INTRODUCTION WhatsApp Messenger is an application used across various Mobile Platforms for instant messaging. It uses the internet to send and receive audios, videos, documents, location details, messages etc. WhatsApp saves all the message of user onto a database file in crypt form, which means no one could read anyone’s private messages. WhatsApp uses crypt2, […]
Introduction Device binding is commonly used in android application for tracking a user’s device and ensure accountability. Some android application developers use this device id binding technique to uniquely identify users. When an application offers the discount promo code for user’s benefits, application acquires device attribute to track users against that specific promo code. In […]
Comma separated vulnerability also known as Formula Injection/csv injection. Introduction: This document demonstrates the CSV injection a technique for exploiting “Export to Spreadsheet” functionality. While working on some project, I have found this vulnerability in one of the Microsoft’s product i.e. CRM – Customer Relationship Management What is CRM? : It is a product by […]
This write-up summarizes a workshop/humla conducted by Ashfaq Ansari on the basics of various kinds of attacks available for exploiting the Windows Kernel as of this date. It describes and demonstrates some of the very common techniques to illustrate the impacts of bypassing Kernel security and how the same could be achieved by exploiting specific […]
Introduction Is your server protected against port scanning? The general answer will be “Yes, I have a firewall which restricts access to internal servers from the Internet.” What if I tell you I can still scan the ports on your server and your firewall wouldn’t know about it! If the web application running on a […]
The Meaning XE which stands for XML Entity is a standard for representing sets of data. Meanwhile, Entities are more like shortcuts to standard text or special characters e.g. wherever you see “X” replace it with “Y”. An entity can be declared either internal or external. An internal entity is defined in-line like a macro. […]
Introduction A remotely exploitable vulnerability was discovered by Stephane Chazelas of Akamai in the GNU Bash command shell. The vulnerability has been assigned the CVE identifier CVE-2014-6271. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The issue affects all UNIX and UNIX-like systems such as Linux […]
During a routine penetration testing engagement, we found an IIS webserver with HTTP methods (verbs) like PUT and DELETE enabled on it. During enumeration of the web server we figured it was configured to run PHP as well. The PUT method allows an attacker to place a file on the server. Uploading a web shell […]
Introduction Android is an open source operating system based on the Linux kernel, initially developed by Android Inc., which Google bought in 2005. Initially, Android was developed to support touch screen devices like smartphones. These devices support different types of screen locks, like swipe lock, PIN lock, pattern lock, gesture lock, facial lock, etc. Swipe […]
Browser Reconnaissance and Ex-filtration via Adaptive Compression of Hypertext (BREACH) Attack: Previously we learnt how CRIME attacks SSL/TLS using SSL/TLS compression. Now we look at a more recent attack called the BREACH attack. BREACH attack is quite similar to CRIME attack with subtle differences. This attack also leverages compression to extract data from a SSL/TLS […]
