Overview: A little over a month ago, I wrote a blog post detailing how I found a kernel vulnerability in the FiiO M6 Hi-Fi MP3 player. I would recommend reading that post first, but to recap: T...
Rooting the FiiO M6 - Part 1 - Using the "World's Worst Fuzzer" To Find A Kernel Bug
Overview: A few months ago, I was cleaning off my hardware workbench when I came across my FiiO M6, an Android-based “portable high-resolution lossless music player”. I originally purchased the dev...
UAF and House Of Force Fun - ROMHack CTF Swordmaster Pwn Challenge
Swordmaster Pwn Challenge Overview: This challenge was part of the ROMHack CTF hosted on HackTheBox’s CTF platform. At the end of the 48 hour event, the challenge had roughly 10 solves. I was sadl...
Wavlink Command Injection - CVE-2022-23900
Wavlink Command Injection (CVE-2022–23900) TL/DR: The Wavlink WL-WN531P3 router exposes an API endpoint susceptible to command injection. This API endpoint is reachable without an authenticatio...
JWT Confusion and SSTI - CyberSanta CTF Naughty or Nice Web Challenge
Naughty Or Nice Web Challenge TL;DR: Getting the flag on this challenge requires two separate steps. First, we must obtain access to the admin account by exploiting a flaw in the JWT verification...
- 1
- 1 / 1