May 30, 2019

Exploit POC for CSRF in JSON endpoints with Flash and redirects.

To exploit a CSRF issue on Json Endpoints the normal method of HTML forms wont work, as the Json Endpoint would expect a Content-Type header 'application/json'. Setting this header would require usage of XMLHttpRequests which would throw a OPTIONS pre-flight request to the vulnerable server. In short, it is not possible for a script on a particular domain to make a XMLHttpRequest call without the Pre-flight request.

There is a way we can do it using Flash and 307 redirects.
A very good writeup of this is available on Appseco Blog. I have created a online POC using the code they have published. Feel free to use this POC to test CSRF in such scenarioes without creating a setup on your machine. Here is the link to the POC - Exploit POC for CSRF in JSON endpoints with Flash and redirects.

May 05, 2014

APK to Readable Manifest Converter

Many a times we need to see what permissions an android app is asking for.
It is the AndroidManifest.xml file which stores the permissions and is a part of the Android Application Package (APK) file.
The file is decompressed and is not readable. We have bunch of helpful scripts/tools like apktools which can read this file.
This tool makes it easy to view the contents of 'AndroidManifest.xml' file online, by uploading an APK or decompressed Manifest file.
APK_Manifest_Converter

March 08, 2014

Android Security Fixes_Enhancements List

Android is a modern mobile platform that was designed to be truly open. Securing an open platform requires a robust security architecture and rigorous security programs.
                     Commercially we saw Android in Late 2009, when some of the vendors launched Android Based Mobile phone which Android Donut(1.6) and Eclair (2.0, 2.1). Since then the Operating System has Matured a lot in usability, features, security. Anant Shrivastava and Prashant Mahajan compiled a list of Android Security Fixes/Enhancements with corresponding versions.