Estimated difficulty: 💜💜💜🤍🤍 I must say, this months post had me struck with a little bit of writers block. Life has been busy, and I may or may not have frequented a BBQ or two whilst we have been blessed with a few rays of sunshine and a bank holiday Continue Reading
Android Attack: Intro to Frida
Estimated difficulty: 💜💜💜🤍🤍 What is Frida? Frida is a potent tool used by reverse engineers to perform several different tasks. It is open source and once downloaded includes an extensive tool suite. These tools are: Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. https://frida.re/ For this post, I wanted Continue Reading
Android Attack: JavaScript Interfaces and WebViews
Estimated difficulty: 💜💜🤍🤍🤍 This post will walk you through what a JavaScript interface is and how you might retrieve the Java object from the application into the application WebView using this method. A WebView is pretty much what it says on the tin. Android applications can define a WebView within Continue Reading
Shh! Weaknesses In Remote Management Protocols
Estimated difficulty: 💜🤍🤍🤍🤍 Recently I was studying for CRT. To help myself and others revise, I thought I would make this blog post on management protocols and some of their common weaknesses and vulnerabilities. This is a high-level overview of some of these protocols and how to exploit them. We Continue Reading
Understanding Unix File Permissions
Estimated difficulty: 💚🤍🤍 If you are a newbie in security and want to start learning about Unix, then this is a great post for you. This will be a quick fire post on file permissions. What do they mean and some of the vulnerabilities you might spot out in the Continue Reading
Bop to the Top: A Linux Priv Esc. Checklist
Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success Continue Reading
I’m in Chroot Jail, Get Me Out of Here!
Estimated Difficulty: 💜💜💜💜🤍 So you’ve hacked it. You got root. Or do you? What is a chroot jail? Chroot jails can fool attackers to think that they supposedly have immediate root privilege access to the environment. Chroot in Unix operating systems help change the apparent root (chroot) directory. I guess Continue Reading