iddoeldor’s gists

eybisi / hook_dexloader.js

Last active May 15, 2024 15:11

frida script for hooking loaded classes with the help of dexclassloader init

	Java.perform(function(){
	let ThreadDef = Java.use('java.lang.Thread');
	let ThreadObj = ThreadDef.$new();
	function stackTrace() {
	console.log('------------START STACK---------------')
	let stack = ThreadObj.currentThread().getStackTrace();
	for (let i = 0; i < stack.length; i++) {
	console.log(i + ' => ' + stack[i].toString());
	}
	console.log('------------END STACK---------------');

SamL98 / get_classes.py

Created October 9, 2020 03:09

	from ghidra.program.model.address import Address
	from ghidra.program.model.mem import MemoryAccessException
	from ghidra.program.flatapi import FlatProgramAPI
	from ghidra.util.task import TaskMonitor

	import math
	import json
	from os.path import isfile, join, dirname
	import struct as st
	import string

eybisi / index.ts

Last active November 17, 2024 23:40

frida script to find imposter (amongus 2020.9.9 arm64-v8a)

	import { log } from "./logger";
	import { AssertionError } from "assert";

	const libil2cpp = Process.getModuleByName("libil2cpp.so");
	const libil2cppb = libil2cpp.base;
	const playerinfo_serialize = libil2cppb.add(0x6c2e30);
	const playerinfo_deserialize = libil2cppb.add(0x6c316c);

	console.log("Starting script..");
	function readString(pointr:NativePointer){

miguelgrinberg / .tmux.conf

Last active March 15, 2022 11:39

My .tmux.conf file for working with tmux

	# Set the prefix to ^A.
	unbind C-b
	set -g prefix ^A
	bind a send-prefix

	# Start windows and panes at 1, not 0
	set -g base-index 1
	set -g pane-base-index 1
	set -g renumber-windows on

miguelgrinberg / .vimrc

Last active January 30, 2025 22:30

My .vimrc configuration for working in Python with vim

	" plugins
	let need_to_install_plugins = 0
	if empty(glob('~/.vim/autoload/plug.vim'))
	silent !curl -fLo ~/.vim/autoload/plug.vim --create-dirs
	\ https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
	let need_to_install_plugins = 1
	endif

	call plug#begin()
	Plug 'tpope/vim-sensible'

eybisi / frida.vim

Last active February 19, 2025 22:25

vim frida codeblock builder

	command! -nargs=+ FridaV call FridaV(<f-args>)
	command! -nargs=+ Frida call Frida(<f-args>)

	function! FridaV( ... )
	let class = split(a:1,"\\V.")
	let last = class[len(class)-1]
	let S = ":normal i"
	let S .= "\tvar %s = Java.use(\"%s\")\n"
	execute printf(S,last,a:1)
	call Frida(last,a:2,a:3)

eduardoarandah / .vimrc

Last active February 2, 2021 17:37

Mi configuración .vimrc y coc-settings.json

	scriptencoding utf-8 " basic
	set nocompatible " basic
	filetype off " basic
	filetype plugin on " Enable filetype plugins
	filetype indent on " Enable loading the indent file for specific file types
	syntax enable " Enable syntax highlighting
	set encoding=utf-8 " Encoding (needed in youcompleteme)
	set fileencoding=utf-8 " The encoding written to file.
	set noerrorbells " No annoying sound on errors
	set number " Line numbers on

FrankSpierings / frida-hook-generator.py

Last active January 20, 2024 21:54

Generate Frida hooks based on c header files using pyclibrary

	from pyclibrary import CParser
	import re


	hook_template = '''
	(function() {
	var name = '__NAME__';
	var address = Module.findExportByName(null, name);
	if (address != null) {
	console.log('[!] Hooking: ' + name + ' @ 0x' + address.toString(16));

FrankSpierings / openssl-frida.js

Last active March 4, 2025 22:22

Some OpenSSL hooks in Frida - Work in progress....

Quiark / sandbox.h

Created January 2, 2020 07:00

restricted version of sbtool that is compilable


	// courtesy of clang
	// https://github.com/applesrc/clang/blob/bb8f644/src/projects/compiler-rt/lib/sanitizer_common/sanitizer_mac_spi.cc

	enum sandbox_filter_type {
	SANDBOX_FILTER_NONE,
	SANDBOX_FILTER_PATH,
	SANDBOX_FILTER_GLOBAL_NAME,
	SANDBOX_FILTER_LOCAL_NAME,
	SANDBOX_FILTER_APPLEEVENT_DESTINATION,