Skip to content

Instantly share code, notes, and snippets.

View iddoeldor's full-sized avatar

iddoeldor

View GitHub Profile
@iddoeldor
iddoeldor / lldb.md
Last active April 16, 2019 13:19 
$ iproxy 2222 22
$ iproxy 7777 77
iphone~root# debugserver 7777 --waitfor $processId

(lldb) process connect connect://localhost:7777
(lldb) image list | grep $processId

@ IDA Pro > Edit > Segements > Rebase program
@iddoeldor
iddoeldor / vimdiffbin.md
Last active April 30, 2019 11:02 
$ d(){ vimdiff <(f $1) <(f $2);};f(){ hexdump -C $1|cut -d' ' -f3-|tr -s ' ';};d ~/bin1 ~/bin2

save diffchar @ ~/.vim/plugins

Click F7 to switch between diff modes

Usefull vimdiff commands:

  • qa to exit all windows
@iddoeldor
iddoeldor / ios_ssh_over_usb_and_ipa_extractor.md
Last active June 4, 2024 18:10
and iOS related tips&tricks

extract db

PASS=alpine; PORT=2222; sshpass -p $PASS ssh -p $PORT root@localhost -t "cp \$(find /var/mobile/Containers/Data/Application/ -name s4l*db) /private/var/tmp/skype.db" && sshpass -p $PASS scp -P $PORT root@localhost:/private/var/tmp/skype.db .

pull & read plist

/tmp$ scp -P 2222 root@localhost:/private/var/mobile/Containers/Data/Application/F8C7294C-2B60-48EC-A987-D46B9FE4DEAE/Library/Preferences/com.skype.skype.plist .
/tmp$ sudo apt-get install libplist-utils
/tmp$ plistutil -i com.skype.skype.plist | less
@iddoeldor
iddoeldor / frida_ssl_read_write.js
Created October 18, 2018 17:55 — forked from virtualminds/frida_ssl_read_write.js
frida libmono ssl read
{
onEnter: function (log, args, state) {
soname = Memory.readUtf8String(args[0]);
if(soname.includes('libmono-btls-shared.so')) {
log("libmono-btls-shared.so cargada!");
this.dlopen = true;
this.dlopenMonitor = false;
}
@iddoeldor
iddoeldor / safari-ripper.html
Created September 16, 2018 11:16
Safari Ripper ☠️ (Original tweet: https://twitter.com/pwnsdx/status/1040944750973595649, try it: https://cdn.rawgit.com/pwnsdx/ce64de2760996a6c432f06d612e33aea/raw/23f2faa0aadb4babbfd228c8bb32a26a8c51c741/safari-ripper.html)
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
background: repeat url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/7QCIUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAGscAVoAAxslRxwCAAACAAAcAnQAV8KpIENoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbGQgLSBodHRwOi8vd3d3LnJlZGJ1YmJsZS5jb20vcGVvcGxlL0NoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAA
@iddoeldor
iddoeldor / makeToast.js
Created August 5, 2018 14:06 — forked from myzhan/makeToast.js
Frida android make toast
Java.scheduleOnMainThread(function() {
Toast = Java.use("android.widget.Toast");
var currentApplication = Java.use('android.app.ActivityThread').currentApplication();
var context = currentApplication.getApplicationContext();
Toast.makeText(context,"hello world", Toast.LENGTH_SHORT.value).show();
});
@iddoeldor
iddoeldor / out.tsv
Last active February 27, 2019 19:30
N people each one get a real number, they cannot talk and etc.. they guess there number in the same time.. they need at least one to guess right
Combination PG1 PG2 PG3 PG4 Win
[1, 1, 1, 1] 1 2 3 4 True
[1, 1, 1, 2] 4 1 2 4 True
[1, 1, 1, 3] 3 4 1 4 True
[1, 1, 1, 4] 2 3 4 4 True
[1, 1, 2, 1] 4 1 3 3 True
[1, 1, 2, 2] 3 4 2 3 True
[1, 1, 2, 3] 2 3 1 3 True
[1, 1, 2, 4] 1 2 4 3 True
[1, 1, 3, 1] 3 4 3 2 True
@iddoeldor
iddoeldor / Makefile
Created June 6, 2018 15:25
dump keychain to json
GCC_BIN=`xcrun --sdk iphoneos --find gcc`
SDK=`xcrun --sdk iphoneos --show-sdk-path`
#support iPhone 3GS and above, delete armv6 to avoid SDK error
ARCH_FLAGS=-arch armv7 -arch armv7s -arch arm64
LDFLAGS =\
-F$(SDK)/System/Library/Frameworks/\
-F$(SDK)/System/Library/PrivateFrameworks/\
-framework UIKit\
-framework CoreFoundation\
@iddoeldor
iddoeldor / ReverseIP2Country.java
Last active January 6, 2018 14:38
reverse ip2country
import com.maxmind.geoip2.DatabaseReader;
import com.maxmind.geoip2.exception.GeoIp2Exception;
import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.nio.file.Files;
import java.nio.file.Paths;
import static java.nio.file.StandardOpenOption.*;