InfoSec Blog

Perché la conoscenza

è condivisione.

Fiscal Printer Architecture

16/05/2022

Printing Fake Fiscal Receipts - An Italian Job p.2

Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.

8

Min

Fiscal Printer Architecture

19/04/2022

Printing Fake Fiscal Receipts - An Italian Job p.1

Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.

8

Min

SmartContract

05/04/2022

A Sneak Peek into Smart Contracts Reversing and Emulation

Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.

8

Min

Qiling

21/03/2022

Reversing embedded device bootloader (U-Boot) - p.2

In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.

4

Min

Qiling

08/03/2022

Reversing embedded device bootloader (U-Boot) - p.1

In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.

10

Min

Qiling

21/07/2021

QilingLab – Release

Release of the QilingLab challenge.

3

Min

Hunting for bugs in Telegram's animated stickers remote attack surface

16/02/2021

Hunting for bugs in Telegram's animated stickers remote attack surface

polict's 2020 journey in researching the lottie animation format, its integration in mobile apps and the vulnerabilities triggerable by a remote attacker against any Telegram user.

10

Min

ServiceStack JWT signature verification bypass

02/11/2020

Re-discovering a JWT Authentication Bypass in ServiceStack

ServiceStack in version 5.9.2 almost silently patched a vulnerability which allowed to bypass JWT signature.

2

Min

Example CVE-2020-11579 exploit run

28/07/2020

Sometimes they come back: exfiltration through MySQL and CVE-2020-11579

Walkthrough and exploitation of MySQL LOCAL INFILE accompanied by the release of a new open-source tool to exploit similar vulnerabilities.

2

Min

1-click RCE on Keybase

27/04/2020

1-click RCE on Keybase

Keybase client allowed inject arbitrary links with arbitrary protocols. This caused a Remote Command Execution on Windows and MacOS.

5

Min