logo
Android Stack Overflow Exploitation (ARMv7) - MobileHackingLab

Android Stack Overflow Exploitation (ARMv7) - MobileHackingLab

In this post, we explore an Android Stack Overflow vulnerability within a server-client chat messaging application. By analyzing the native code and leveraging vulnerabilities such as format string and stack buffer overflow, we develop an exploit using pwntools to gain control of the target system. Throughout the process, we also examine security features like RELRO, stack canaries, and NX to understand the defenses in place and how to bypass them.
8 minutes to read
Kousha Zanjani
Analyzing MSFVenom Android Payload (Malware)

Analyzing MSFVenom Android Payload (Malware)

MSFVenom is a versatile and widely used tool for generating payloads and shellcodes as part of the Metasploit Framework. It allows users to create customized payloads for various platforms, including Android, for penetration testing purposes. I want to analyze a bit of MSFVenom Android payload to better understand its structure and how it can be used to exploit vulnerabilities in Android devices.
6 minutes to read
Kousha Zanjani
NahamCon CTF 2022 Android Writeup (Solutions)

NahamCon CTF 2022 Android Writeup (Solutions)

Two days ago, I helped my friends to solve CTF NahamCon2022 challenges. I was wondering about Android challenges, so I focused on them. In this blog post, I’ll explain how I solved Android challenges. Mobilize This one was an easy challenge for beginners. Anyone could solve this. :)) I opened the APK file in Jadx-GUI. There was nothing in MainActivity. So I just searched in strings.xml, and there it is. FLAG!
4 minutes to read
Kousha Zanjani

Android Trust Wallet Stealer Malware Analysis

As far as technology improves, hackers do their best to abuse these technologies. Android became one of the most impressive technology and it’s going further. Hackers research Android Security every moment and Android malware spread more and more. There is a lot of malware that developed till today. I want to analyze an Android malware that is a Crypto Wallet Stealer. I have a sample which you can download it from HERE .
2 minutes to read
Kousha Zanjani

TeamTNT Miners in the Wild

Last night my friend and I were Looking for some Redis NOSQL (Because Most of them do not have any authentication of course 😆) in Shodan and Censys for Bug Hunting. I’ve found some interesting things which led me to write this blog post. Most of the Redis seemed to be exploited and infected with a Miner by TeamTNT. I used shodan query port:6379 to find Redis services. Redis has a tool called redis-cli which lets you interact with Redis servers.
3 minutes to read
Kousha Zanjani

postMessage and Misconfigurations

I’ll discuss the postMessage feature and how it can be vulnerable by wrong way implementation. First I’m going to talk about what is postMessage feature actually, then we are going to code and use it, at the end we will take a look at vulnerabilities. What is postMessage? postMessage() is a feature introduced in HTML5 and you can use it in JavaScript. This feature lets you send data between different Window objects (it can be an iframe or window.
6 minutes to read
Kousha Zanjani

Lemon Duck Malware

A month ago I’ve got a Log from a company (we will call it victim corp from now) that it was detected as a malicios activity. What I’ve got from that report log was just an URL, Funny right?! :)) I’ve start to google dork it. After some search and googling I’ve found some URLs and one of them was from app.any.run website which is one of the best sandbox for malware analysis and downloading samples.
5 minutes to read
Kousha Zanjani

Extract PNG Malware from PCAP File

I want to talk about How I detected and extracted PNG malware from a PCAP file. What we will cover in this post: Introduction to Packet Analysis Introduction to Wireshark Detect Malicious Network Traffic Partial Content Responses Impact of Connection Problems Extract Malicious File from HTTP for analysis and Reverse Engineering Nowadays cyber attacks have become more sophisticated. The use of malware is increasing, Malware comes in many forms such as:
6 minutes to read
Kousha Zanjani

My FreeBSD Journey

I’m a GNU/Linux user and I had Arch/Fedora/… distributions for a while. I was passionate about BSDs especially FreeBSD. It has a devil-like logo (Beastie :)) which is cute and I like it. So I decided to share my experience when I installed it on my laptop as the main OS. After installation, I had a Terminal which is not a good idea when you’re using an OS as your daily/Personal OS, which made me install a GUI.
4 minutes to read
Kousha Zanjani