Home
R3zk0n
Cancel

Misconfigured Microsoft Content Provider

Insecure content providers in com.microsoft.launcher While conducting security research,and focusing on Android application userland bugs I uncovered a intresting vulnerability within the com.micro...

ServiceNow Insecure Access Control To Full Admin Takeover

ServiceNow Insecure Access Control leading to Administrator Account Takeover - CVE-2022-43684 In this article, we will discuss a series of vulnerabilities that when exploited in succession, could ...

JetEngine < 3.1.3.1 - Author+ Remote Code Execution

The plugin includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability. Proof of Concept - JetEngine Author+ Include() RCE ...

SwitchResX Vulnerability

SwitchResX Vulnerability During my time testing I come across some interesting applications and always wonder how they do some of the communications to various operating systems. One day I came a...

Improper access control in Factory Camera

Intent Redirection in Galaxy Store

The NTLM Exchange

The NTLM Exchange. Recently Orange Tsai discovered a great chain of bugs leading to remote code execution from an unauthenticated user in Microsoft Exchange which was widely named as Proxylogon (...

XSS Encoding Generator

Quite often @wireghoul bugs me to blog post about various topics and things I have learnt over the years of a penetration testing. So here is the first post of 2021! It is quite short but hopefull...

Enter The Realm

Enter The Realm During my time as a penetration tester who enjoys mobile testing I have come across a number of different databases. These include SQLite, SQLCipher, Firebase and Realm. In one pa...

BadBinder Emulator Root

During a recent mobile audit engagement I was on I was faced with a typical problem that most mobile researchers and bug bounties hunters face. A number of protections were implemented in the mobi...