This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function() { | |
| var f = Java.use("java.io.File") | |
| f.delete.implementation = function(a){ | |
| console.log("[+] Delete catched =>" +this.getAbsolutePath()) | |
| return true | |
| } | |
| }) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // send following command to trigger | |
| // adb shell 'am broadcast -a flag_checker --es flag "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -n com.application.darkcon/com.application.darkcon.MyReceiver' | |
| var flag = "" | |
| var looper = Module.getExportByName("libnative-lib.so","_Z6looperj") | |
| var nlib = Module.getBaseAddress("libnative-lib.so") | |
| function bytes2hex(array) { | |
| array = Java.array('byte',array) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function(){ | |
| let ThreadDef = Java.use('java.lang.Thread'); | |
| let ThreadObj = ThreadDef.$new(); | |
| function stackTrace() { | |
| console.log('------------START STACK---------------') | |
| let stack = ThreadObj.currentThread().getStackTrace(); | |
| for (let i = 0; i < stack.length; i++) { | |
| console.log(i + ' => ' + stack[i].toString()); | |
| } | |
| console.log('------------END STACK---------------'); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var DEBUG = false | |
| console.log('Starting ..') | |
| const YourCountry = 'Americans' | |
| const HACKS = ['Cost','BuildTime','Armor','income','speed','firepower'] | |
| function processCountry(rawCountry: NativePointer) { | |
| const buffer = rawCountry.readByteArray(0x1A9); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { log } from "./logger"; | |
| import { AssertionError } from "assert"; | |
| const libil2cpp = Process.getModuleByName("libil2cpp.so"); | |
| const libil2cppb = libil2cpp.base; | |
| const playerinfo_serialize = libil2cppb.add(0x6c2e30); | |
| const playerinfo_deserialize = libil2cppb.add(0x6c316c); | |
| console.log("Starting script.."); | |
| function readString(pointr:NativePointer){ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| meta: | |
| id: luac | |
| file-extension: luac | |
| endian: le | |
| seq: | |
| - id: file_header | |
| type: header | |
| - id: top_level_function | |
| type: function |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| command! -nargs=+ FridaV call FridaV(<f-args>) | |
| command! -nargs=+ Frida call Frida(<f-args>) | |
| function! FridaV( ... ) | |
| let class = split(a:1,"\\V.") | |
| let last = class[len(class)-1] | |
| let S = ":normal i" | |
| let S .= "\tvar %s = Java.use(\"%s\")\n" | |
| execute printf(S,last,a:1) | |
| call Frida(last,a:2,a:3) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // install package with adb install package.name | |
| // do not open application | |
| // use -f force option | |
| // frida -U -f package.name -l del.js | |
| Java.perform(function() { | |
| var ssl = Java.use("k.x$b") | |
| var channel = Java.use("f.e.c.b.g.f.g.a.c") | |
| var Integer = Java.use("java.lang.Integer"); | |
| var ArrayList = Java.use("java.util.ArrayList"); | |
| var ArrayList = Java.use("java.util.ArrayList"); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from Crypto.Cipher import ARC4 | |
| import base64 | |
| f = open(sys.argv[1],"r") | |
| r = f.readlines() | |
| for l in r: | |
| c = ARC4.new(l[:12].encode("utf8")) | |
| h = base64.b64decode(l[12:-1]).decode("utf-8") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| arr=($(adb shell "ls /data/app" | tr "\r\n" " " | sed 's/-[0-9]//g') "Quit") | |
| echo "It's time to choose" | |
| select opt in "${arr[@]}";do | |
| case $opt in | |
| "Quit") | |
| break | |
| esac | |
| re='^[0-9]+$' | |
| if ! [[ $REPLY =~ $re ]]; then |