profile
viewpoint

nibarius/aoc 1

Advent of code

nibarius/learning-frida 1

A blog about learning how to use the Frida dynamic instrumentation toolkit with Android

nibarius/opark-backend 1

A backend for the Opark android app

nibarius/data-axe 0

Google app engine project for being able to look up various things using custom search engines in the Opera browser.

nibarius/kanjiplot 0

plots number of notes and kanji in an Anki deck

nibarius/kanjium 0

The ultimate kanji resource

nibarius/opera-park-android 0

Android app for parking cars at the Opera office in Linköping

nibarius/tjstats 0

Script that generates a graph of the participation level in the Team Japanese in the Total Annihilation Challenge on Reddit

nibarius/wk-gisuu 0

User script for WaniKani that replaces numbers on the dashboard over 42 with 42+

nibarius/wk-userscripts 0

A collection of user scripts for WaniKani

push eventnibarius/wk-wakaran

Niklas Barsk

commit sha 5b627f3703dbea6fca7c85acbb987b91db220b85

Wanikani doesn't seem to like some more exotic characters

view details

push time in 10 days

push eventnibarius/learning-frida

Niklas Barsk

commit sha f19f0fe3fa37e9fa4a081d6a31b9d42d75938fac

Add a page with links to tools and CTFs

view details

push time in 17 days

push eventnibarius/learning-frida

Niklas Barsk

commit sha 5207796f3313b866a3a1c9a02d6d26697354d2a8

Issue #9: Add a Twitter link to the footer.

view details

push time in a month

issue closednibarius/learning-frida

how to contact u is there any twitter or discord ?

how to contact u ther any twitter or discord ?

closed time in a month

balook

issue commentnibarius/learning-frida

how to contact u is there any twitter or discord ?

Hi and sorry for not replying earlier, For some reason I didn't get any notification when you created the issue. I have twitter account that you can reach me on: https://twitter.com/NiklasBarsk

balook

comment created time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha a66e23c1ca1eb0125d7486880c846a64449ead2b

Use correct commit issue id for veryandroidoso

view details

push time in a month

issue openednibarius/learning-frida

Comments for "DEFCON Quals 2019 Veryandroidoso"

Comments made here will be shown on the "DEFCON Quals 2019 Veryandroidoso" article.

https://nibarius.github.io/learning-frida/2020/08/29/veryandroidoso

created time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha cae1f306178caf707ba47e59414aee188cb57a82

Solve the veryandroidoso challenge

view details

push time in a month

startedxtiankisutsa/awesome-mobile-CTF

started time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha 3a443d8aa97c0568b20ed9c8c4d15c05eab52d3d

Remove file added by accident

view details

push time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha cbb76c5f039f3bd151a9b5d8b26caa5286c07237

Solve the cybertruck challange part 3 one more time This time by intercepting individual instructions, rather than functions.

view details

Niklas Barsk

commit sha ccec4bf005fd83cdf8e67a1f21dc2ecebcdb3a1c

Update original cybertruck post with link to the new one.

view details

push time in a month

issue closednowsecure/cybertruckchallenge19

Buffer over-read when generating the native secret

https://github.com/nowsecure/cybertruckchallenge19/blob/7eb9298752b5be53d9c2e3d9d2db0affde476215/src/app/src/main/cpp/native-lib.cpp#L17-L28

Is it intended to not have any null-termination on the data array to make the challenge harder? strlen() reads data until it finds the first null character, which with this implementation is somewhere past the end of the data array. When I'm running this on an x86_64 emulator strlen returns 38 while the data array is 32 characters long. This also means that the last characters of the out array will be based on data read from past the end of the data and key arrays.

closed time in a month

nibarius

issue commentnowsecure/cybertruckchallenge19

Buffer over-read when generating the native secret

Thanks for the answer, good to know it's intended. It took me a while to figure out why my static analysis found a 33 character long key (ending with a ,) and why strlen returned something even longer. I could of course see the real key, but I really wanted to know why this happened to make sure it wasn't my fault.

Also thanks a lot for the challenge. I've learned a lot from the third part, at first I didn't realize you could intercept individual instructions with Frida, so I intercepted the whole init function and figured out how to pull the flag from the stack. So a lot of lessons learned from such a small and simple native function.

nibarius

comment created time in a month

issue openednowsecure/cybertruckchallenge19

Buffer over-read when generating the native secret

https://github.com/nowsecure/cybertruckchallenge19/blob/7eb9298752b5be53d9c2e3d9d2db0affde476215/src/app/src/main/cpp/native-lib.cpp#L17-L28

Is it intended to not have any null-termination on the data array to make the challenge harder? strlen() reads data until it finds the first null character, which with this implementation is somewhere past the end of the data array. When I'm running this on an x86_64 emulator strlen returns 38 while the data array is 32 characters long. This also means that the last characters of the out array will be based on data read from past the end of the data and key arrays.

created time in a month

issue commentnibarius/learning-frida

Comments for "Solving OWASP MSTG UnCrackable App for Android Level 3"

Looking at the backtrace it looks like the crash happens from the goodby() function. This is called if the native code tamper protection detects any problems. So it's likely the native tamper protection bypass that isn't working for you.

nibarius

comment created time in a month

issue commentnibarius/learning-frida

Comments for "Solving OWASP MSTG UnCrackable App for Android Level 3"

It's hard to say what is causing the crash for you, but it could be that you are using the wrong address when you attach to the secret generator function with Interceptor.attach(Module.findBaseAddress('libfoo.so').add(0x12c0), ...

The 0x12c0 value is different for each library, so you need to extract the address from the library matching the architecture on the device you are using.

nibarius

comment created time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha 9701e9b578a4223945642d2cf8ee9c4785b6e559

Forgot to link to the actual cyber truck challenge

view details

push time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha 8b0e7818e9b8472ee495c5641b21ef95d8876fcf

Fix broken link in the cybertruck post

view details

push time in a month

issue openednibarius/learning-frida

Comments for "CyberTruckChallenge19"

Comments made here will be shown on the "CyberTruckChallenge19" article.

https://nibarius.github.io/learning-frida/2020/08/17/cybertruckchallange19

created time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha 261d5fb2b1f4ac5ba0567ef4a5dc04e13786a078

Post about solving the CyberTruckChallange19

view details

push time in a month

push eventnibarius/learning-frida

Niklas Barsk

commit sha fc9c1024f58c6ceaae944574bce5385a040bed37

Update dependencies (in particular kramdown to fix a security isssue)

view details

push time in 2 months

issue openednibarius/learning-frida

Comments for "Hacker101 CTF - Oauthbreaker"

Comments made here will be shown on the "Hacker101 CTF - Oauthbreaker" article.

https://nibarius.github.io/learning-frida/2020/07/12/h101-oauthbreaker

created time in 3 months

push eventnibarius/learning-frida

Niklas Barsk

commit sha 6c7a6556813c3a024a61e4d15bf328f70df1d671

Solve the Hacker101 oauthbreaker challenge

view details

push time in 3 months

push eventnibarius/learning-frida

Niklas Barsk

commit sha 02cd72c381c2c540c26513bc24a74ead2ce9d5e4

Update the start page text.

view details

push time in 3 months

push eventnibarius/learning-frida

Niklas Barsk

commit sha 82dfbd4cf7893a533bec1feca2bec93c05005f29

Add a simple page view counter to posts.

view details

push time in 3 months

more