Posts

A quick k8s environment setup

  Introduction If you intend to thwart any attacks against your cloud environment, awareness and knowledge of the current and emerging threat landscape, attack vectors and attack paths are vital. Attackers generally start at poking at the externally hosted assets, they enumerate for its services, any domains, and sub-domains the company have, any web apps hosted on these domains, any mobile apps and sensitive information they leak, which hosting / cloud provider the apps are hosted on, does the company use any public Git repositories, the technology stack of the apps, and its supply chain. These knowledge gathering tasks we collectively call Open-Source Intelligence (OSINT) Gathering techniques. Attackers do not leave a stone unturned, after all they have all the time in their hands. Therefore, it becomes paramount for us cyber security folks to ensure we are top of the latest threats and exploits, this blog series is an attempt to present a catalogue of various cloud-based attacks

Extracting an IPA from a JB iDevice for Pentest

 This method works as of 5th Oct 2021 (note: for this method to work properly the app should run on JB devices)  1. Install IPA using testflight/app store 2. use https://github.com/ChiChou/bagbak to dump the encrypted IPA. 3. Zip the dumped Payload folder, rename it appropriately. 4. If you try to install using ideviceinstaller it will give an error: [...] Install: VerifyingApplication (40%)ERROR: Install failed. Got error "ApplicationVerificationFailed" with code 0xe8008019: Failed to verify code signature of /var/installd/Library/Caches/com.apple.mobile.installd.staging/temp.pJCcfd/extracted/Payload/xxx.app : 0xe8008019 (The application does not have a valid signature.) 5. Try sideloadly https://pangu8.com/sideloadly/ , resign it and voila! the app can be distributed.

Server Side Template Injection

Web App Pentesting - Server Side Template Injection What is it? Before we understand the attack, first lets understand what template engine is ( eh? colloquially lets understand how web template system would work? and lets not re-write what's already written, here is a link to Wikipedia -  https://en.wikipedia.org/wiki/Web_template_system ). So web template system consists of three main components.  1. Template Engine 2. Content Resource (DB etc) 3. Template Resource Lets select Django Template Engine (TE), it has two tasks to perform 1. Parsing the template engine language  2. And rendering it accordingly on a page Django (again that's the main TE) we are talking about here. Django has two TEs  1. Django Templates 2. Jinja2 ...to be continued.

The correct way to install Jython (for Burpsuite)

You need to install Jython the correct way in order to ensure some of the Burp plugins work correctly. Some of these Burp plugins depend on Python libraries for e.g. requests, so installing Jython and then using  $ wget https://repo1.maven.org/maven2/org/python/jython-installer/2.7.2/jython-installer-2.7.2.jar $ java -jar jython-installer-2.7.2.jar -s -d /path/to/install/jython -t standard Further for e.g. if you need requests install it like this: Download requests-2.25.1.tar.gz from the official repo ( https://pypi.org/project/requests/#files ), then go to that directory in terminal, and type the following command, java -jar /Users/brutus/Downloads/jython-standalone-2.7.2.jar setup.py install

So, I thought I drop in my life's lessons

Start again right now. The past is done, right now is what you control, so relieve yourselves, drop all that nonsense from you head, start again, right now! Be compassionate, learn to let it go, do not judge yourself, or anyone. Home is where you are - if you are from away land, you moved somewhere - wherever you are - that is home.  When in Rome be like a Roman, this does not always work. You are who you are, the person the beliefs the upbringing etc, you can't be that one black sheep amongst white sheep, or vice versa. You need to realise who you are and also appreciate the local culture. Love what you do, and be kind. Care everything, take care of yourselves, others around you. Have 'PRIDE' in everything you do. What is pride? think of it like - would you accept stale food when you go to a restaurant? you want some good quality right? so what ever you produce try to give the best shot, which enables you to be proud of. Be 'Loyal', to you, to the people aroun

Intercepting FireTV traffic using Burpsuite

 If you need to intercept Amazon FireTV traffic over Burpsuite, just follow these steps: 1. Create a new cert from Burp 2. Convert the cert to a pem file. openssl x509 -inform der -in cacert.der -out cacert.pem 3. Push the cert to the device adb push cacert.pem /storage/emulated/0/Download 4. Install the cert adb shell am start -a "android.intent.action.VIEW" -d "file:///storage/emulated/0/Download/cacert.pem" -t "application/x-x509-ca-cert" • Note at this time Amazon fire stick will prompt you to login to your Amazon Account, things may not working properly i.e. the typing stuff etc, so use SCRCPY to navigate the screens on your laptop. 5. Enable the proxy by using this view.  adb shell am start -n com.amazon.ssm/.ControlPanel Thank you - hope this post is helpful.

Are you root? NitoTV tvOS JB - Installing apps.

 Whilst installing an app on Jail broken AppleTV I was getting the following error: Process Failed runtime/cgo no info.plist URL Hello AppleTV, Im goNito, I'll be your new install manager. E. Could not open lock file /var/lib/dpkg/lock - open (2: No such file or directory) E. Unable to lock the administration directory (var/lib/dpkg), are you root?  To resolve this 1. Use the Revert Filesystem option on NitoTV. 2. Load AppleTV again, reset the device. 3. Re-Jail Break That's it.