Skip to content

Instantly share code, notes, and snippets.

View U039b's full-sized avatar

Esther U039b

View GitHub Profile
@U039b
U039b / Dockerfile
Created July 22, 2021 11:10
MVT + latest version of libimobiledevice
FROM ubuntu:20.04
# Ref. https://github.com/mvt-project/mvt
# Fixing major OS dependencies
# ----------------------------
RUN apt update \
&& apt install -y python3 python3-pip libusb-1.0-0-dev \
&& apt install -y wget \
&& apt install -y adb \
@U039b
U039b / finspy_find_strings.py
Created May 30, 2021 13:52
Find obfuscated_strings in FinSpy for Android
# Android FinFisher 2019 obfuscated strings extraction from decompiled Java code using Procyon
# Esther Onfroy a.k.a U+039b - *@0x39b.fr (https://twitter.com/u039b)
#
# Parse Java source files of FinSpy weaponized APK
import javalang
import pystache
import glob
import sys
from javalang.tree import StatementExpression, MethodInvocation

Keybase proof

I hereby claim:

  • I am u039b on github.
  • I am u039b (https://keybase.io/u039b) on keybase.
  • I have a public key ASDpbfP1qrAqTFO8mm-Dn1gJVAX7Rj00tV8cwrYz-IB14go

To claim this, I am signing this object:

#!/bin/bash
./adb shell service call iphonesubinfo 17 |awk -F "'" '{print $2}'|sed '1 d'|tr -d '.'|awk '{print}' ORS=|awk '{print "Phone number: "$1}'
./adb shell service call iphonesubinfo 1 |awk -F "'" '{print $2}'|sed '1 d'|tr -d '.'|awk '{print}' ORS=|awk '{print "IMEI: "$1}'
@U039b
U039b / fail2ban_report.sh
Last active July 24, 2024 18:48
Fail2Ban mail report
#!/bin/bash
# Weekly Fail2Ban Report
# Be sure to sudo chmod +x script_name.sh to make it executable
# Original script from https://www.mopar4life.com/fail2ban-weekly-report-script/
FAIL2BAN_PATH="/var/log/fail2ban*"
LOGFILE="/var/log/custom_fail2ban_report_$(date +%m%d%Y).log"
MAILTOADDRESS="your@domain.tld"
SUBJECT="$HOSTNAME Weekly Fail2Ban Report"
@U039b
U039b / exodus_connector.py
Created December 31, 2017 13:55
εxodus connector meant to download APK for the server or upload network dumps to the server.
import requests
import os
EXODUS_LOGIN_URI = '/api/get_auth_token/'
class Exodus:
"""
εxodus connector helps you to interact with it.
Usage:
>>> exodus = Exodus("http://localhost:8000", "/api/report/1/")