How-To

Introduction to WebAssembly

14 November 2018 ~5 min By Dominic White
How-To Howto Webassembly
I’ve started seeing WebAssemly (WASM) stuff popping up in a few places, most notably CloudFlare’s recent anti-container isolated v8 workload stuff and I wanted to understand it a little better. Essentially, WebAssembly is a way to compile stuff to a browser-native binary format .wasm, which you can then load with JavaScript and interact with. Simplest C Since this is binary, I wanted to start with a C program. Since it’s C, to avoid includes or C<->JS string handling, I’m just going to return 42 like other tutorials start with :)

Mallet in the Middle

10 October 2018 ~14 min By Rogan Dawes
How-To Howto Mitm
I recently had an assessment reviewing a kiosk application. As I have been working on Mallet recently, this seemed like a perfect opportunity to put Mallet in between the kiosk and its upstream, and see how the kiosk worked. This is a practical walkthrough to help you replicate the setup for your own MitM needs. The initial state of the network The end result

Abusing GDI Objects for ring0 Primitives Revolution

29 July 2017 ~15 min By saif
Analysis Defcon Exploit How-To Materials Reversing Windows
Exploiting MS17-017 EoP Using Color Palettes This post is an accompaniment to the Defcon 25 talk given by Saif. One of the core topics of the talk was the release of a new technique GDI object abuse technique, name Palette Objects. Saif presented a previously unreleased Windows 7 SP1 x86 exploit involving the abuse of a newly discovered GDI object abuse technique. A complete white-paper on the topic was released and can be found here: Whitepaper

Advanced Cycript and Substrate

18 March 2016 ~7 min By etienne
How-To Ios Mobile
Mobile assessments are always fun as the environment is constantly evolving. A recent trend has been the use of custom protocols for communication between the application and server. This holds particularly true for financial institutes who are aiming to protect both the confidentiality and integrity of data. Most of these custom protocols are over TCP, wrap data in custom crypto, which usually includes signing of the payload to prevent tampering. Even when transmitted over HTTPS, we have noticed a trend where data within the HTTP body gets encrypted and signed using some custom crypto. Both of these processes can greatly frustrate testers using standard network intercepting tools.