β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A reverse engineering tool that'll supply the place of Cheat Engine for linux :
F E A T U R E S :
Memory searching: PINCE uses libscanmem to search the memory efficiently [Done]
Variable Inspection&Modification [Done/Basic]
CheatEngine-like value type support: Byte to 8 Bytes, Float, Double, Strings(including utf-8, utf-16, utf-32 and zero-terminate strings), Array of Bytes [Done]
Symbol Recognition: See here [Done]
Automatic Variable Allocation: See here [Done]
Dynamic Address Table: Supports drag&drop, recursive copy&pasting&inserting and many more [Done]
Manual Address Table Update: [Done]
Smart casting: PINCE lets you modify multiple different-type values together as long as the input is parsable. All parsing/memory errors are directed to the terminal [Done]
Continuous Address Table Update: You can adjust update timer or cancel updating by modifying settings. Non-stop version is Postponed\Quarterway Done [Done\Only works when the inferior is stopped]
Variable Locking: PINCE lets you freeze(constantly write a value to memory cell) variables [Planned]
Memory View [Done/Basic]
Infinite Scrolling: PINCE automatically disassembles the next available instruction(s) on mouse wheel/scrollbar move. Instruction count can be changed from settings. Hex View also supports this feature [Done]
Dissect Code: You can dissect desired memory regions to find referenced calls, jumps and strings. Disassemble screen will automatically handle the referenced data and show you if there's a referenced address in the current dissasemble view. It can be used from Tools->Dissect Code in the MemoryView window. Using its hotkey instead in the MemoryView window automatically dissects the currently viewed region. You can separately view referenced calls and strings after the search from View->Referenced Calls/Strings. Note: If you decide to uncheck 'Discard invalid strings' before the search, PINCE will try to search for regular pointers as well [Done]
Bookmarking: Bookmark menu is dynamically created when right clicked in the disassemble screen. So unlike Cheat Engine, PINCE lets you set unlimited number of bookmarks. List of bookmarks can also be viewed from View->Bookmarks in the MemoryView window. Commenting on an address automatically bookmarks it. [Done]
Modify on the fly: PINCE lets you modify registers on the fly. Unlike CE, you can also change XMM and FPU registers. Check GDB expressions in the Wiki page for additional information [Done]
Opcode Search: You can search opcodes with python regular expressions. To use this feature, click Tools->Search Opcode in the MemoryView window. [Done]
Debugging [Done/Basic]
Has basic debugging features such as stepping, stepping over, execute till return, break, continue. Also has breakpoints, watchpoints and breakpoint conditions. Has advanced debugging utilities such as Watchpoint/Breakpoint Tracking and Tracing
Chained Breakpoints: Just like CE, PINCE allows you to set multiple, connected breakpoints at once. If an event(such as condition modification or deletion) happens in one of the breakpoints, other connected breakpoints will get affected as well [Done]
Watchpoint Tracking: Allows you to see which instructions have been accessing to the specified address, just like "What accesses/writes to this address" feature in CE [Done]
Breakpoint Tracking: Allows you to track down addresses calculated by the given register expressions at the specified instruction, just like "Find out what addresses this instruction accesses" feature in CE with a little addon, you can enter multiple register expressions, this allows you to check the value of "esi" even if the instruction is something irrelevant like "mov [eax],edx" [Done]
Tracing: Almost the same with CE. But unlike CE, you can stop tracing whenever you want. Created from scratch with shittons of custom features instead of using gdb's trace&collect commands because some people have too much time on their hands [Done]
π¦A reverse engineering tool that'll supply the place of Cheat Engine for linux :
F E A T U R E S :
Memory searching: PINCE uses libscanmem to search the memory efficiently [Done]
Variable Inspection&Modification [Done/Basic]
CheatEngine-like value type support: Byte to 8 Bytes, Float, Double, Strings(including utf-8, utf-16, utf-32 and zero-terminate strings), Array of Bytes [Done]
Symbol Recognition: See here [Done]
Automatic Variable Allocation: See here [Done]
Dynamic Address Table: Supports drag&drop, recursive copy&pasting&inserting and many more [Done]
Manual Address Table Update: [Done]
Smart casting: PINCE lets you modify multiple different-type values together as long as the input is parsable. All parsing/memory errors are directed to the terminal [Done]
Continuous Address Table Update: You can adjust update timer or cancel updating by modifying settings. Non-stop version is Postponed\Quarterway Done [Done\Only works when the inferior is stopped]
Variable Locking: PINCE lets you freeze(constantly write a value to memory cell) variables [Planned]
Memory View [Done/Basic]
Infinite Scrolling: PINCE automatically disassembles the next available instruction(s) on mouse wheel/scrollbar move. Instruction count can be changed from settings. Hex View also supports this feature [Done]
Dissect Code: You can dissect desired memory regions to find referenced calls, jumps and strings. Disassemble screen will automatically handle the referenced data and show you if there's a referenced address in the current dissasemble view. It can be used from Tools->Dissect Code in the MemoryView window. Using its hotkey instead in the MemoryView window automatically dissects the currently viewed region. You can separately view referenced calls and strings after the search from View->Referenced Calls/Strings. Note: If you decide to uncheck 'Discard invalid strings' before the search, PINCE will try to search for regular pointers as well [Done]
Bookmarking: Bookmark menu is dynamically created when right clicked in the disassemble screen. So unlike Cheat Engine, PINCE lets you set unlimited number of bookmarks. List of bookmarks can also be viewed from View->Bookmarks in the MemoryView window. Commenting on an address automatically bookmarks it. [Done]
Modify on the fly: PINCE lets you modify registers on the fly. Unlike CE, you can also change XMM and FPU registers. Check GDB expressions in the Wiki page for additional information [Done]
Opcode Search: You can search opcodes with python regular expressions. To use this feature, click Tools->Search Opcode in the MemoryView window. [Done]
Debugging [Done/Basic]
Has basic debugging features such as stepping, stepping over, execute till return, break, continue. Also has breakpoints, watchpoints and breakpoint conditions. Has advanced debugging utilities such as Watchpoint/Breakpoint Tracking and Tracing
Chained Breakpoints: Just like CE, PINCE allows you to set multiple, connected breakpoints at once. If an event(such as condition modification or deletion) happens in one of the breakpoints, other connected breakpoints will get affected as well [Done]
Watchpoint Tracking: Allows you to see which instructions have been accessing to the specified address, just like "What accesses/writes to this address" feature in CE [Done]
Breakpoint Tracking: Allows you to track down addresses calculated by the given register expressions at the specified instruction, just like "Find out what addresses this instruction accesses" feature in CE with a little addon, you can enter multiple register expressions, this allows you to check the value of "esi" even if the instruction is something irrelevant like "mov [eax],edx" [Done]
Tracing: Almost the same with CE. But unlike CE, you can stop tracing whenever you want. Created from scratch with shittons of custom features instead of using gdb's trace&collect commands because some people have too much time on their hands [Done]
Collision Detection: GDB normally permits setting unlimited watchpoints next to each other. But this behaviour leads to unexpected outcomes such as causing GDB or the inferior become completely inoperable. GDB also doesn't care about the number(max 4) or the size(x86->max 4, x64->max 8) of hardware breakpoints. Fortunately, PINCE checks for these problems whenever you set a new breakpoint and detects them before they happen and then inhibits them in a smart way. Lets say you want to set a breakpoint in the size of 32 bytes. But the maximum size for a breakpoint is 8! So, PINCE creates 4 different breakpoints with the size of 8 bytes and then chains them for future actions [Done]
Code Injection [Working on it]
Run-time injection: Only .so injection is supported for now. In Memory View window, click Tools->Inject .so file to select the .so file. An example for creating .so file can be found in "libPINCE/Injection/". PINCE will be able to inject single line instructions or code caves in near future [Partially Done?]
GDB Console [Done]
Is the power of PINCE not enough for you? Then you can use the gdb console provided by PINCE, it's on the top right in main window
Simplified/Optimized gdb command alternatives [Working on it]
Custom scripts instead of using gdb's x command for reading memory [Done]
Custom scripts instead of using gdb's set command for modifying memory [Done]
libPINCE- A reusable python library
PINCE provides a reusable python library. You can either read the code or check Reference Widget by clicking Help->libPINCE in Memory Viewer window to see docstrings. Contents of this widget is automatically generated by looking at the docstrings of the source files. PINCE has a unique parsing technique that allows parsing variables. Check the function get_comments_of_variables in SysUtils for the details. This feature might be replaced with Sphinx in the future
Extendable with .so files at runtime
See here
Automatic Trainer Generation: [Planned]
PINCE provides a trainer auto-generated from current address table on demand by using libPINCE and PyQT5 together
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Clone this repo by running git clone --recursive https://github.com/korcankaraokcu/PINCE then run sudo sh install_pince.sh in the PINCE directory. Install script currently supports Ubuntu and Debian. For Archlinux, use the AUR package instead.
2) For developers:
sudo apt-get install qttools5-dev-tools (qt5 form designer)
sudo apt-get install pyqt5-dev-tools (pyuic5)
sudo pip3 install line_profiler (for performance testing)
How to use line_profiler: Add @profile tag to the desired function and run PINCE with sudo kernprof -l -v PINCE.py
MORE USAGE ON GIT LINK
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Code Injection [Working on it]
Run-time injection: Only .so injection is supported for now. In Memory View window, click Tools->Inject .so file to select the .so file. An example for creating .so file can be found in "libPINCE/Injection/". PINCE will be able to inject single line instructions or code caves in near future [Partially Done?]
GDB Console [Done]
Is the power of PINCE not enough for you? Then you can use the gdb console provided by PINCE, it's on the top right in main window
Simplified/Optimized gdb command alternatives [Working on it]
Custom scripts instead of using gdb's x command for reading memory [Done]
Custom scripts instead of using gdb's set command for modifying memory [Done]
libPINCE- A reusable python library
PINCE provides a reusable python library. You can either read the code or check Reference Widget by clicking Help->libPINCE in Memory Viewer window to see docstrings. Contents of this widget is automatically generated by looking at the docstrings of the source files. PINCE has a unique parsing technique that allows parsing variables. Check the function get_comments_of_variables in SysUtils for the details. This feature might be replaced with Sphinx in the future
Extendable with .so files at runtime
See here
Automatic Trainer Generation: [Planned]
PINCE provides a trainer auto-generated from current address table on demand by using libPINCE and PyQT5 together
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Clone this repo by running git clone --recursive https://github.com/korcankaraokcu/PINCE then run sudo sh install_pince.sh in the PINCE directory. Install script currently supports Ubuntu and Debian. For Archlinux, use the AUR package instead.
2) For developers:
sudo apt-get install qttools5-dev-tools (qt5 form designer)
sudo apt-get install pyqt5-dev-tools (pyuic5)
sudo pip3 install line_profiler (for performance testing)
How to use line_profiler: Add @profile tag to the desired function and run PINCE with sudo kernprof -l -v PINCE.py
MORE USAGE ON GIT LINK
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - korcankaraokcu/PINCE: Reverse engineering tool for linux games
Reverse engineering tool for linux games. Contribute to korcankaraokcu/PINCE development by creating an account on GitHub.
UNDERCODE COMMUNITY
Photo
FOR HACK ANY GAME, use for offline games (legal)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦API FOR TRACKING
Currently, the following APIs are implemented:
-
-
-
-
-
-
-
-
-
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦API FOR TRACKING
Currently, the following APIs are implemented:
-
cellocation: [Cellocation.com API (China)](http://www.cellocation.com/interfac/)-
gpsspg: [GPSspg.com API (China)](http://www.gpsspg.com/api/bs/)-
google: [Google Geolocation API](https://developers.google.com/maps/documentation/geolocation/intro)-
haoservice: [HaoService.com API (China)](http://www.haoservice.com/docs/1)-
mozilla: [Mozilla Geolocation API](https://location.services.mozilla.com/api)-
mylnikov: [Mylnikov Geolocation API](https://www.mylnikov.org/archives/1059)-
opencellid: [OpenCellID API](http://opencellid.org/)-
unwiredlabs: [UnwiredLabs Location API](https://unwiredlabs.com/)-
yandex: [Yandex Geolocation API (Russian)](https://tech.yandex.ru/locator/doc/dg/api/geolocation-api_json-docpage/)@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google for Developers
Geolocation API overview | Google for Developers
Find location based on cell towers and WiFi nodes. Learn the protocol to send this data to the server and to return a response to the client.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β