logo
Android Stack Overflow Exploitation (ARMv7) - MobileHackingLab

Android Stack Overflow Exploitation (ARMv7) - MobileHackingLab

In this post, we explore an Android Stack Overflow vulnerability within a server-client chat messaging application. By analyzing the native code and leveraging vulnerabilities such as format string and stack buffer overflow, we develop an exploit using pwntools to gain control of the target system. Throughout the process, we also examine security features like RELRO, stack canaries, and NX to understand the defenses in place and how to bypass them.
8 minutes to read
Kousha Zanjani
Analyzing MSFVenom Android Payload (Malware)

Analyzing MSFVenom Android Payload (Malware)

MSFVenom is a versatile and widely used tool for generating payloads and shellcodes as part of the Metasploit Framework. It allows users to create customized payloads for various platforms, including Android, for penetration testing purposes. I want to analyze a bit of MSFVenom Android payload to better understand its structure and how it can be used to exploit vulnerabilities in Android devices.
6 minutes to read
Kousha Zanjani
NahamCon CTF 2022 Android Writeup (Solutions)

NahamCon CTF 2022 Android Writeup (Solutions)

Two days ago, I helped my friends to solve CTF NahamCon2022 challenges. I was wondering about Android challenges, so I focused on them. In this blog post, I’ll explain how I solved Android challenges. Mobilize This one was an easy challenge for beginners. Anyone could solve this. :)) I opened the APK file in Jadx-GUI. There was nothing in MainActivity. So I just searched in strings.xml, and there it is. FLAG!
4 minutes to read
Kousha Zanjani

Android Trust Wallet Stealer Malware Analysis

As far as technology improves, hackers do their best to abuse these technologies. Android became one of the most impressive technology and it’s going further. Hackers research Android Security every moment and Android malware spread more and more. There is a lot of malware that developed till today. I want to analyze an Android malware that is a Crypto Wallet Stealer. I have a sample which you can download it from HERE .
2 minutes to read
Kousha Zanjani