Aggregator

在某次的HW行动中，遇到某目标单位的数据库审计系统开放到了公网上，在尝试了默认口令口发现可以进入到后台。但是只是进入后台不足以完成任务，于是就开始了此次对此数据库审计系统的RCE挖掘之旅。

本文的测试目标是一个抓包的APP，可以使用hook或者代理的方式来获取高级功能，如解密HTTPS流量、重写HTTP请求以及重放等功能。由于个人账户（没有付费成为苹果开发者账号）的限制，注入打包后，无法正常使用抓包功能，因此算是一篇半成品，不过本文主要提供一些思路以及介绍一下数据之间的转换。

前段时间有这样一个需求，需要抓一下IOS端下appsflyer这个平台的数据，于是就帮忙看了一下。这里其实和APP没多大关系，需要接入appsflyer这个平台的APP就可以，然后将抓包获取的加密数据进行解密。

某CMS的验证码是简单的计算验证码，都是一位数的加减乘除运算，之前尝试用分割的方法识别，但成功率较低。后来采用了pytorch训练后进行识别，可以达到98%以上的识别率，于是整理一下过程，水一篇文章。

5月中旬的时候，猿人学举行了一个APP爬虫大赛，共设10题，主要涉及Android反混淆，双向认证，tls指纹对抗等技术。而且只需要答对一题就有参与奖，即可获得一件猿人学定制T恤。另外第一题不涉及so，仅涉及java层加密。为了T恤，立马去报了名参赛。

Great news!

An article about ropci is in the latest free issue of the Pentest Magazine!

The article has a lot more info then my ropci blog post or the info on the ropci Github repo.

Get your copy and check it out! It also has an article about Nuclei, one of my favorite tools.

Cheers.

Link: https://pentestmag.com/product/pentest-open-source-pentesting-toolkit

This post will highlight a pattern I have seen across multiple production Microsoft Azure Active Directory tenants which led to MFA bypasses using ROPC.

The key take-away: Always enforce MFA! Sounds easy, but there are often misconfigurations and unexpected exceptions. So, test your own AAD tenant for ROPC based MFA bypass opportunities.

Github: https://github.com/wunderwuzzi23/ropci

Update: The latest free issue of Pentest Magazine has a ropci article. Check it out.

San Jose, California, Oct. 19, 2022, Trustlook, the global leader of  AI-powered cybersecurity, today announced an integration with OKC (OKX Chain) an EVM-compatible L1 built on Cosmos with a focus on true interoperability (IBC) and maximized performance. Trustlook will provide their extensive portfolio of blockchain security products to OKC, which