Cedric’s Cruft

  • Blog
  • Tools

Tracing API calls in Burp with Frida

A few weeks ago I was performing a security test on a mobile banking application. The application was using a framework that provided additional obfuscation and encryption on top of the TLS connection it used to communicate with the remote server. I used Frida to intercept and dump the plaintext requests/responses before the encryption took […]

Read Post
1469 days ago 3 Comments Uncategorized

SANS Holiday Hack Challenge 2015 writeup

In December 2015, the SANS institute released the Holiday Hack Challenge 2015. A whole storyline was created around the ATNAS corporation and their nefarious plans for Christmas. The hack challenge featured a gaming component, the quest, where you were placed in the Dosis neighborhood. During the quest you are asked to solve hacking challenges and […]

Read Post
1843 days ago 1 Comment Uncategorized

SECCON 2015 – Reverse engineering Android APK 2 – 400 writeup

This is a writeup for the SECCON 2015 CTF challenge “Reverse-Engineering Android APK 2” for 400 points. The hint was: “The key is stored in the application, but you will need to hack the server.“ First, I installed the APK to get a feel of what it did, there were only two functions implemented: registering […]

Read Post
1872 days ago Leave a reply Uncategorized

WordPress < 4.1.2 Stored XSS vulnerability

WordPress 4.1.2 is available as of April 21, 2015. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site (WP blog). tldr; mysql → special characters → truncation → input validation → output sanitisation → xss → time to update WordPress. Introduction: MySQL […]

Read Post
2099 days ago 72 Comments Uncategorized

Reverse engineering the HITB binary 100 CTF challenge

Disclaimer for legal people: “I” and “me” are nicknames in this blog post. They refer to a person who may or may not be me, myself, or I. During the HITB conference (Hack In The Box) in Amsterdam last week, a Capture The Flag challenge was organised. Six categories were available of which you could […]

Read Post
2423 days ago 1 Comment Uncategorized

Intercepting Android native library calls

Edit: at the time of writing, not many details could be disclosed as part of a responsible disclosure policy. The application in question was BlackBerry Messenger (com.bbm). BlackBerry did not respond to our findings. The full report is now available (unrevised version, including typos, mistakes, etc.). As part of a uni project, we’ve been busy […]

Read Post
2598 days ago 5 Comments Uncategorized Android, ARM, Dalvik, debugging, decompile, disassemble, gdb, LD_PRELOAD, loader, native libraries, shared object, SSL, wrap, Zygote
Recent Posts
  • Tracing API calls in Burp with Frida
  • SANS Holiday Hack Challenge 2015 writeup
  • SECCON 2015 – Reverse engineering Android APK 2 – 400 writeup
  • WordPress < 4.1.2 Stored XSS vulnerability
  • Reverse engineering the HITB binary 100 CTF challenge
Recent Comments
  • Tech En bref : une faille critique découverte dans WordPress | KANO on WordPress < 4.1.2 Stored XSS vulnerability
  • New Security Flaw Allows Attackers to Hijack WordPress Sites – My WordPress Website on WordPress < 4.1.2 Stored XSS vulnerability
  • Millions at risk with Critical WordPress Zero-day Vulnerability on WordPress < 4.1.2 Stored XSS vulnerability
  • h4niz on Tracing API calls in Burp with Frida
  • Millions at risk with Critical Wordpress Zero-day Vulnerability | MageShield | Secure & simple magento maintenance on WordPress < 4.1.2 Stored XSS vulnerability
Archives
  • January 2017
  • January 2016
  • December 2015
  • April 2015
  • June 2014
  • December 2013
© 2013-2017 Cedric Van Bockhaven