Advanced Frida Usage Part 2 – Analyzing Signal and Telegram messages on iOS | 8kSec Blogs
Introduction In this blog post, we will explore the message objects in two popular chat applications: Signal and Telegram. We’ll take similar technical approaches to analyze them, and also learn how to inspect Swift strings, which differ from typical object types. Get ready for a straightforward yet insightful exploration into the world of chat application […]
iOS Deep Link Attacks Part 1 – Introduction | 8kSec Blogs
Introduction In Part 1 of this series on iOS Deep link attacks, we will explore how to recognize various types of deep link schemas used in iOS apps and identify potential vulnerabilities associated with them. The focus of this part will be to describe the different types of schemas and explain methods for identifying them. […]
Advanced Frida Usage Part 1 – iOS Encryption Libraries | 8kSec Blogs
Introduction Welcome to Part 1 of Advanced Frida Series. In this series, we will look at how we can unleash the power of Frida to do some advanced analysis of apps and daemons. The first part will dive into an analysis of a third party iOS library used for data encryption. iOS applications sometimes want […]
Android Deep Link issues and WebView Exploitation | 8kSec Blogs
Over the last few years, Android smartphones have become ubiquitous. We have millions of users relying on these devices for business and personal communication, entertainment, and work. With this rise in the use of Android smartphones, there has been a high uptick in the number of security vulnerabilities in the applications that can put users’ […]
The Application of Reinforcement Learning in Cyber Security | 8kSec Blogs
At 8ksec, we are dedicated to developing cutting-edge security technologies that help our clients protect their critical assets. One of the areas we are focused on is the development of a next-generation vulnerability scanning tool. Vulnerability scanning tools have been around for many years, but despite their widespread use, they still have some limitations. For […]
ARM64 Reversing And Exploitation Part 1 – ARM Instruction Set + Simple Heap Overflow | 8kSec Blogs
Hi Everyone ! In this blog series, we will be understanding the ARM instruction set and using that to reverse ARM Binaries followed by writing exploits for them. So let’s start with the basics of ARM64. ARM64 Intro ARM64 is a family of RISC (reduced instruction set computer) architecture. The distinguishing factor of a RISC […]
ARM64 Reversing and Exploitation Part 3 – A Simple ROP Chain | 8kSec Blogs
Return-oriented programming (ROP) allows an attacker to execute code in the presence of security defenses such as executable space protection and code signing using ROP Gadgets. More details about ROP can be found here. In this blog post, we will be writing a ROP Chain for the rop binary. The binaries for this article can be found here. Your […]
ARM64 Reversing and Exploitation Part 2 – Use After Free | 8kSec Blogs
In this blog post, we will be exploiting a Use-after-free vulnerability in the vuln binary. The binaries for this and the next article can be found here. This UaF challenge is based on the one used by Protostar Use-after-free vulnerabilities occurs on the use of heap allocated memory after it has been freed. This can lead to several unexpected behaviours, […]
