Solving Team SIK's Android Hacking Event 2016 challenge
Team SIK is organizing a CTF based hacking event, to participate in which every hacker needs to reverse engineer four android apps (well, at least one of the...
All Posts
2016
2015
Converting IDA Pro graphs to images
It’s been a long time since my last post. I have been busy with work, and (thanks to IPR) could not post anything. This post is about a much needed feature i...
2013
AppMinder jailbreak detection analysis
Neso Lab’s AppMinder project is another attempt at providing jailbreak detection for enterprise iOS applications (and perhaps AppStore apps). It provides thr...
Dirty Harry: Hacking for free drinks in Singapore
Harry’s bar is one of the most popular bar chains in Singapore. It has an iOS app “Appy Hour” that lets users spin the Harry’s “wheel of fortune” to win free...
Assembling from scratch: Encoding BLX instruction in ARM / THUMB
If you have been working on x86 disassembly and moving on to ARM disassembly, one of the subtle differences you may notice is the lack of byte aligned opcode...
Exploiting File Uploads for Fun and Profit
So I have been working on web application security for past some time. I also happened to write an article titled “Exploiting File Uploads for Fun and Profit...
2009
httpdx 1.4 GET Request Remote Buffer Overflow Exploit (0day)
httpdx is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the h_handlepeer() function. By sending an overly long HTTP GET ...
HTMLDOC 'html' File Handling Remote Stack Buffer Overflow Exploit (Linux)
The vulnerability exists in HTMLDOC version 1.8.27 and earlier due to an unsafe call to sscanf() in the set_page_size() function in htmldoc/util.cxx. This ca...
VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability Exploit
A stack-based buffer overflow exists in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft...
FormatShield: A tool to defend against format string attacks
FormatShield is a library that intercepts call to vulnerable functions and uses binary rewriting to defend against format string attacks. It identifies the v...