Following a visit to our area hospital, my wife received an email notifying her of an account that was setup on her behalf to facilitate payments online, presumably because she had elected to receive bills electronically when initially filling out her paperwork. It sounded a lot like a phishing email at first, so I started to look into it further. …
For most of us, the title of this post may not be very surprising. Any time we allow 3rd party scripts to run on our sites, we effectively relinquish control of the code that executes on the client. This is particularly important when integrating ad network scripts since they are inherently more dynamic than most other types of integrations, the cause of which is the …
I have written about some of my research into the Verizon My FiOS app in the past, including a vulnerability that compromised the email accounts of all users. I recently revisited this app after considering another possible attack vector against the My FiOS APIs. As a result, I identified a vulnerability that would have allowed an attacker to completely steal another …
The Docker craze is in full force and shows no signs of slowing down. Software containers seem to be one of the most significant game changers for DevOps since virtual machines. Docker’s development is active and its supporting projects (Compose, Machine, Swarm) are maturing quickly. Though the complete Docker ecosystem is interesting enough, Docker Compose has caught …
Every once in awhile, I’ll come across an app that implements some hardening techniques that make reversing a little more interesting. This was the case when I recently tried proxying the API requests for Yik Yak, a popular social media application exclusively available for mobile platforms that allows semi-anonymous user communication across a 5-mile radius (typically …
On my way home one night, I noticed a highway billboard sign whose lights had switched on as I drove past. It caught my attention and I wondered how those lighting systems were controlled (I mostly assumed either timers or daylight sensors). I researched it a bit and wasn’t surprised to find SmartLink which, as their website says, is …
About six months ago, United Airlines announced their Bug Bounty program and, almost immediately, it received a ton of press. Though I initially wasn’t interested in pursuing the program (mainly due to its popularity), I decided to take a look a week or two after its launch despite being late to the party. Shortly after, …
My wife and I were selling our home last year and we ended up being pretty satisfied with our Realtor team, partially due to their adoption of technology. One example was their use of ShowingTime, which is a Real Estate Showing Management System that, among other things, allows sellers to easily confirm or reschedule showing requests from an app or …
It’s great to see the increasing adoption of certificate pinning in Android apps. When I run into an app that throws connection errors while attempting to proxy requests, I tend to become more interested in diving deeper. Such was the case when I recently used the Subway app. Reversing the APK revealed cert pinning among some other interesting findings. Starting the app …
After my previous post regarding security concerns with the Z-Way home automation controller, John Matherly (founder of Shodan) messaged me that he was launching a scan of port 8083. I was interested to see if any of these devices had been put online publicly, so he sent me the results after the scan completed (thanks, John!). …
