k3170makan’s gists

k3170makan / diffme_2.py

Created August 16, 2016 10:34

Simpler implementation of the diffme cipher to be used for cryptanalysis demonstration

	import random
	import os
	class diffme: #numerical implementation of the diff me cipher
	"""
	sbox()
	"""
	def __init__(self,k_1,k_2,p):
	self.sbox = dict({0:3,1:14,2:1,3:10,4:4,5:9,6:5,7:6,8:8,9:11,10:15,11:2,12:13,13:12,14:0,15:7}) #substitutionbox
	self.k_1 = k_1 #round key 1
	self.k_2 = k_2 #round key 2

k3170makan / two_timepad.py

Last active September 2, 2017 20:50

Simple visual demonstration of the affect of key entropy and key re-use on a simple one time bad

	#!/usr/bin/python
	from sys import argv
	from random import random
	"""
	Simple demonstration of how key entropy and key re-use drastically
	affect the way a cipher protects information.

	Visually you should be able to easyily see two things:
	- where the key bit is turned on i.e. leaks key material
	- which cipher texts are encrypted with which keys i.e. two time padness aka "two time BADNESSSSSSS" CAN I GET A WOOP WOOP

k3170makan / packages.xml

Created February 12, 2018 03:25

Example of a /data/system/packages.xml file

	<package codepath="/data/app/com.project.t2i-2.apk" flags="0" ft="13a837c2068" it="13a83704ea3" name="com.project.t2i" nativelibrarypath="/data/data/com.project.t2i/lib" userid="10040" ut="13a837c2ecb" version="1">
	<sigs count="1">
	<cert index="3" key="308201e53082014ea0030201020204506825ae300d06092a86
	4886f70d01010505003037310b30090603550406130255533110300e060355040a13074
	16e64726f6964311630140603550403130d416e64726f6964204465627567301e170d31
	32303933303130353735305a170d3432303932333130353735305a3037310b300906035
	50406130255533110300e060355040a1307416e64726f6964311630140603550403130d
	416e64726f696420446562756730819f300d06092a864886f70d010101050003818d003
	08189028181009ce1c5fd64db794fd787887e8a2dccf6798ddd2fd6e1d8ab04cd8cdd9e
	bf721fb3ed6be1d67c55ce729b1e1d32b200cbcfc91c798ef056bc9b2cbc66a396aed6b

k3170makan / PackageManagerService.java

Created February 12, 2018 03:28

	public ApplicationInfo getApplicationInfo(String packageName, int flags, int userId) {
	// writer
	synchronized (mPackages) {
	PackageParser.Package p = mPackages.get(packageName);
	if (DEBUG_PACKAGE_INFO) Log.v(
	TAG, "getApplicationInfo " + packageName
	+ ": " + p);
	if (p != null) {
	// Note: isEnabledLP() does not apply here - always return info
	return PackageParser.generateApplicationInfo(p, flags);

k3170makan / PackageManagerService__.java

Created February 12, 2018 03:38

Extract from PackageManagerService.java showing mPackages hashmap.

	// Keys are String (package name), values are Package. This also serves
	// as the lock for the global state. Methods that must be called with
	// this lock held have the prefix "LP".
	// extract from https://android.googlesource.com/platform/frameworks/base/+/483f3b06ea84440a082e21b68ec2c2e54046f5a6/services/java/com/android/server/pm/PackageManagerService.java
	final HashMap<String, PackageParser.Package> mPackages =
	new HashMap<String, PackageParser.Package>();

k3170makan / ActivityLookUp.java

Last active February 15, 2018 22:58

Sample of how Activities are often located via searching with the PackageManager

	public static boolean isAvailable(Context ctx, Intent intent) {
	final PackageManager mgr = ctx.getPackageManager();
	List<ResolveInfo> list = mgr.queryIntentActivities(intent,PackageManager.MATCH_DEFAULT_ONLY);
	return list.size() > 0;
	}

k3170makan / ApplicationLookUp2.java

Created February 15, 2018 22:59

Another Sample Application Look up

	public static boolean isPackageInstalled(String packageName, PackageManager packageManager) {
	try {
	return packageManager.getApplicationInfo(packageName, 0).enabled;
	}
	catch (PackageManager.NameNotFoundException e) {
	return false;
	}
	}

k3170makan / TwitterLookupBad.java

Created February 15, 2018 23:11

An example of a potentially dangerous way to look up a twitter app on someone's device

	public static Intent getTwitterIntent(Context context, String title, String url) {
	Intent intent = null;
	String text = url + " - " + title;

	final String[] twitterApps = {
	"com.twitter.android",
	"com.twidroid",
	"com.handmark.tweetcaster",
	"com.thedeck.android",
	};

k3170makan / CheckEverythingExceptCert.java

Created February 15, 2018 23:26

Code that inspects a myriad of things except the signature. Example taken from a random open test code.

	List<ResolveInfo> receiverInfos = packageManager.queryBroadcastReceivers(intent, PackageManager.GET_INTENT_FILTERS);
	assertThat(receiverInfos).isNotEmpty();
	assertThat(receiverInfos.get(0).activityInfo.name)
	.isEqualTo("org.robolectric.ConfigTestReceiverPermissionsAndActions");
	assertThat(receiverInfos.get(0).activityInfo.permission)
	.isEqualTo("org.robolectric.CUSTOM_PERM");
	assertThat(receiverInfos.get(0).filter.getAction(0))
	.isEqualTo("org.robolectric.ACTION_RECEIVER_PERMISSION_PACKAGE");
	}

k3170makan / grantAppPermission.java

Created February 15, 2018 23:38

Code granting permissions based on app names


	public static void grantAppPermission(Context context, Intent intent, Uri fileUri) {
	List<ResolveInfo> resolvedIntentActivities = context.getPackageManager()
	.queryIntentActivities(intent, PackageManager.MATCH_DEFAULT_ONLY);

	for (ResolveInfo resolvedIntentInfo : resolvedIntentActivities) {
	String packageName = resolvedIntentInfo.activityInfo.packageName;
	context.grantUriPermission(packageName, fileUri,
	Intent.FLAG_GRANT_WRITE_URI_PERMISSION \| Intent.FLAG_GRANT_READ_URI_PERMISSION);
	}

Keith Makan k3170makan