java reversing

2021-12-28 00:59:54 +01:00 · 2021-12-28 00:59:54 +01:00 · b6708156ab
parent 9d78c9be30
commit b6708156ab
7 changed files with 93 additions and 0 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -94,3 +94,9 @@
 [submodule "exploit/web/xxe/xxeserv"]
 	path = exploit/web/xxe/xxeserv
 	url = https://github.com/staaldraad/xxeserv.git
+[submodule "reverse_engineering/SCDBG"]
+	path = reverse_engineering/SCDBG
+	url = https://github.com/dzzie/SCDBG.git
+[submodule "reverse_engineering/java/deobfuscator"]
+	path = reverse_engineering/java/deobfuscator
+	url = https://github.com/java-deobfuscator/deobfuscator.git
--- a/exploit/sqli/sqli.md
+++ b/exploit/sqli/sqli.md
@ -149,6 +149,7 @@ sqlmap -r request.txt --batch
 ```sh
 sqlmap -u http://<target-IP>/site.php --forms --dump-all
 ```
+* [Get reverse shell via sqlmap](https://www.hackingarticles.in/shell-uploading-in-web-server-using-sqlmap/)


 |Parameter|Details|
--- a/forensics/oletools.md
+++ b/forensics/oletools.md
@ -0,0 +1,28 @@
+# oletools & Vmonkey
+
+* Analyze ooxml and ole2 files
+
+* [oletools repo](https://github.com/decalage2/oletools.git)
+
+## Usage
+
+* Check content of a stream
+```sh
+oledump.py file.doc  -Ss <No. of stream>
+oledump.py file.doc  -Ss <No. of stream> -v
+```
+```sh
+oledump.py -i file.doc
+```
+```sh
+olevba file.doc
+```
+
+## Vipermonkey
+* For the lazy ones
+```sh
+vmonkey file.doc
+```
+
+## scdbg
+* [scdbg repo](https://github.com/dzzie/SCDBG.git)
--- a/misc/active_directory/powerview.ps1
+++ b/misc/active_directory/powerview.ps1
--- a/misc/yara.md
+++ b/misc/yara.md
@ -0,0 +1,40 @@
+# Yara
+
+## Structure
+A rule consists of 
+    * Name
+    * Metadata
+    * String definitions
+    * Conditions on these strings
+
+## Example
+
+```sh
+rule eicar   {
+    meta:
+      author="foo"
+      description="eicar test virus"
+    strings:
+      $a="X5O"
+      $b="EICAR"
+      $c="ANTIVIRUS"
+      $d="TEST"
+    condition:
+      $a and $b and $c and $d
+  }
+```
+
+## Usage
+
+* Information about a rule, metadata or strings
+```sh
+yara -m <file.yara> <file.target>
+yara -s <file.yara> <file.target>
+```
+
+* Run Yara via
+```sh
+yara <file.yara> <file.target>
+```
+* If the name of the rule and the target is returned, the rule matched. Otherwise it did not match.
+
--- a/reverse_engineering/SCDBG
+++ b/reverse_engineering/SCDBG
@ -0,0 +1 @@
+Subproject commit 95dcf1d6a6072c6110dd99311b49d7734d17ce5e
--- a/reverse_engineering/java/krakatau.md
+++ b/reverse_engineering/java/krakatau.md
@ -0,0 +1,17 @@
+# Krakatau
+
+## Usage
+* Get bytecode from `jar` file
+```sh
+krakatau-disassemble -r file.jar -out dissassemble.zip
+```
+* Generate bytecode
+```sh
+krakatau-assemble -out result.jar -r dissassembled/
+```
+* Do changes to the bytecode
+* Compile jar file
+```sh
+java -cp result.jar <fileNameOfMainClass>
+```
+
				`@ -0,0 +1 @@`
				`Subproject commit 95dcf1d6a6072c6110dd99311b49d7734d17ce5e`