CVE-2022-24696 – Glance by Mirametrix Privilege Escalation

March 11, 2022

When investigating my laptop, I stumbled upon something interesting that resulted in privilege escalation. I use a Lenovo ThinkPad X1 Extreme Gen 1, which has an installed software named Glance, for my day-to-day work. The purpose of this software is to use the advanced web camera to figure out if you are speaking when the…

Read

Hacking the My Arcade Contra Pocket Player – Part I

December 9, 2021

Intro I was at my local Target recently and spotted the section near the video games, where there were some little collectable arcade systems and handhelds that play games like Pac-Man, Galaga, and Contra. Whenever I see these types of systems, I like to pick one up to tear it apart and see what’s inside….

Read

They’re Watching You! Protecting Yourself From Hidden Cameras

September 30, 2021

Hidden cameras, spy cameras, nanny cams—whatever you call them, you are under surveillance much more than you may realize. While outdoor perimeter cameras and doorbell cameras are commonplace and have been used for quite some time to monitor property, other nefarious hidden cameras are popping up all over the place. Generally, any camera placed inside…

Read

Introducing iHide – A New Jailbreak Detection Bypass Tool

September 2, 2021

Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. You can install iHide by adding the repo https://repo.kc57.com in Cydia or clicking here on an iOS device with Cydia installed. Additionally, you can check out the code and build/install it yourself if you prefer. Once installed, iHide will add…

Read

Introducing Proxy Helper – A New WiFi Pineapple Module

May 26, 2020

I have had several occasions when I’ve been performing a pentest against an Android or iOS application, attempting to monitor the traffic with Burp Suite, only to realize that the application is not respecting my proxy settings. Now, if you have a rooted or jailbroken device, there are some ways you can force the application…

Read

Intro to Macros and VBA for Script Kiddies

March 3, 2020

Introduction Why can’t I pwn my friends anymore? It seems like all my Metasploit magic is getting caught—even my modified, secret-sauce payloads. DEP. ASLR. EDRs. Sandboxes. Whitelists. It’s no fun anymore! So, you thought you were a 1337 h4x0r? You thought you had mad ‘sploit-writing, shell-popping skillz? First, you learned Python (so easy), then C…

Read

SIGINT to Synthesis

January 28, 2020

Not too long ago, I was at a hardware store and I came across some lights that I wanted to play with because I had a feeling they could be fun for Halloween and make for a decent blog post. Before I purchased the lights, I looked at their online manual and checked to see…

Read
SDR Entering the Noise Floor graphic

SDR: Entering the Noise Floor

February 25, 2019

First, I would like to preface this article by saying that gr-limesuite and the LimeSDR drivers are updated fairly regularly. Some of the issues that I have encountered in the past have been remedied by recent updates. With that said, the information in this article should remain relevant, but the pictures may vary with subsequent…

Read
card cloner graphic

Let’s Build a Card Cloner

October 23, 2018

This post isn’t attempting to present new research or a new device—that work has already been done, a la Bishop Fox. While an overall design was created, and many others have discussed building such a device, doing so can prove to be challenging. This post will provide you with all that is needed to fully…

Read
cyberspace

A Buyer’s Guide to Beginning SDR

October 22, 2018

For my first post on software-defined radios (SDRs), I’d like to start off by talking about a few things that most people find out through either experience or spending hours hunting on Google (or never figure out at all, and chalk the problem up to software bugs and hardware gremlins). One thing that I learned…

Read
  • Browse by Category

  • Clear Form