https://vrls.ws/vrls.wsPersonal blog about computer hacking & security 2023-12-03T00:30:41+00:00 https://vrls.ws/ Jekyll © 2023 /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Exploiting nOAuth Vulnerability in Azure AD Applications2023-10-24T00:00:00+01:00 2023-10-24T00:00:00+01:00 https://vrls.ws/posts/2023/10/exploiting-noauth-vulnerability-in-azure-ad-applications/ Introduction The nOAuth vulnerability was originally discovered by Descope security team and impacts Microsoft Azure AD applications configured to use OAuth. Essentially the vulnerability is a design flaw that can lead to account takeover when the application has “Login with Microsoft” button. An attacker may forge its own email address to match a victim address and as a consequence, the ap... Obfuscating Rust Binaries using LLVM Obfuscator (OLLVM)2023-06-12T00:00:00+01:00 2023-12-03T00:30:02+00:00 https://vrls.ws/posts/2023/06/obfuscating-rust-binaries-using-llvm-obfuscator-ollvm/ UPDATE - 30 November 2023 I have made available a Docker image containing all the required steps to build a Rust toolchain using OLLVM. Currently it is targeting both x86_64-unknown-linux-gnu and x86_64-pc-windows-gnu but haven’t tested yet. At least it works for “hello world” programs. Source: https://github.com/joaovarelas/Obfuscator-LLVM-16.0 NOTE: You are going to need at least 30GB of... Real World CTF 2023 - Ferris Proxy - Reverse Engineering2023-01-12T00:00:00+00:00 2023-01-12T00:00:00+00:00 https://vrls.ws/posts/2023/01/real-world-ctf-2023-ferris-proxy-reverse-engineering/ Introduction During RealWorldCTF 2022 there was a RE challenge named “Ferris Proxy”. The challenge includes 2 executables (client and server) and a TCP packet capture file (pcap) that contains data of communication between the client and server. Our team (xSTF) did not solve the challenge on time but I decided to make a writeup anyway because the challenge was fun and mixed multiple categor... Building a Remote Class Loader in Java2022-08-25T00:00:00+01:00 2022-08-27T14:13:47+01:00 https://vrls.ws/posts/2022/08/building-a-remote-class-loader-in-java/ Introduction Inspired by some tools (rebeyond Behinder, AntSword) and CTF challenges, I decided to make a project that facilitates the loading of Java classes into remote computers (or targets). During a pentest process we typically abuse shells and commands that are limited to the context we are working on. I thought it would be nice to have a simple-ish way to run our code into target com... Hooking JIT compiler of .NET applications2021-11-17T00:00:00+00:00 2021-11-17T00:00:00+00:00 https://vrls.ws/posts/2021/11/hooking-jit-compiler-dotnet-applications/ Presentation about hooking technique to intercept and modify IL code when passed to Just-in-Time compiler of .NET applications.