java reversing

This commit is contained in:
Stefan Friese 2021-12-28 00:59:54 +01:00
parent 9d78c9be30
commit b6708156ab
7 changed files with 93 additions and 0 deletions

6
.gitmodules vendored
View File

@ -94,3 +94,9 @@
[submodule "exploit/web/xxe/xxeserv"]
path = exploit/web/xxe/xxeserv
url = https://github.com/staaldraad/xxeserv.git
[submodule "reverse_engineering/SCDBG"]
path = reverse_engineering/SCDBG
url = https://github.com/dzzie/SCDBG.git
[submodule "reverse_engineering/java/deobfuscator"]
path = reverse_engineering/java/deobfuscator
url = https://github.com/java-deobfuscator/deobfuscator.git

View File

@ -149,6 +149,7 @@ sqlmap -r request.txt --batch
```sh
sqlmap -u http://<target-IP>/site.php --forms --dump-all
```
* [Get reverse shell via sqlmap](https://www.hackingarticles.in/shell-uploading-in-web-server-using-sqlmap/)
|Parameter|Details|

28
forensics/oletools.md Normal file
View File

@ -0,0 +1,28 @@
# oletools & Vmonkey
* Analyze ooxml and ole2 files
* [oletools repo](https://github.com/decalage2/oletools.git)
## Usage
* Check content of a stream
```sh
oledump.py file.doc -Ss <No. of stream>
oledump.py file.doc -Ss <No. of stream> -v
```
```sh
oledump.py -i file.doc
```
```sh
olevba file.doc
```
## Vipermonkey
* For the lazy ones
```sh
vmonkey file.doc
```
## scdbg
* [scdbg repo](https://github.com/dzzie/SCDBG.git)

40
misc/yara.md Normal file
View File

@ -0,0 +1,40 @@
# Yara
## Structure
A rule consists of
* Name
* Metadata
* String definitions
* Conditions on these strings
## Example
```sh
rule eicar {
meta:
author="foo"
description="eicar test virus"
strings:
$a="X5O"
$b="EICAR"
$c="ANTIVIRUS"
$d="TEST"
condition:
$a and $b and $c and $d
}
```
## Usage
* Information about a rule, metadata or strings
```sh
yara -m <file.yara> <file.target>
yara -s <file.yara> <file.target>
```
* Run Yara via
```sh
yara <file.yara> <file.target>
```
* If the name of the rule and the target is returned, the rule matched. Otherwise it did not match.

@ -0,0 +1 @@
Subproject commit 95dcf1d6a6072c6110dd99311b49d7734d17ce5e

View File

@ -0,0 +1,17 @@
# Krakatau
## Usage
* Get bytecode from `jar` file
```sh
krakatau-disassemble -r file.jar -out dissassemble.zip
```
* Generate bytecode
```sh
krakatau-assemble -out result.jar -r dissassembled/
```
* Do changes to the bytecode
* Compile jar file
```sh
java -cp result.jar <fileNameOfMainClass>
```