I figured that I would write down my findings somewhere since this is my first time using Frida. This won't cover installing frida, adb, apktool because these are well covered in other sources.
0xA bl4ckbo7
elevenchars
/ fridanotes.md
Last active
March 6, 2025 19:40
My notes on injecting a frida gadget into an apk
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/aes" | |
| "crypto/cipher" | |
| "crypto/rand" | |
| "encoding/hex" | |
| "fmt" | |
| "io" | |
| "os" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "encoding/hex" | |
| "fmt" | |
| "os" | |
| "github.com/gdamore/encoding" | |
| ) |
bl4ckbo7
/ nitrxgen.py
Last active
March 21, 2020 07:57
Nitrxgen md5 crahking script (Requires the Internet to access the API)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #Title: Nitrxgen md5 crahking script (Requires the Internet to access the API) | |
| #Author: bl4ckbo7 | |
| """ | |
| [ Examples ] | |
| ------------ | |
| ./nitrxgen - hashes.txt | |
| ./nitrxgen 6b6e8ca697b4ea4bdc8ac88613ab646e |
valorin
/ wordpress-setup-attack.sh
Created
August 23, 2019 23:48
Proof of concept WordPress setup script attack - sets up a new WP installation and injects a simple shell into /wp-content/themes/twentynineteen/404.php and /wp-hello.php.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # WordPress Setup Attack Script | |
| # | |
| # Created by Stephen Rees-Carter (https://stephenreescarter.net/) | |
| # | |
| # This script injects a remote shell into a fresh copy of WordPress that hasn't been set up yet. | |
| # Once the shells have been set up, it removes the config file with the custom database connection to reset the site back to a fresh install. | |
| # |
- Drozer - Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS.
- Starting a session
adb forward tcp:31415 tcp:31415drozer console connectdrozer console connect --server <ip>
- List modules
lsls activity
- Retrieving package information
- Starting a session
run app.package.list -f
pishangujeniya
/ mail-exchange-2019.md
Last active
June 18, 2024 13:34
Configuring and installing Mail Exchange 2019
Download and install the prerequisites
bl4ckbo7
/ bezoutsInvModulo.py
Last active
December 10, 2020 16:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Finding Bezout's Identities using Inverse modulo algorithm - PoC | |
| #let gcd(n,e) | |
| #from ex + by = 1 | |
| #x = e^(-1) mod n | |
| #Author: bl4ckbo7 | |
| #!/usr/bin/env python3 | |
| e = eval(input("Enter the value of a: ")) | |
| n = eval(input("Enter the value of b: ")) |
payloadartist
/ firefox.sh
Last active
February 6, 2021 20:42
Enumerate sub-domains, then open them in Firefox automatically. Useful for taking a quick glance at target's assets, and make notes, while doing recon.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ------Instructions--------- | |
| # Install (and configure) subfinder, assetfinder, and httprobe | |
| # go get -v github.com/projectdiscovery/subfinder/cmd/subfinder && go get -v github.com/tomnomnom/httprobe && go get -v github.com/tomnomnom/assetfinder | |
| # cat firefox.sh >> ~/.bashrc | |
| # source ~/.bashrc | |
| # Usage - subf_ff target.tld | |
| # asset_ff target.tld | |
| subf_ff () { | |
| subfinder -d $1 -silent -t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -L -k -s https://www.example.com | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu | |
| # using linkfinder | |
| function ejs() { | |
| URL=$1; | |
| curl -Lks $URL | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | sed -r "s/^src['\"]?[=:]['\"]//g" | awk -v url=$URL '{if(length($1)) if($1 ~/^http/) print $1; else if($1 ~/^\/\//) print "https:"$1; else print url"/"$1}' | sort -fu | xargs -I '%' sh -c "echo \"\n##### %\";wget --no-check-certificate --quiet \"%\"; basename \"%\" | xargs -I \"#\" sh -c 'linkfinder.py -o cli -i #'" | |
| } | |
| # with file download (the new best one): | |
| # but there is a bug if you don't provide a root url |