Gantix JailMonkey Root Detection Bypass

jail-monkey is a React Native for implementing root detection on Android and iOS devices which is not defeated by the default root detection bypass implemented by objection. The jail-monkey API is a set of methods exposed to a React Native app through the JailMonkey module. impo…
Read more...

Analyzing Kony Mobile Applications

The content in this blog post was presented at Infosec In The City 2019. What is Kony? Kony Visualizer (or Quantum, they have renamed the product a few times) is a cross-platform application development environment. With Kony Visualizer, a single codebase can be used to buil…
Read more...

Ghidra Plugin: JNIAnalyzer

When reversing Android applications with native code, providing type information to your reverse engineering tool can make a decompilation a lot more readable. As an example, the following snippet of code is the Ghidra decompiler output of a function from the libfoo.so of UnCrack…
Read more...

Notes on compiling the Android Kernel for AVD

Recently, I needed to compile a custom Android kernel for a research project that required a newer kernel version (as well as a few kernel configs) than what was available from the standard Android emulator images. It took a while for me to get things working properly so here are…
Read more...

CVE-2018-11793: Apache Mesos Denial of Service Vulnerability

A vulnerability in the JSON parser used by Apache Mesos allows a remote attacker to cause a crash in any Mesos component that parses JSON. The impact of this bug is most likely denial-of-service against Apache Mesos but may result in remote code execution in some circumstances. A…
Read more...