提供与客户端通讯的机制。支持WindVane SDK v2.2 以上版本。
windvane 在客户端中,会将原始UA后面跟上 WindVane/WindVaneSDK的版本号,你可以通过判断UA的方式来检查环境 其中,淘宝主客户端1212版本(IOS 3.4.5 ANDROID 3.9.5)后格式为
Aung Khant yehgdotnet
yehgdotnet
/ windvane.md
Created
November 10, 2021 09:44
— forked from sandywu/windvane.md
yehgdotnet
/ server.py
Created
October 28, 2021 16:02
— forked from mdonkers/server.py
Simple Python 3 HTTP server for logging all GET and POST requests
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Very simple HTTP server in python for logging requests | |
| Usage:: | |
| ./server.py [<port>] | |
| """ | |
| from http.server import BaseHTTPRequestHandler, HTTPServer | |
| import logging | |
| class S(BaseHTTPRequestHandler): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl -w | |
| # | |
| # $Id: //websites/unixwiz/unixwiz.net/webroot/tools/ftpput.txt#1 $ | |
| # | |
| # written by : Stephen J. Friedl | |
| # Software Consultant | |
| # Tustin, California USA | |
| # | |
| # This very simple program is a kind of inverse to wget for ftp: it | |
| # *puts* files to a remote FTP server and returns an exit code that |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- https://www.geeksforgeeks.org/how-to-read-a-local-text-file-using-javascript/ --> | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Read Text File</title> | |
| </head> | |
| <body> | |
| <input type="file" name="inputfile" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| while true | |
| do | |
| sudo ifconfig tun0 &> /dev/null && echo -e "\033[1;32m" "-- VPN is active --" "\033[0m" | |
| sudo ifconfig tun0 &> /dev/null || echo -e "\033[1;31m" "-- VPN is NOT active --" "\033[0m" | |
| sleep 5 | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Purpose: To prevent deobfuscation | |
| Symbols are usually stripped during the build process, so you need the compiled byte-code and libraries to verify whether any unnecessary metadata has been discarded. | |
| First find the nm binary in your Android NDK and export it (or create an alias). |
yehgdotnet
/ review object serialisation class
Created
April 27, 2021 12:58
object serialisation class
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Object Serialization | |
| Search the source code for the following keywords: | |
| import java.io.Serializable | |
| implements Serializable | |
| JSON | |
| Static analysis depends on the library being used. In case of the need to counter memory-dumping, make sure that highly sensitive information is not stored in JSON as you cannot guarantee any anti-memory dumping techniques with the standard libraries. You can check for the following keywords per library: |
yehgdotnet
/ gist:ec6ae948a6735d66f6eaff2ef60649a3
Last active
August 24, 2023 17:30
Bypass IP-based restriction through spoofed localhost header
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| X-Azure-ClientIP: 127.0.0.1 | |
| X-Azure-SocketIP: 127.0.0.1 | |
| X-Originating-IP: 127.0.0.1 | |
| X-Forwarded-For: 127.0.0.1 | |
| X-Remote-IP: 127.0.0.1 | |
| X-Remote-Addr: 127.0.0.1 | |
| X-Real-Ip: 127.0.0.1 | |
| X-Target-IP: 127.0.0.1 | |
| X-Forwarded-Host: localhost | |
| True-Client-IP: 127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "log" | |
| //"os" | |
| "context" | |
| "github.com/ns3777k/go-shodan/shodan" | |
| "fmt" | |
| "flag" | |
| "strings" |
yehgdotnet
/ goreadurlfromfile.go
Created
September 28, 2020 04:49
Go read url from file (change target to your desired domain)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "regexp" | |
| "io/ioutil" | |
| "log" | |
| "os" | |
| ) | |
| func main() { | |
| argsWithoutProg := os.Args[1] |
NewerOlder