Skip to content

Instantly share code, notes, and snippets.

View iddoeldor's full-sized avatar

iddoeldor

View GitHub Profile
@su-vikas
su-vikas / screenshot.js
Created October 7, 2018 07:55
FRIDA script for bypassing Android FLAG_SECURE
Java.perform(function() {
var surface_view = Java.use('android.view.SurfaceView');
var set_secure = surface_view.setSecure.overload('boolean');
set_secure.implementation = function(flag){
console.log("setSecure() flag called with args: " + flag);
set_secure.call(false);
};
@virtualminds
virtualminds / frida_ssl_read_write.js
Last active October 18, 2018 17:55
frida libmono ssl read
{
onEnter: function (log, args, state) {
soname = Memory.readUtf8String(args[0]);
if(soname.includes('libmono-btls-shared.so')) {
log("libmono-btls-shared.so cargada!");
this.dlopen = true;
this.dlopenMonitor = false;
}
@ceres-c
ceres-c / frida-extract-keystore.py
Last active December 16, 2025 15:06
Automatically extract KeyStore objects and relative password from Android applications with Frida - Read more: https://ceres-c.it/2018/12/16/frida-android-keystore/
#!/usr/bin/python3
'''
author: ceres-c
usage: ./frida-extract-keystore.py
Once the keystore(s) have been exported you have to convert them to PKCS12 using keytool
NOTE: Updated Frida 17 fork here https://github.com/JJK96/frida-extract-keystore
'''
import frida, sys, time
@oleavr
oleavr / frida-logging.md
Last active April 7, 2023 08:53
Frida logging hacks

Frida logging helper

For adding temporary logging to help understand behavior. For when it is impractical to use Frida to instrument Frida.

Choose one of these and copy-paste it into e.g. lib/interfaces/session.vala, then use log_event ("name='%s'", name); to log.

When something appears to be hanging, try applying: x-async-debug.patch.

@grepharder
grepharder / universal_links.js
Created January 28, 2019 19:59
@grepharder
grepharder / urlschemefuzzer.js
Created January 28, 2019 20:06
/*
* Modified from: https://codeshare.frida.re/@dki/ios-url-scheme-fuzzing/
*
* iOS URL Scheme Fuzzing
* Usage: frida -U --codeshare dki/ios-url-scheme-fuzzing SpringBoard
*
* Open the specified URL
* openURL("somescheme://test");
*
* Fuzz a particular URL - use {0} as placeholder for insertion points
@netspooky
netspooky / pubsploit.py
Last active November 5, 2020 22:28
import urllib.request, json, sys, textwrap
# Run like
# python3 pubsploit.py CVE-2017-0143
def cveSearch(cve):
with urllib.request.urlopen('http://cve.circl.lu/api/cve/'+cve) as url:
data = json.loads(url.read().decode())
try:
if data['cvss']:
print("{} | CVSS {}".format(cve,data['cvss']))
@luk6xff
luk6xff / ARMonQEMUforDebianUbuntu.md
Last active November 8, 2025 16:12 — forked from bruce30262/ARMDebianUbuntu.md
Emulating ARM with QEMU on Debian/Ubuntu

You might want to read this to get an introduction to armel vs armhf.

If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.

Running ARM programs under linux (without starting QEMU VM!)

First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux

If there's no qemu-arm-static in the package list, install qemu-user-static instead

@int0x33
int0x33 / procmon.sh
Created March 12, 2019 22:18
IFS=$'\n'
old_process=$(ps -eo command)
while true; do
new_process=$(ps -eo command)
diff <(echo "$old_process") <(echo "$new_process") |grep [\<\>]
sleep 1
old_process=$new_process
done
@fxthomas
fxthomas / adbsync
Created July 3, 2019 22:31
Android <> local directory synchronization script using rsync
#!/bin/bash
# Usage: adbsync <remote path> <local path>
# <remote path> defaults to /sdcard/DCIM
# <local path> defaults to .
REMOTE_PATH=${1:-/sdcard/DCIM}
LOCAL_PATH=${2:-.}
REMOTE_PORT=1873
LOCAL_PORT=6010