Skip to content

Instantly share code, notes, and snippets.

:shipit:
hacking intensifies

Tim Strazzere strazzere

:shipit:
hacking intensifies
Block or report user

Report or block strazzere

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View to_decrypt
This file has been truncated, but you can view the full file.
antistatic/spinnerwheel/AbstractWheel$1
antistatic/spinnerwheel/AbstractWheel$2
antistatic/spinnerwheel/AbstractWheel$3
antistatic/spinnerwheel/AbstractWheel$SavedState
antistatic/spinnerwheel/g$1
antistatic/spinnerwheel/g$2
bolts/AndroidExecutors$UIThreadExecutor
bolts/BoltsExecutors$ImmediateExecutor
bolts/CancellationTokenSource$1
@strazzere
strazzere / ADVDeobfuscator.py
Created May 17, 2018
Use unicorn to deobfuscate simple ADVobfuscator string encryptions, used by secneo
View ADVDeobfuscator.py
#!/usr/bin/env python
# fsck secneo
from __future__ import print_function
from unicorn import *
from unicorn.arm_const import *
from capstone import *
import binascii
DEBUG = False
View filename_validation.py
#!/usr/bin/env python
# diff
from __future__ import print_function
from unicorn import *
from unicorn.arm_const import *
import binascii
import sys
# code to be emulated
View test.config
# sample synergy configuration file
#
# comments begin with the # character and continue to the end of
# line. comments may appear anywhere the syntax permits.
# +-------+ +--------+ +---------+
# |Laptop | |Desktop1| |iMac |
# | | | | | |
# +-------+ +--------+ +---------+
section: screens
View LocationRequest.java
// Decompiled by Jad v1.5.8g. Copyright 2001 Pavel Kouznetsov.
// Jad home page: http://www.kpdus.com/jad.html
// Decompiler options: packimports(3)
package com.google.android.gms.location;
import android.os.*;
import com.google.android.gms.common.internal.ReflectedParcelable;
import com.google.android.gms.common.internal.safeparcel.AbstractSafeParcelable;
import com.google.android.gms.common.internal.zzz;
@strazzere
strazzere / output.bash
Created Sep 12, 2017
Baksmali to Smali
View output.bash
rigby:contents diff$ ls -l
total 12600
-rw-r--r-- 1 diff staff 13268 Dec 31 1979 AndroidManifest.xml
drwxr-xr-x 6 diff staff 204 Sep 12 14:03 META-INF
-rw-r--r-- 1 diff staff 623 Dec 31 1979 androidannotations-api.properties
drwxr-xr-x 4 diff staff 136 Sep 12 14:03 assets
-rw-r--r-- 1 diff staff 939 Dec 31 1979 build-data.properties
-rw-r--r-- 1 diff staff 5646628 Dec 31 1979 classes.dex
drwxr-xr-x 3 diff staff 102 Sep 12 14:03 jsr305_annotations
drwxr-xr-x 5 diff staff 170 Sep 12 14:03 lib
@strazzere
strazzere / blah.c
Created Sep 6, 2017
Example of calling android method from native code
View blah.c
void Log(std::string s){
JNIEnv *env;
g_JavaVM->GetEnv((void**)&env, JNI_VERSION_1_6);
jstring jstr1 = env->NewStringUTF(s.c_str());
jclass clazz = env->FindClass("diff/strazzere/secret/method");
// Later part is dalvik notation for parameters and return value, string param and void return value here
jmethodID mid = env->GetStaticMethodID(clazz, "methodname", "(Ljava/lang/String;)V");
View backdoor.go
package main
import (
"fmt"
"net"
"os"
"sync"
"time"
)
@strazzere
strazzere / Makefile
Created Jul 14, 2017
Decryption for most Kony
View Makefile
all:
gcc decrypt.c -I/usr/local/opt/boringssl/include -L/usr/local/opt/boringssl/lib -lcrypto -o kony_decrypt
@strazzere
strazzere / detect.go
Created Jul 7, 2017
Quick test for Otto VM detection techniques
View detect.go
package main
import (
"fmt"
"github.com/robertkrimen/otto"
)
func main() {
vm := otto.New()
You can’t perform that action at this time.