Babdcatha.net

BabdCatha.net : a blog about cybersecurity.

The Toast Overlay Attack

Hi, I recently came across this DEFCON talk from Nikita Kurtin about different tricks he found to bypass the Android permission system. One technique that I particularly liked was the Toast Overlay Attack. So, I wanted to study it in a bit more detail, and implement my own proof of concept for it. On android,…

17/06/2023
TryHackMe : Capture!

Hi everyone, today we’re going to do the Capture! room on TryHackMe. This room is about a company that developed a Web Application, and, to prevent hackers from bruteforcing their login page, implemented a rate limiter it. The first task makes us download a zip file, which contains a relatively long list of usernames and…

06/05/2023
TryHackMe : Services

Hi! The Services room was recently released on TryHackMe.com, and I wanted to take a look at it. The scenario isn’t really developed here, so let’s jump right into it. As always, once the target machine is started, we scan it using nmap to try to find open ports and services running on the machine.…

28/04/2023