Get Homebrew installed on your mac if you don't already have it
Install highlight. "brew install highlight". (This brings down Lua and Boost as well)
get Android source code: http://source.android.com/source/downloading.html | |
$ cd /path/to/android-src | |
$ cd system/core/libmincrypt/ | |
$ gcc -c *.c -I../include | |
$ ar rcs libmincrypt.a *.o | |
$ cd ../mkbootimg | |
$ gcc mkbootimg.c -o mkbootimg -I../include ../libmincrypt/libmincrypt.a | |
$ cd ../cpio | |
$ gcc mkbootfs.c -o mkbootfs -I../include |
internal static class NativeMethods | |
{ | |
[DllImport("XpsPrint.dll", ExactSpelling = true, CharSet = CharSet.Unicode)] | |
public static extern int StartXpsPrintJob(string printerName, string jobName, string outputFileName, IntPtr progressEvent, SafeWaitHandle completionEvent, | |
[MarshalAs(UnmanagedType.LPArray)] byte[] printablePagesOn, int printablePagesOnCount, out IXpsPrintJob xpsPrintJob, out IXpsPrintJobStream documentStream, out IXpsPrintJobStream printTicketStream); | |
} | |
[ComImport, Guid("E974D26D-3D9B-4D47-88CC-3872F2DC3585"), ClassInterface(ClassInterfaceType.None)] | |
internal class XpsOMObjectFactory | |
{ |
Get Homebrew installed on your mac if you don't already have it
Install highlight. "brew install highlight". (This brings down Lua and Boost as well)
Many mobile apps have back-end API servers. They usually rely on the API replies to determine whether certain information is supposed to be shown. If the API responses could be manipulated on the fly, we may easily fool an unmodified app to expose some private data.
This manual guides you to set up nginx as non-transparent SSL proxy, which just subsitutes strings in the server responses (i.e. man-in-the-middle attack ourself). For both server-side (their API servers) and client-side (your device), the whole process is almost transparent.
#include <stdio.h> | |
void DumpHex(const void* data, size_t size) { | |
char ascii[17]; | |
size_t i, j; | |
ascii[16] = '\0'; | |
for (i = 0; i < size; ++i) { | |
printf("%02X ", ((unsigned char*)data)[i]); | |
if (((unsigned char*)data)[i] >= ' ' && ((unsigned char*)data)[i] <= '~') { | |
ascii[i % 16] = ((unsigned char*)data)[i]; |
import leveldb | |
db = leveldb.LevelDB('./db') | |
db.Put('hello', 'value') | |
db.Put('world', 'value') | |
for k in db.RangeIter(include_value = False): | |
print 'K', k |
#!/usr/bin/env python | |
# | |
# Instrument vmlinux STP, LDP and BLR instructions to protect RA and restrict jumpping | |
# | |
# Depends on: | |
# 1) a modified gcc that | |
# - outputs 2 nop's before stp x29, x30 instructions | |
# - outputs 1 nop after ldp x29, x30 instructions | |
# 2) a kernel built using gcc command-line options to prevent allocation of registers x16, x17, and x18 | |
# |
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8" /> | |
<title>Remote terminal</title> | |
<link rel="stylesheet" href="xterm.css" /> | |
<script src="terminal.class.js"></script> | |
const ethers = require("ethers") | |
const pk = | |
"0x0471c746523d16e93d4738f882d9b0beebf66c68caa0f895db15686b57b878cfc7b3e09813ba94f1bbfaa91a06566d3d18bbf69d10bcc947325bbcd6fea97ed692" | |
const ad = "0xcD3edF915387E2555A829567cE0dBbC919834B82" | |
getPubKey = async () => { | |
const infuraProvider = new ethers.providers.JsonRpcProvider( | |
"https://ropsten.infura.io/v3/<projectID>" | |
) |