Estimated difficulty: 💜💜💜🤍🤍 I must say, this months post had me struck with a little bit of writers block. Life has been busy, and I may or may not have frequented a BBQ or two whilst we have been blessed with a few rays of sunshine and a bank holiday weekend. Either way, the blog …
Estimated difficulty: 💜💜💜🤍🤍 What is Frida? Frida is a potent tool used by reverse engineers to perform several different tasks. It is open source and once downloaded includes an extensive tool suite. These tools are: Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. https://frida.re/ For this post, I wanted to walk through some basic …
Estimated difficulty: 💜💜🤍🤍🤍 This post will walk you through what a JavaScript interface is and how you might retrieve the Java object from the application into the application WebView using this method. A WebView is pretty much what it says on the tin. Android applications can define a WebView within an Activity class in order …
Read more “Android Attack: JavaScript Interfaces and WebViews”
Estimated difficulty: 💜🤍🤍🤍🤍 Recently I was studying for CRT. To help myself and others revise, I thought I would make this blog post on management protocols and some of their common weaknesses and vulnerabilities. This is a high-level overview of some of these protocols and how to exploit them. We will cover the following: SSH …
Estimated difficulty: 💚🤍🤍 If you are a newbie in security and want to start learning about Unix, then this is a great post for you. This will be a quick fire post on file permissions. What do they mean and some of the vulnerabilities you might spot out in the wild. What are file permissions? …
Estimated Difficulty: 💜💜💜💜🤍 Congratulations, you’ve got a foothold!Now what? Bop to the Top and get yourself some Root! The following blog will detail my own personal checklist that I run through when attempting to privilege escalate in a Linux environment. From my personal experience, it has a fairly good success rate – but I’ll also …
Estimated Difficulty: 💜💜💜💜🤍 So you’ve hacked it. You got root. Or do you? What is a chroot jail? Chroot jails can fool attackers to think that they supposedly have immediate root privilege access to the environment. Chroot in Unix operating systems help change the apparent root (chroot) directory. I guess you could call it a …