CVE-2025-59406

The Flock Safety Pisco com.flocksafety.android.pisco application 6.21.11 for Android installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices has a cleartext Auth0 client secret in its codebase. Because application binaries can be trivially decompiled or inspected,...

Our secret ingredient for reverse engineering

Nowadays, a lot of cybersecurity professionals use IDA Pro as their primary tool for reverse engineering. While IDA is a complex tool that implements a multitude of features useful for dissecting binaries, many reverse engineers use various plugins to add further functionality to this software. W...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-3130

CVE-2024-3130 affects CoolKit eWeLlink app prior to 5.4.x. The vulnerability is due to hard-coded credentials in the Android/iOS client, enabling a local attacker to access sensitive data via a decryption algorithm and a key obtainable after decompiling the app. Impact is confidential data exposu...

CVE-2024-3130 Insecure Data Storage leading to sensitive Information disclosure.

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CoolKit eWeLlink 安全漏洞

CoolKit eWeLlink is an application platform from CoolKit, Inc. It is used to connect to a wide range of smart hardware. A security vulnerability exists in CoolKit eWeLlink versions prior to 5.4.x, which stems from the presence of hard-coded credentials in the application, allowing a local attacke...

CVE-2023-25263

In Stimulsoft Designer Desktop 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating...

Stimulsoft 安全漏洞

Stimulsoft Stimulsoft Reports is an excellent set of reporting components for the .NET platform from Stimulsoft. NET platform for processing reports in JavaScript applications. A security vulnerability exists in Stimulsoft that stems from the ability to decrypt any connection string stored in an...

Design/Logic Flaw

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-0104

Weintek EasyBuilder Pro is affected by CVE-2023-0104 (ZipSlip via decompiling a malicious project file). Affected: v6.07.01 and prior, v6.07.02.479 and prior, v6.08.01.349 and prior. Risk: enables attackers to gain control of a user’s machine or access sensitive data. Mitigation: upgrade to v6.07...

CVE-2022-36782

Pal Electronics Systems - Pal Gate Authorization Errors. The vulnerability is an authorization problem in PalGate device management android client app. Gates of bulidings and parking lots with a simple button in any smartphone. The API was found after a decompiling and static research using Jadx,...

CVE-2021-43512

An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys...

Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks

APKLeaks prior to v2.0.4 allows remote authenticated attackers to execute arbitrary OS commands via package name inside the application manifest. Impact An authenticated attacker could include arguments that allow unintended commands or code to be executed, allow sensitive data to be read or...

NETGEAR XR1000 Trust Management Issue Vulnerability

The NETGEAR xr1000 is a router from Netgear, Inc. A hardware device that connects two or more networks and acts as a gateway between networks, the NETGEAR XR1000 device suffers from a security vulnerability that stems from the fact that NETGEAR XR1000 devices prior to 1.0.0.58 are subject to...

PMAT-labs - Labs For Practical Malware Analysis And Triage

Welcome to the labs for Practical Malware Analysis & Triage. WARNING Read this carefully before proceeding. This repository contains live malware samples for use in the Practical Malware Analysis & Triage course PMAT. These samples are either written to emulate common malware characteristics or a...

How to install Frida into an Android application

On a recent job I was testing a rather interesting piece of technology that had several server side checks but they wanted to add some additional security on the client side. Great!! One of these additional checks was to see if Frida was running on the device, this was proving a difficult nut to...

CVE-2021-21386 Improper Neutralization of Argument Delimiters in a Decompiling Package Process

APKLeaks is an open-source project for scanning APK file for URIs, endpoints & secrets. APKLeaks prior to v2.0.3 allows remote attackers to execute arbitrary OS commands via package name inside application manifest. An attacker could include arguments that allow unintended commands or code to be...

InjuredAndroid - A Vulnerable Android Application That Shows Simple Examples Of Vulnerabilities In A CTF Style

A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity. Setup for a physical device 1. Download injuredandroid.apk from Github 2. Enable USB debugging on your Android test phone. 3. Connect your phone and your pc with a usb cabl...

Zenly: Insecure Storage and Overly Permissive API Keys in Android App

Description: Most often Developers for their ease of use,leave API keys and some sensitive keys ,Tokens as hardcoded strings,which isn't really a good ideas as it can result in Leaks of sensitive information getting in Wrong Hands which indeed can results in Data theft and Tampering with how the...

50m-ctf: CTF write-up: c8889970d9fb722066f31e804e351993

So the CTF starts with this tweet. F434370 The first image is about the 50 million in bounties but the second one looks related to the CTF. The first thing that comes to mind when relating CTFs and images is "steganography". Using the all purpose steg tool zsteg as our first resort, we discover...