Sharing Ideas on Strong Network Cup S8 Rust Pwn Chat-With-Me Problem

Sharing Ideas on Strong Network Cup S8 Rust Pwn Chat-With-Me Problem

1 Problem-Solving Ideas The final number of solutions for this problem is 42, as the difficulty level is not high and generally meets expectations. The problem is coded in Rust, and it was decided to remove symbols without providing the source code the night before the competition. This not only made it very difficult for … Read more

Time To Abandon 32-Bit Linux For 64-Bit

Time To Abandon 32-Bit Linux For 64-Bit

Introduction:If you want a secure experience, you might not want to continue using the 32-bit Linux kernel.                  This article has 1234 words, reading time is about: 2 minutes We have many Linux distributions tailored for 32-bit systems🔗 itsfoss.com. So, why do I want to discourage the use … Read more

IoT Device Firmware Security Monitoring Report

IoT Device Firmware Security Monitoring Report

1. Overview In recent years, the Internet of Things (IoT) has been deeply integrated with technologies such as 5G, artificial intelligence, blockchain, big data, and IPv6, leading to a continuous emergence of new technologies, products, and models. With the acceleration of digital transformation and intelligent upgrading of the economy and society, IoT has been widely … Read more

Research on Security Vulnerability Detection of External SDKs in Android Systems

Research on Security Vulnerability Detection of External SDKs in Android Systems

SDK(Software Development Kit, SDK) is a set of tools for Android application developers, including basic information about hardware platforms, software protocol frameworks, operating systems, etc. Its purpose is to improve the development efficiency of Android applications. Most Android apps developed by many software vendors are generally based on existing SDKs, and products are developed based … Read more

Design of a Firmware Bluetooth Protocol Vulnerability Mining Framework Based on Virtualization

Design of a Firmware Bluetooth Protocol Vulnerability Mining Framework Based on Virtualization

Abstract:In recent years, the application of Bluetooth devices has become increasingly widespread. If there are vulnerabilities in Bluetooth devices, it may lead to information leakage, economic losses, and other consequences. However, the firmware updates for Bluetooth devices are often delayed, and some cannot even perform hot updates. Currently, there is a relative lack of tools … Read more

Injection Issues with PDO

Injection Issues with PDO

Disclaimer Any direct or indirect consequences and losses caused by the dissemination and use of the information provided in this article shall be borne by the user. Thunder God Testing and the author of the article shall not bear any responsibility for this. Thunder God Testing reserves the right to modify and explain this article. … Read more

Analysis of Stack Overflow Vulnerability in Netgear R8300

Analysis of Stack Overflow Vulnerability in Netgear R8300

Vulnerability Description: There is a stack overflow vulnerability in the sub_25E04 function of the upnpd file. The length is not checked during strcpy, causing an overflow and allowing for a ROP attack to achieve command execution. Version: 1.0.2.134 Vulnerability Analysis and Reproduction1. Firmware Simulation Using qemu system simulation: qemu startup: qemu-system-arm -M vexpress-a9 -kernel vmlinuz-3.2.0-4-vexpress … Read more

Low Power Bluetooth Testing Tool

Low Power Bluetooth Testing Tool

Hello, masters, good evening. Today we will introduce a low power Bluetooth tool. Before that, let’s briefly introduce low power Bluetooth (BLE). Here is the address | Welcome masters to star https://github.com/nian-hua/Litchi Bluetooth started supporting low power from version 4.0. During the interaction with BLE, the most important concepts are Characteristic, Descriptor, and Service: Characteristic: … Read more

Ford In-Vehicle Entertainment System Vulnerability

Ford In-Vehicle Entertainment System Vulnerability

Focusing on source code security, gathering the latest news from home and abroad! Compiled by: Code Guardian Ford Motor Company has warned that many Ford and Lincoln vehicles equipped with the SYNC3 in-vehicle entertainment system have a buffer overflow vulnerability that could lead to remote code execution; however, it is noted that vehicle driving safety … Read more

Drone Security and Fault Injection Attacks

Drone Security and Fault Injection Attacks

Admin’s Note: It’s been a while since I posted a new article and logged into the public account. Unfortunately, many issues beyond my control, combined with my principle of not being a mere transporter, mean that creation always takes time. Today, I am back with an interesting topic for everyone. Drone Security and Fault Injection … Read more