Inside /android/app/src/main/java/com/{Project_Name}/MainActivity.java
you may add the following lines. Prevent capture screen by setFlag FLAG_SECURE, use code below as an example:
import android.os.Bundle;
import android.view.WindowManager;
...
stevejubx
/ inject-ca-old.py
Created
April 20, 2025 19:34
Install System CA on Android < 14 (Root Device)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import subprocess | |
| import os | |
| import requests | |
| CERT_URL = "http://localhost:8080/cert" | |
| CERT_DER = "cacert.der" | |
| CERT_PEM = "cacert.pem" | |
| def run(cmd): | |
| print(f"[+] {cmd}") |
stevejubx
/ inject-ca.py
Created
April 20, 2025 19:25
Install System CA on Android 14+ (Root Device)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import subprocess | |
| import requests | |
| CERT_URL = "http://localhost:8080/cert" | |
| CERT_DER = "cacert.der" | |
| CERT_PEM = "burp.pem" | |
| def run(cmd): | |
| print(f"[+] {cmd}") | |
| return subprocess.run(cmd, shell=True, check=True) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function() { | |
| var SecretKeySpec = Java.use("javax.crypto.spec.SecretKeySpec"); | |
| var GCMParameterSpec = Java.use("javax.crypto.spec.GCMParameterSpec") | |
| SecretKeySpec.$init.overload('[B', 'java.lang.String').implementation = function(keyBytes, algorithm) { | |
| for (var i = 0; i < keyBytes.length; i++) { | |
| keyBytes[i] = 0x41; | |
| } | |
| return this.$init(keyBytes, algorithm); |
stevejubx
/ insecureran.js
Created
November 27, 2024 17:41
Frida Hook SecureRandom to InsecureRandom
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function() { | |
| setTimeout(() => { | |
| var SecureRandom = Java.use("java.security.SecureRandom"); | |
| SecureRandom.nextBytes.overload('[B').implementation = function(byteArray) { | |
| console.log("SecureRandom.nextBytes called!"); | |
| for (var i = 0; i < byteArray.length; i++) { | |
| byteArray[i] = 0x41; // AAAAAAAAAAAAAAAA |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # $ sshuttle.sh // Run Background Mode. | |
| # $ sshuttle.sh --debug // Debug sshuttle Logs. | |
| SSH_KEY= | |
| SSH_USER=root | |
| HOST=localhost | |
| PORT=22 | |
| DEBUG_MODE=false |
stevejubx
/ inject-burp-ca.sh
Last active
January 16, 2024 10:22
Quick Install Burp Certificate on Android (ROOT Device)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| adb_permission=$(adb shell su -c id) | |
| if [[ $adb_permission == *"root"* ]]; then | |
| # Download ROOT CA and push to device | |
| curl -o cacert.der http://localhost:8080/cert | |
| openssl x509 -inform der -in cacert.der -out cacert.pem | |
| result=$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1) |
stevejubx
/ rn-bypass-wifi-check.txt
Last active
November 13, 2023 15:46
[React Native] Bypass Wifi-Check with Smali Patching
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Replace "wifi" to "cellular" | |
| // https://github.com/react-native-netinfo/react-native-netinfo/blob/6c0350228ff10661f8733734467a9faf88503711/android/src/main/java/com/reactnativecommunity/netinfo/types/ConnectionType.java | |
| File: /smali_classes2/com/reactnativecommunity/netinfo/types/b.smali | |
| Original: | |
| .method static constructor <clinit>()V | |
| [...] |
stevejubx
/ mobile-security-Capture-ScreenShot.md
Created
March 31, 2021 15:58
Disable Screen Capture/ScreenShot in Mobile App
stevejubx
/ root-ssl-pin-bypass.js
Last active
January 6, 2022 15:40
Root detection & certificate pinning bypass with Frida Framework
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setTimeout(function(){ | |
| Java.perform(function (){ | |
| var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", | |
| "com.koushikdutta.superuser", "com.thirdparty.superuser", "com.yellowes.su", "com.koushikdutta.rommanager", | |
| "com.koushikdutta.rommanager.license", "com.dimonvideo.luckypatcher", "com.chelpus.lackypatch", | |
| "com.ramdroid.appquarantine", "com.ramdroid.appquarantinepro", "com.devadvance.rootcloak", "com.devadvance.rootcloakplus", | |
| "de.robv.android.xposed.installer", "com.saurik.substrate", "com.zachspong.temprootremovejb", "com.amphoras.hidemyroot", |
stevejubx
/ switch-case.java
Created
August 22, 2020 09:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| String GenreName = null; | |
| int getGenreCode = 0; | |
| int id = 1; | |
| switch (id) { | |
| case 0: | |
| GenreName = ProductGenre.UNSPECIFIED.getGenreName(); | |
| getGenreCode = ProductGenre.UNSPECIFIED.getGenreCode(); | |
| break; | |
| case 1: |
NewerOlder