;
	import jeb.api.JebInstance;
	import jeb.api.ast.*;
	import jeb.api.ast.Class;
	import jeb.api.dex.Dex;
	import jeb.api.dex.DexCodeItem;
	import jeb.api.dex.DexFieldData;
	import jeb.api.dex.DexMethod;
	import jeb.api.ui.JavaView;
	import jeb.api.ui.View;