Advanced root detection & bypass techniques

Introduction Welcome to another blog post in our series on Advanced Frida Usage. In this blog, we will explore techniques related to root detection on Android devices and methods to bypass it. Our main focus will be on the strategies employed by app developers to protect their applications and prevent them from running on compromised […]
ARM64 Reversing And Exploitation Part 7 – Bypassing ASLR and NX

Introduction Hello everyone! In this blog post, we will dive into bypassing ASLR and NX by exploiting a simple binary that contains both a format string vulnerability and a buffer overflow. But before we get into the details, there are a few things you need to have in place. Familiarity with ARM64 assembly instructions. Familiarity […]
Mobile Malware Analysis Part 2 – MasterFred

In this sequel, we dive into the enigmatic maneuvers of MasterFred, a notorious malware exploiting Android Accessibility services for its nefarious objectives. Beyond financial breaches, MasterFred infiltrates social networks and vital services. Hidden HTML overlays, crafty login pages, and a labyrinth of stratagems await within its digital arsenal.
ARM64 Reversing and Exploitation part 6 – Exploiting an Uninitialized Stack Variable Vulnerability

Hello everyone, In this blog post, we’ll look into uninitialized stack variables in ARM64. We explore the dangers posed by these seemingly innocent variables and their potential impact on software security. Prerequisites Familiarity with ARM64 assembly instructions. ARM64 environment with gef. Ability to read and understand C code. If you are new here, we recommend […]
Mobile Malware Analysis Part 1 – Leveraging Accessibility Features to Steal Crypto Wallet

Introduction Hi Everyone! Welcome to the first part of the blog series based on Mobile Malware Analysis where we will deep dive into the world of mobile malware, exploring its capabilities and shed light on the potential risks it poses to the user’s privacy and security. In this post, we will focus on malware that […]
Advanced Frida Usage Part 4 – Sniffing location data from locationd in iOS

Introduction Welcome to Part 4 of our Advanced Frida Usage series. In part three of our Frida blog posts, we went over what is XPC, how to use it, and how to intercept it with Frida. This blog post will discuss how to use XPC tools for this job, some of them are xpcspy and […]
Advanced Frida Usage Part 3 – Inspecting XPC Calls

Introduction In the last two blogs, we have discussed briefly how we can use Frida with applications, today we will cover briefly how to do that with the system binaries. Before we can proceed with the binaries, we first need to discuss XPC which is used as a means of communication between processes. XPC is […]
ARM64 Reversing And Exploitation Part 5 – Writing Shellcode | 8kSec Blogs

In this blog, we will be looking into writing ARM64 shellcodes. After reading this blog, you will get a good understanding of writing shellcodes for ARM64. What’s a shellcode? A Shellcode is simply a sequence of machine code or executable instructions designed to be injected into a computer’s memory to gain control over a running […]
ARM64 Reversing And Exploitation Part 4 – Using mprotect() to bypass NX Protection | 8kSec Blogs

Introduction Hello everyone! In this blog post, we’ll be exploring how to use mprotect() to bypass NX protection on ARM64. But before we get into the details, there are a few things you need to have in place. Familiarity with ARM64 assembly instructions. Familiarity with Exploiting Stack-based buffer overflow. Basics of ARM64 ROP chains. ARM64 […]
Android SELinux Internals Part I | 8kSec Blogs

This is part I of a 2 part series on Android SELinux Internals where we will do a deepdive into the world of SELinux on Android and understand its inner workings, along with its functionalities and benefits. We’ll discuss how SELinux provides security on Android devices and ways to bypass it. This is going to […]