Posts

8ksec - AndroPseudoProtect: Ultimate Device Security # Exploiting Exported Components and Bypassing Security By Obscurity Mechanisms # The goal of this exercise was to develop an android application that exploits Android’s IPC by disabling AndroPseudoProtect.apk’s security functionality. My initial thought process was that this would likely involve exploiting improperly exposed components. Specifically, if sensitive components are configured with exported=true, an attacker application could potentially access internal functionality via Inter-Process Communication (IPC), manipulate behavior, and bypass security controls. This assumption proved to be correct. Installing and Running the App # Upon launching the app, the application asks for access to all files.

GOAL: Intercept network traffic in FactsDroid and view/modify the API requests and responses between FactsDroid and the backend server without statically patching the provided APK. The objective is to successfully implement a Man-in-The-Middle (MITM) attack that allows you to manipulate the facts being displayed to the user, potentially inserting custom content or modifying the retrieved facts before they reach the application. Upon installing the app using adb install factsdroid.apk, I immediately see this error message when launching the app: In order to bypass the root check, I injected the Frida anti-root script into my APK: frida -U --codeshare dzonerzy/fridantiroot -f com.

Android Pentesting # To sharpen my skills, I recently took a deep dive into AndroGoat—a deliberately insecure Android application designed to showcase the most common OWASP Mobile Top 10 vulnerabilities. In this post, I’ll walk through how I combined both static and dynamic analysis to uncover hardcoded secrets, bypass security checks with Frida, and extract sensitive data from local storage. My pentesting toolkit: My pentesting tookit included: Jadx-GUI: For decompiling and reading Java/Kotlin source code. The Android Debug Bridge (adb)**: The “command line” for interacting with the emulator on android studio. Frida: For dynamic instrumentation. Instrumentation is the art of imjecting new functionality to the application at runtime e.

3 Critical Database Command Injection Security Threats # For software engineers, it may be easy to assume that no hacker would target our app since it isn’t big or well known. This attitude can lead to recklessness and lower measures for securing data on an app. However, it’s important to remember that security begins at the design phase. Database security is about protecting the “CIA Triad”: Confidentiality, Integrity, and Availability. In this blog post, you’ll learn about the core database threats that jeopardize the CIA triad principles. By the end of the post, you’ll have learned about the following topics:

The objective of this lab is to build on our understanding of secure programming in C by analyzing, enhancing, and securing the functionality of the program from Project Lab 1, with a focus on identifying and mitigating vulnerabilities and improving resilience against attacks like fuzzing. This lab focuses on identifying vulnerabilities in the source code, applying and validating patches, and proposing future best practices to prevent similar issues. Additionally, we will analyze the code using security analysis tools (cppcheck) to find out about the vulnerabilities in code. After compiling the project, we will inspect the resulting binary in Ghidra to identify similarities and differences, which will further inform our understanding of the program’s security and allow us to apply effective mitigations.

Users desire apps that run smoothly, load fast, and don’t crash. But what determines an app’s performance? There are two key factors: performance and memory usage. Performance refers to how fast your app loads for users. Memory footprint is the amount of system memory your app uses. If your app is slow or hogs too much memory, users won’t stick around. That’s where optimizing your Ruby on Rails app becomes essential. In this article, we’ll explore techniques that enhance performance and reduce memory usage, ensuring user satisfaction and the success of your app. Understanding performance and memory footprint # The performance of an app refers to how fast your app loads for the end-users.

Introduction # The objective of this lab is to build on our understanding of secure programming in C by analyzing, enhancing, and securing the functionality of the program from Project Lab 1, with a focus on identifying and mitigating vulnerabilities and improving resilience against attacks like fuzzing. This lab focuses on identifying vulnerabilities in the source code, applying and validating patches, and proposing future best practices to prevent similar issues. Additionally, we will analyze the code using security analysis tools (cppcheck) to find out about the vulnerabilities in code. After compiling the project, we will inspect the resulting binary in Ghidra to identify similarities and differences, which will further inform our understanding of the program’s security and allow us to apply effective mitigations.

Getting Started With GET Curl Commands # Introduction to curl # A curl command is a tool used on the terminal to make network requests using various protocols. curl is designed to aid with the data transfer to and from a server without the need for a web browser. With curl ,you can upload or download files, send requests to API endpoints to simulate user interaction from the terminal using a supported protocol such as HTTPs, FTP, and more. Explanation of GET requests Webpages display content to the end-user by requesting for resources from the server.These requests are commonly made using a GET HTTP request, often accompanied by query parameters when necessary.

For software engineers, it may be easy to assume that no hacker would target our app since it isn’t big or well known. This attitude can lead to recklessness and lower measures for securing data on an app. However, it’s important to remember that data collected by an organization is very valuable. There can also be legal consequences in terms of lawsuits against the business that ensue from leakage of a user’s personally identifiable information (PII). What Is Excessive Data Exposure? # Excessive data exposure occurs when an API response returns more data than the client needs. As a rule of thumb, if a client application needs three fields, for example, you shouldn’t return the whole object.