Skip to content

Instantly share code, notes, and snippets.

View obfusk's full-sized avatar
🏳️‍🌈
hacking ⇒ ¬sleeping 😸

FC (Fay) Stegerman obfusk

🏳️‍🌈
hacking ⇒ ¬sleeping 😸
135 followers · 58 following
View GitHub Profile
@obfusk
obfusk / example.sh
Created May 28, 2024 20:05
perl command to decrement numbers in a file
perl -pi -e 's/\b(\d+)\b/$1 - 1/e' file-with-numbers
@obfusk
obfusk / apk-manifest-info.py
Last active May 27, 2024 21:31
#!/usr/bin/python3
import dataclasses
import json
import sys
import repro_apk.binres as binres
data = {}
for apkfile in sys.argv[1:]:
try:
@obfusk
obfusk / apksig-uses-sdk.groovy
Created May 20, 2024 21:20
import com.android.apksig.ApkSigner
import com.android.apksig.apk.ApkUtils
import com.android.apksig.internal.apk.v1.V1SchemeVerifier
import com.android.apksig.util.DataSource
import com.android.apksig.util.DataSources
def f = new RandomAccessFile(args[0], "r")
def apk = DataSources.asDataSource(f, 0, f.length())
def zipSections = ApkUtils.findZipSections(apk)
def cdRecords = V1SchemeVerifier.parseZipCentralDirectory(apk, zipSections)
@obfusk
obfusk / elf-build-id.py
Last active April 29, 2024 01:52
Get ELF build-id w/ pyelftools
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: GPL-3.0-or-later
from elftools.elf.elffile import ELFFile # type: ignore[import-untyped]
from elftools.elf.sections import NoteSection # type: ignore[import-untyped]
class Error(Exception):
@obfusk
obfusk / zipdup.py
Last active April 11, 2024 19:19
create a ZIP file with two CD entries pointing to the same file
#!/usr/bin/python3
import sys
import zipfile
# Usage: zipdup.py ZIPFILE ENTRY_NAME ENTRY_DATA
zfile, zentry, data = sys.argv[1:]
with zipfile.ZipFile(zfile, "w") as zf:
info = zipfile.ZipInfo(filename=zentry)
zf.writestr(info, data)
@obfusk
obfusk / detect-apk.py
Last active April 11, 2024 17:04
Detect APK files
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: AGPL-3.0-or-later
import fnmatch
import os
import struct
import sys
@obfusk
obfusk / Cert.java
Last active April 17, 2024 00:03
verify APK and get SHA-256 of first cert
import java.io.File;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.List;
import com.android.apksig.ApkVerificationIssue;
import com.android.apksig.ApkVerifier;
import com.android.apksig.apk.ApkFormatException;
@obfusk
obfusk / mozzip.py
Last active March 29, 2024 16:43
import zipfile
def test(filename):
_orig_EndRecData = zipfile._EndRecData
eocd_offset = None
def _EndRecData(fh):
endrec = _orig_EndRecData(fh)
if endrec:
@obfusk
obfusk / fix-pg-map-id.py
Last active March 21, 2024 04:11
fix pg-map-id
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: GPL-3.0-or-later
import hashlib
import os
import re
import struct
import zipfile
@obfusk
obfusk / delete-tag.py
Last active March 9, 2024 15:32
rbtlog: merge logs
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2024 FC (Fay) Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: AGPL-3.0-or-later
import argparse
import json
import os
from typing import Any, Dict