Blog

Sayfer Blog

Blog about security, malware and how to make our internet Sayfer.

• What to Ask When Buying a Premium Penetration Test for Your Business?
  January 10, 2022
  
  What to Ask When Buying a Premium Penetration Test (PT) for Your Business? Finding a good and trusted penetration testing vendor is not an easy task, no matter what your needs may be. In this short article, we will go over the main aspects you should review when shopping for a ...
• IDOR – Insecure Direct Object Reference
  June 28, 2021
  
  Insecure Direct Object Reference or IDOR happens when an application inadvertently exposes private objects through user input. For example, a website may let you access private customer profiles by entering unique user IDs into the URL like this: https://example.com/account?id=32145 The danger, of course, is that an attacker might create a bot that ...
• Security Considerations During Authentication
  May 13, 2021
  
  One of the most prolific vectors for security vulnerabilities in applications and websites is authentication – login. Gaining access to important data and functionalities could be very profitable, so compromising users’ credentials are a prime target as we have seen in the past. Here are a couple of pitfalls to ...
• We Found a Pre-Released WhatsApp Feature
  April 21, 2021
  
  While researching WhatsApp web for a project that we’ll write about soon, we accidentally found that WhatsApp has a feature flag for a hidden feature – one that allows users to change the playback rate of voice messages. Broken Behavior One of our research tools allows us to change the playback rate ...
• 3 Vulnerabilities in Kaspersky-backed TinyCheck
  February 11, 2021
  
  In our latest research, we found 3 different vulnerabilities in TinyCheck, an open-source tool developed and published by Félix Aimé, one of Kaspersky’s GReAT experts. Each one of the vulnerabilities has a high severity by itself. Once combined into a chain, a remote attacker could exploit it to get an ...
• Fuzzing Part 2 – Fuzzing with AFL
  February 2, 2021
  
  As I wrote in the last chapter, in this article I will only explain how to fuzz when there’s access to the source code using AFL. To demonstrate, I took an old open-source program that I found on GitHub called ccalc. As the name suggests, it is a simple calculator ...
• Fuzzing Part 1: The Theory
  January 28, 2021
  
  Fuzzing First of all, what is fuzzing exactly? When we fuzz test a program or function that receives input (any type of input), we try different combinations of input until we get a crush or another desired result (frequently memory leaks). When a program doesn’t sanitize its input properly, malformed or ...
• Detecting Dynamic Loading in Android Applications With /proc/maps
  November 4, 2020
  
  TL;DR: Through dynamic loading, malware authors can covertly load malicious code into their application in order to avoid detection. We can detect such loading through the application’s /proc//maps kernel generated file.Recently, we created a simple script that allows us to detect dynamic loading in Android apps. This presented us with ...
• A Technical Analysis of the 4k Facebook Scam
  September 15, 2020
  
  tl;dr: Don’t trust webview logins on native apps, they can read your cookies and use them to their advantage. Following the Hacker News thread “How I lost €4k in a Facebook scam“, we reverse engineered the app to see how this happens. The new phishing wave Phishing. We all know it, we ...
• Android Firmware Exploitation – Unsigned Firmware in Samsung’s SoC CVE-2020-10831
  September 1, 2020
  
  TL;DR   We will explain how we exploited Android firmware using an undocumented kernel API that was found by reverse-engineering Samsung’s “Hidden Factory Settings” app.This API permits flashing unsigned firmware of Samsung’s touchscreen firmware.The CVE affects all Samsung S7-S10 series using exynos chipset. Inspiration   After reading project zero’s great article about exploiting WiFi firmware ...