Skip to content

Instantly share code, notes, and snippets.

View ssl-bypass.js
setTimeout(function(){
Java.perform(function (){
console.log("[*] Script loaded")
var MenuActivity = Java.use("sg.vantagepoint.mstgkotlin.MenuActivity")
StartActivity.RootDetection.overload().implementation = function() {
console.log("[*] isDeviceRooted function invoked")
return false
}
console.log("");
console.log("[.] Cert Pinning Bypass/Re-Pinning");
@vj0shii
vj0shii / 1. Initial.burp
Last active May 28, 2020
CSRF-email update
View 1. Initial.burp
POST /server/api/users/1 HTTP/1.1
Host: test.example.com
Connection: close
Content-Length: 2298
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryY0xsvHS604Lx0QVR
Origin: https://test.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
View chaos.html
POST /J00_w1ll_f1Nd_n07H1n9_H3r3/ajax.php HTTP/1.1
Host: chaos.htb
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:67.0) Gecko/20100101 Firefox/67.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://chaos.htb/J00_w1ll_f1Nd_n07H1n9_H3r3/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 29
View decrypt.py
import os, time
from Crypto.Cipher import AES
from Crypto.Hash import SHA256
from Crypto import Random
from optparse import *
def decrypt(key, filename):
chunksize = 64 * 1024
outputFile = filename.split('en')[1]
with open(filename, 'rb') as infile: