var kModuleName = 'library.so';
var _module = Process.findModuleByName(kModuleName);
var _module_end = _module.base.add(_module.size);
var o = 0xFF537;
Interceptor.attach(base.add(o),{
onEnter: function (args) {
console.log(o.toString(16), this.context.x0.readPointer().readCString())
this.tid = Process.getCurrentThreadId();
iddoeldor
iddoeldor
/ pyc.py
Created
May 2, 2020 13:51
— forked from adamnew123456/pyc.py
Using Inline C Code In Python Programs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Inserts C code directly into Python files, which can then be dynamically linked | |
| in and called via ctypes. | |
| """ | |
| import atexit | |
| import ctypes | |
| import os | |
| import shlex | |
| import sys | |
| import tempfile |
iddoeldor
/ frida-hook-generator.py
Created
May 11, 2020 22:01
— forked from FrankSpierings/frida-hook-generator.py
Generate Frida hooks based on c header files using pyclibrary
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pyclibrary import CParser | |
| import re | |
| hook_template = ''' | |
| (function() { | |
| var name = '__NAME__'; | |
| var address = Module.findExportByName(null, name); | |
| if (address != null) { | |
| console.log('[!] Hooking: ' + name + ' @ 0x' + address.toString(16)); |
iddoeldor
/ a.py
Created
May 20, 2020 17:21
— forked from zoriankazinski/a.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def _masquerade(self,origin): | |
| self.__class__ = type(origin.__class__.__name__,(self.__class__,origin.__class__),{}) | |
| self.__dict__ = origin.__dict__ |
iddoeldor
/ ida_sarlk_function_strings_ref.py
Created
August 17, 2020 22:45
— forked from yannayl/ida_sarlk_function_strings_ref.py
A function which returns all the strings referenced from function
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def strs(f=None, visited=None, level=0, maxlevel=-1): | |
| if maxlevel >= 0 and level > maxlevel: | |
| return [], set() | |
| if not f: | |
| f = sark.Function() | |
| if not visited: | |
| visited = set() | |
| root = True | |
| else: | |
| root = False |
iddoeldor
/ prefix_globals.py
Created
August 17, 2020 22:46
— forked from yannayl/prefix_globals.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sark | |
| for segname in ['.bss', '.data']: | |
| for line in sark.Segment(name=segname).lines: | |
| if not line.name: | |
| continue | |
| if line.name.startswith('g_'): | |
| continue |
iddoeldor
/ speex-fuzz.cpp
Created
October 7, 2020 11:30
— forked from klemensbaum/speex-fuzz.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <speex/speex.h> | |
| #include <iostream> | |
| #include <fstream> | |
| #include <vector> | |
| #include <iterator> | |
| #include <cassert> | |
| int main(int argc, char const *argv[]) | |
| { | |
| if (argc < 2) |
iddoeldor
/ frida_ida_trace.md
Created
December 24, 2020 16:20
iddoeldor
/ get_classes.py
Created
January 9, 2021 16:58
— forked from SamL98/get_classes.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ghidra.program.model.address import Address | |
| from ghidra.program.model.mem import MemoryAccessException | |
| from ghidra.program.flatapi import FlatProgramAPI | |
| from ghidra.util.task import TaskMonitor | |
| import math | |
| import json | |
| from os.path import isfile, join, dirname | |
| import struct as st | |
| import string |
iddoeldor
/ UiccUnlock.cpp
Last active
November 21, 2021 20:05
— forked from tewilove/UiccUnlock.cpp
Looks like a quasi-exploit to do a SIM unlock
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <android/log.h> | |
| #include <jni.h> | |
| #include <binder/Binder.h> | |
| #include <binder/Parcel.h> | |
| #include <binder/IServiceManager.h> | |
| #include <dlfcn.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> |
OlderNewer