Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order to perform this, you just need to type “root” into the username field, leave the password blank, and hit the Enter a few times ( two or more) and […]

Pacemakers prone to getting hacked

Recently the The FDA and Homeland Security have issued alerts about vulnerabilities in 4,65,000 pacemakers. The devices can be remotely “hacked” to increase activity or reduce battery life, potentially endangering patients. Feasible vulnerabilities: Absence of memory and encryption: In such embedded devices there is a lack to support proper cryptographic encryption. Conventional cryptography suites are […]

Memory Forensics & Reverse Engineering : Thick Client Penetration Testing – Part 4

Static Analysis/ Reverse Engineering for Thick Clients Penetration Testing 4 Hi Readers, let’s take a look into static analysis. The advantage which thick clients offer over web applications are the ability to inspect the code and perform code level fuzzing which is more interesting for me! How to inspect code at a static level? There […]