Skip to content

Instantly share code, notes, and snippets.

View apkunpacker's full-sized avatar

ApkUnpacker apkunpacker

636 followers · 104 following
View GitHub Profile
@apkunpacker
apkunpacker / Task-Hijacking-WhatsApp.md
Created February 14, 2026 16:47 — forked from win3zz/Task-Hijacking-WhatsApp.md
Task Hijacking Vulnerability in WhatsApp - Android

Task Hijacking Vulnerability in WhatsApp - Android

Around a year ago, I discovered a long-standing vulnerability in WhatsApp and other popular Android applications. Despite its existence for years, this vulnerability remained largely theoretical. To demonstrate its real-world impact, I successfully exploited it in WhatsApp, Facebook, and Facebook Lite. I promptly reported my findings to Facebook's Whitehat program. In this post, I'll share the details I provided to Facebook.

Don't want to read? Skip the technical details and watch the demo video here: https://youtu.be/1p3tehj3aUQ

Finding Description

While reviewing the WhatsApp Android application we have identified a misconfiguration in AndroidManifest.xml related to task control features. This misconfiguration leads to a critical vulnerability called task hijacking and enables the attack flow against the latest WhatsApp in Android-based phones.

In successful exploitation of the vulnerability, the malicious

@apkunpacker
apkunpacker / ipagrabber.py
Created July 26, 2025 14:18 — forked from h4x0r/ipagrabber.py
.IPA file extracter for Apple Configurator
import os
import shutil
"""
Steps to retrieve the IPA file from the Configurator app:
1. Install Apple Configurator from the Mac App Store and sign in
2. Connect your iOS device to your Mac
3. Select "Add > Apps..." and search for the app you want to install, click "Add"
4. The newer Apple Configurator deletes the IPA after installing it, so you'll need to use this tool to grab it
@apkunpacker
apkunpacker / extract-ipa.sh
Created July 26, 2025 14:18 — forked from und3fined/extract-ipa.sh
Extract IPA from Apple Configurator tools
#!/bin/zsh
# Save content as extract-ipa.sh file name
# chmod +x extract-ipa.sh
# Open terminal and run ./extract-ipa.sh <app id>
# App ID is Id in appstore url. Like https://apps.apple.com/cn/app/ai-app/id6447539504?l=en&uo=4
# App ID -> id6447539504
# Full command like: ./extract-ipa.sh id6447539504
WATCHED_DIR="$HOME/Library/Group Containers/K36BKF7T3D.group.com.apple.configurator/Library/Caches/Assets/TemporaryItems/MobileApps"
@apkunpacker
apkunpacker / ipagrabber.py
Created July 26, 2025 14:18 — forked from n0mi1k/ipagrabber.py
.IPA file extracter for Apple Configurator
import os
import shutil
"""
Steps to retrieve the IPA file from the Configurator app:
1. Install Apple Configurator from the Mac App Store and sign in
2. Connect your iOS device to your Mac
3. Select "Add > Apps..." and search for the app you want to install, click "Add"
4. The newer Apple Configurator deletes the IPA after installing it, so you'll need to use this tool to grab it
@apkunpacker
apkunpacker / repo-rinse.sh
Created July 1, 2025 11:16 — forked from nicktoumpelis/repo-rinse.sh
Cleans and resets a git repo and its submodules
git clean -xfd
git submodule foreach --recursive git clean -xfd
git reset --hard
git submodule foreach --recursive git reset --hard
git submodule update --init --recursive
@apkunpacker
apkunpacker / default.md
Created June 22, 2025 13:21 — forked from cablej/default.md
Cluely System prompt

<core_identity> You are an assistant called Cluely, developed and created by Cluely, whose sole purpose is to analyze and solve problems asked by the user or shown on the screen. Your responses must be specific, accurate, and actionable. </core_identity>

<general_guidelines>

  • NEVER use meta-phrases (e.g., "let me help you", "I can see that").
  • NEVER summarize unless explicitly requested.
  • NEVER provide unsolicited advice.
  • NEVER refer to "screenshot" or "image" - refer to it as "the screen" if needed.
  • ALWAYS be specific, detailed, and accurate.
@apkunpacker
apkunpacker / uncrackable_syscalls_4.ts
Created May 15, 2025 01:58 — forked from r3bb1t/uncrackable_syscalls_4.ts
Frida script for bypassing direct sycalls in uncrackable 4
class AntiAntiDebugV2 {
readonly fakeMapsFile: string;
/// This will be used for redirecting syscalls which are trying to open /proc/self/maps
readonly fakeMapsFileNamePtr: NativePointer;
readonly fridaRegex: RegExp;
readonly procSelfTaskStatusRe: RegExp;
readonly fakeFilePath: string;
readonly fakeFilePathPtr: NativePointer;
@apkunpacker
apkunpacker / agent loop
Created March 11, 2025 08:03 — forked from jlia0/agent loop
Manus tools and prompts
You are Manus, an AI agent created by the Manus team.
You excel at the following tasks:
1. Information gathering, fact-checking, and documentation
2. Data processing, analysis, and visualization
3. Writing multi-chapter articles and in-depth research reports
4. Creating websites, applications, and tools
5. Using programming to solve various problems beyond development
6. Various tasks that can be accomplished using computers and the internet
@apkunpacker
apkunpacker / pairip_analysis.js
Created March 4, 2025 01:25 — forked from Ahmeth4n/pairip_analysis.js
simple PairIP executeVM() analyzer frida script.
function hookNative() {
const jniOnLoad = moduleHandle.findExportByName("JNI_OnLoad");
if (!jniOnLoad) {
console.log("[-] JNI_OnLoad not found!");
return;
}
console.log("[+] JNI_OnLoad founded:", jniOnLoad);
@apkunpacker
apkunpacker / xcode-uninstall.sh
Created October 22, 2024 15:25 — forked from oxlb/xcode-uninstall.sh
SH file to uninstall Xcode from MacOS
killall Xcode
xcrun -k
xcodebuild -alltargets clean
rm -rf "$(getconf DARWIN_USER_CACHE_DIR)/org.llvm.clang/ModuleCache"
rm -rf "$(getconf DARWIN_USER_CACHE_DIR)/org.llvm.clang.$(whoami)/ModuleCache"
rm -rf /Applications/Xcode.app
rm -rf ~/Library/Caches/com.apple.dt.Xcode
rm -rf ~/Library/Developer
rm -rf ~/Library/MobileDevice
rm -rf ~/Library/Preferences/com.apple.dt.Xcode.plist