Tracing API calls in Burp with Frida

A few weeks ago I was performing a security test on a mobile banking application. The application was using a framework that provided additional obfuscation and encryption on top of the TLS connection it used to communicate with the remote server. I used Frida to intercept and dump the plaintext requests/responses before the encryption took […]

Read Post
136 days ago Leave a reply Uncategorized

SANS Holiday Hack Challenge 2015 writeup

In December 2015, the SANS institute released the Holiday Hack Challenge 2015. A whole storyline was created around the ATNAS corporation and their nefarious plans for Christmas. The hack challenge featured a gaming component, the quest, where you were placed in the Dosis neighborhood. During the quest you are asked to solve hacking challenges and […]

Read Post
509 days ago Leave a reply Uncategorized

SECCON 2015 – Reverse engineering Android APK 2 – 400 writeup

This is a writeup for the SECCON 2015 CTF challenge “Reverse-Engineering Android APK 2” for 400 points. The hint was: “The key is stored in the application, but you will need to hack the server.“ First, I installed the APK to get a feel of what it did, there were only two functions implemented: registering […]

Read Post
539 days ago Leave a reply Uncategorized

WordPress < 4.1.2 Stored XSS vulnerability

WordPress 4.1.2 is available as of April 21, 2015. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site (WP blog). tldr; mysql → special characters → truncation → input validation → output sanitisation → xss → time to update WordPress. Introduction: MySQL […]

Read Post
766 days ago 68 Comments Uncategorized

Reverse engineering the HITB binary 100 CTF challenge

Disclaimer for legal people: “I” and “me” are nicknames in this blog post. They refer to a person who may or may not be me, myself, or I. During the HITB conference (Hack In The Box) in Amsterdam last week, a Capture The Flag challenge was organised. Six categories were available of which you could […]

Read Post
1090 days ago Leave a reply Uncategorized

Intercepting Android native library calls

Edit: at the time of writing, not many details could be disclosed as part of a responsible disclosure policy. The application in question was BlackBerry Messenger (com.bbm). BlackBerry did not respond to our findings. The full report is now available (unrevised version, including typos, mistakes, etc.). As part of a uni project, we’ve been busy […]

Read Post
1265 days ago 5 Comments Uncategorized , , , , , , , , , , , , ,