移动安全
Black Hat Asia 2022议题解读:Unix Domain Socket:安卓生态系统中通往权限提升的暗门
作者:柯懂湘、曲乐炜、闫晗、林道正Unix Domain Socket (UDS)是安卓中重要的本地进程间通信方式之一,其自身具备访问控制能力,可以安全地传递通信数据。但...
Android APP漏洞之战—验证码漏洞挖掘详解
本文为看雪论坛优秀文章看雪论坛作者ID:随风而行aa一简介验证码漏洞也是当下十分常见的APP端漏洞,本文对验证码漏洞原理做了一个初步的讲解,并复现了当下一...
Android-Webview中的漏洞利用总结
本文主要讲解Android-WebView中的一个漏洞点,从介绍WebView到成功利用。通过复现ByteCtf2021中的一道漏洞题来对知识进行巩固。什么是 WebView?Android内置w...
Samsung Galaxy – Any App Can Install Any App In The Galaxy App Store
Product Galaxy Store Prior To Version 4.5.36.4 Severity High CVE Reference CVE-2022-28776 Type Automatic Application Install Description F...
Expanding Apple Ecosystem Access with Open Source, Multi Platform Code Signing
A little over one year ago, I announced a project to implement Apple code signing in pure Rust. There have been quite a number of developments sinc...
Extracting WhatsApp messages from an iOS backup
Hi everyone! ? I was recently exploring how to get a local backup of WhatsApp messages from my iPhone. I switched from Android to iOS in the past a...
wip untethered jailbreak for iOS 9.x (and later 10.x).
p0laris wip untethered jailbreak for iOS 9.x (and later 10.x). With love from spv. 原文始发于Github:wip untethered jailbr...
CVE-2022-28345:iOS 5.33.2 及以下版本 URI 欺骗攻击
CVE-2022-28345 Spoofed URL Bypass Title CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injectio...
Android APP漏洞之战—插件化漏洞和解压缩漏洞详解
本文为看雪论坛精华文章看雪论坛作者ID:随风而行aa一前言最近一直处于忙碌的状态,花了很长一段时间,抽出碎片时间才将这篇帖子写完,本文结合上文的动态...
分享一个Android通用svc跟踪以及hook方案
本文为看雪论坛优秀文章看雪论坛作者ID:阿碧暂时只支持ARM64,ARM32的逻辑也是一样,有兴趣的大佬可以自行更改。效果对 openat进行跟踪:对 recvfrom进行...