How-To
Introduction to WebAssembly
I’ve started seeing WebAssemly (WASM) stuff popping up in a few places, most notably CloudFlare’s recent anti-container isolated v8 workload stuff and I wanted to understand it a little better. Essentially, WebAssembly is a way to compile stuff to a browser-native binary format .wasm, which you can then load with JavaScript and interact with. Since this is binary, I wanted to start with a C program. Since it’s C, to…
Mallet in the Middle
I recently had an assessment reviewing a kiosk application. As I have been working on Mallet recently, this seemed like a perfect opportunity to put Mallet in between the kiosk and its upstream, and see how the kiosk worked. This is a practical walkthrough to help you replicate the setup for your own MitM needs. The initial state of the network The end result The hardware I used to achieve…
Abusing GDI Objects for ring0 Primitives Revolution
This post is an accompaniment to the Defcon 25 talk given by Saif. One of the core topics of the talk was the release of a new technique GDI object abuse technique, name Palette Objects. Saif presented a previously unreleased Windows 7 SP1 x86 exploit involving the abuse of a newly discovered GDI object abuse technique. A complete white-paper on the topic was released and can be found here: Whitepaper Both…
Advanced Cycript and Substrate
Mobile assessments are always fun as the environment is constantly evolving. A recent trend has been the use of custom protocols for communication between the application and server. This holds particularly true for financial institutes who are aiming to protect both the confidentiality and integrity of data. Most of these custom protocols are over TCP, wrap data in custom crypto, which usually includes signing of the payload to prevent tampering.…
Page 1 of 1