When reversing Android applications with native code, providing type
information to your reverse engineering tool can make a decompilation a lot
more readable.
As an example, the following snippet of code is the Ghidra decompiler output of
a function from the libfoo.so of UnCrack…
Read more...
Recently, I needed to compile a custom Android kernel for a research project
that required a newer kernel version (as well as a few kernel configs) than
what was available from the standard Android emulator images.
It took a while for me to get things working properly so here are…
Read more...
A vulnerability in the JSON parser used by Apache Mesos allows a remote
attacker to cause a crash in any Mesos component that parses JSON.
The impact of this bug is most likely denial-of-service against Apache Mesos
but may result in remote code execution in some circumstances.
A…
Read more...
Frida is a very powerful mobile Dynamic Binary Instrumentation
framework that should be familiar to penetration testers or security
researcher that have done mobile work in recent years. Frida works by
injecting a JS engine into the instrumented process and is typically
controlle…
Read more...
In 2018, there have been a bunch of open source projects from various companies
and communities that offer alternative container runtimes that claim to offer
better container isolation. Most of them plug in to the standard container /
Kubernetes ecosystem through the Open Contain…
Read more...