This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
/Library/Frameworks/Python.framework/Versions/3.11/bin/python3.11 << "EOF" | |
# install_certifi.py | |
# | |
# sample script to install or update a set of default Root Certificates | |
# for the ssl module. Uses the certificates provided by the certifi package: | |
# https://pypi.org/project/certifi/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
MIT License | |
Copyright (c) 2023 David Buchanan | |
Permission is hereby granted, free of charge, to any person obtaining a copy | |
of this software and associated documentation files (the "Software"), to deal | |
in the Software without restriction, including without limitation the rights | |
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
copies of the Software, and to permit persons to whom the Software is |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
./tokenizer_checklist.chk 50 | |
./tokenizer.model 499723 | |
./7B/checklist.chk 100 | |
./7B/consolidated.00.pth 13476939516 | |
./7B/params.json 101 | |
./13B/checklist.chk 154 | |
./13B/consolidated.00.pth 13016334699 | |
./13B/consolidated.01.pth 13016334699 | |
./13B/params.json 101 | |
./30B/checklist.chk 262 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from base64 import b64decode | |
from Crypto.Cipher import ARC4 | |
#s = "mpntingadxedMTBjMDc2NGZiNDNiOTYzMjk3NjhkZTRmM2ZlOWMyMGE5NDAwMGUwMzFmMmQ0ZGIxMDdlOGY3ODE4ZWJlMGVhNzlhNTQ=" | |
s = "wfycyqhbrwfxMWFjMWYxOGM1MjljZDI1M2UxNjUzNDY2ZTRlNDYwNDk5MWUxYjc2OTVjODc2YWYxOTI0YTgxYzUwMWQ4NGUzZGIxZjYwMGVjZWViNDhkYTYyMTkyNjQ0MjllYzhhMDUyZjg2MGM3NGEyYjZkYmU=" | |
def decrypt_string(s): | |
key = s[:12].encode() | |
data = bytes.fromhex(b64decode(s[12:]).decode()) | |
c = ARC4.new(key=key) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from opcode import opmap | |
import dis | |
code = b"" | |
code += bytes([opmap["LOAD_CONST"], 0]) | |
code += bytes([opmap["GET_LEN"], 0]) | |
code += bytes([opmap["IMPORT_FROM"], 0]) | |
code += bytes([opmap["ROT_TWO"], 0]) | |
code += bytes([opmap["CALL_FUNCTION"], 1]) |
Some considerations regarding the APK Signing Block and how F-Droid handles Reproducible Builds.
The signature part of the APK Signing Block can contain more than one signature.
AFAIK android and apksigner
(unlike apksigtool
) only check the one with the strongest supported signature algorithm ID, not all of them.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# author : [email protected] aka lordx64 | |
# OSX/Shlayer.F C2 config extracting from DMG files | |
# copyright 2022 - All rights reserved | |
# compatible python 3.8 | |
# Note on installation on mac: | |
# brew install gmp | |
# then: env "CFLAGS=-I/usr/local/include -L/usr/local/lib" pip3 install pycrypto | |
from Crypto.Cipher import AES | |
import argparse |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//TODO recordbreaker string decryption via selection | |
//Applied to sample: 746669c6be1807fdafbc7ee3f1e958e1b584fa31688742bcc044d269af94b0d8 (sha256) | |
//@author 0xca7 | |
//@category _NEW_ | |
//@keybinding | |
//@menupath | |
//@toolbar | |
import ghidra.app.script.GhidraScript; | |
import ghidra.program.model.mem.*; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import idaapi as ia, idc | |
def PLUGIN_ENTRY(): return nop() | |
class nop(ia.plugin_t): | |
flags = ia.PLUGIN_UNL | |
comment = "NOP" | |
help = "select bytes, run" | |
wanted_name = "NOP bytes..." | |
wanted_hotkey = "Ctrl+Shift+N" |