Estimated difficulty: 💜💜💜🤍🤍 Oh no, it’s another one from the MOBster series coming to get you! Hide… Run… Read with intrigue! This post is covering, M2: Insecure Data Storage, the second listing from the OWASP Top 10 Mobile Risks list. The last post in the MOBster series covered M1: Improper Platform Usage. Insecure data storage …
Estimated difficulty: 💜💜💜💜🤍 Welcome back to the MOBster series! The last post I published, covered the different aspects of an APK file – otherwise known as an app. This post I want to take some of these principles a step further and look at the possible effects of a misconfigured app! Following the guidelines of …
Read more “What’s that coming over the hill? Is it a MOBster, is it a MOBster!?”
Estimated difficulty: 💜💜💜🤍🤍 This week I wanted to write the first post of a mini mobile application reverse engineering series! There has been a lot of attention in the news about apps such as TikTok and the COVID-19 NHS track and trace app, where they have been shown to have certain security flaws. By writing …
Estimated Difficulty: 💜💜💜🤍🤍 Recon, Recon, Recon One of the most important phases of an attack, is the reconnaissance phase. Often abbreviated to recon, this phase usually consists of a variety of process and techniques to collect information about a target system. This phase may also be known as “Information Gathering” as the main goal is …
Read more “They See Me Scannin’, They Hatin’: A Beginner’s Guide to Nmap”
Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success rate – but I’ll also …
Estimated Difficulty: 💜💜💜💜🤍 So you’ve hacked it. You got root. Or do you? What is a chroot jail? Chroot jails can fool attackers to think that they supposedly have immediate root privilege access to the environment. Chroot in Unix operating systems help change the apparent root (chroot) directory. I guess you could call it a …