Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff
Critical Thinking - Bug Bounty Podcast6 Huhti 2023

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.

Follow us on Twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on Twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Joel’s Alternative to UberTooth One:

https://www.amazon.com/Bluetooth-UD100-G03-Exchangeable-Bluesoleil-Microsoft/dp/B0161B5ATM

D3monDev’s Burp VPS Plug-in:

https://github.com/d3mondev/burp-vps-proxy

FireProx:

https://github.com/ustayready/fireprox

Joel’s Universal SSL De-pinning Frida Script:

https://gist.github.com/teknogeek/4dc35fb3801bd7f13e5f0da5b784c725

Command-line Fuzzy Finder:

https://github.com/junegunn/fzf

Justin’s two article recommendations for using Frida:

https://tinyurl.com/5n94d6ry

https://tinyurl.com/yfy3n5f5

Copy screen of physical device:

https://tinyurl.com/ymdrscm5

Flipper:

https://flipperzero.one/

BetterCap BLE Module:

https://www.bettercap.org/modules/ble/

Timestamps:

(00:00:00) Intro

(00:00:55) Hacker Chats

(00:03:27) Podcast Content Commentary

(00:04:09) SSRF Rebinding Error Confession

(00:06:02) Flipper Zero

(00:07:58) Bettercap BLE

(00:09:36) Sena USB Bluetooth Adapter

(00:12:41) Burp VPS Proxy Plugin

(00:13:55) Fireprox

(00:15:40) Dynamic Mobile Hacking

(00:17:40) Dynamic Analysis Overview

(00:18:18) Emulator Talk

(00:24:29) Joel’s APK Analysis Flow

(00:26:30) Cert Pinning

(00:32:17) Joel’s SSL Cert Pinning Script

(00:35:29) Hands-on look at Frida

(00:50:11) Frida on Non-rooted Devices

(00:58:22) Tracing Errors to Overwritable Functions

(01:00:39) Native Libraries

(01:09:18) GenyMobile Screen Mirroring Tool

(01:11:50) Justin’s Report of the Day and Custom SSL Pinning

(01:18:15) Joel’s First Ever Bug, Jailbreak Detection Bypass

Jaksot(161)

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: How We Do AI-Assisted Whitebox Review, New CSPT Gadgets, and Tools from SLCyber

Episode 137: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner and Joseph Thacker reunite to talk about AI Hacking Assistants, CSPT and cache deception, and a bunch of tools lik...

28 Elo 202549min

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable

Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the r...

21 Elo 202550min

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories

Episode 135: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Ryan Barnett for a deep dive on WAFs. We also recap his Exploiting Unicode Normalization talk from DEFCON, ...

14 Elo 20251h 26min

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado

Episode 134: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Diego Djurado to give us the scoop on XBOW. We cover a little about its architecture and approach to hunting, the...

4 Elo 20251h 53min

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: Building Hacker Communities - Bug Bounty Village, getDisclosed, and the LHE Squad

Episode 133: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Harley and Ari from H1 to talk some about community management roles within Bug Bounty, as well as discuss the ev...

31 Heinä 20251h 16min

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: Archive Testing Methodology with Mathias Karlsson

Episode 132: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is joined by Mathias Karlsson to discuss vulnerabilities associated with archives. They talk about his new tool, ...

24 Heinä 20251h 49min

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: SL Cyber Writeups, Bug Bounty Metastrategy, and Orphaned Github Commits

Episode 131: In this episode of Critical Thinking - Bug Bounty Podcast we're covering Christmas in July with several banger articles from Searchlight Cyber, as well as covering things like Raycast for...

17 Heinä 202550min

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: Minecraft Hacks to Google Hacking Star - Valentino

Episode 130: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Valentino, who shares his journey from hacking Minecraft to becoming a Google hunter. He talks us through sev...

10 Heinä 20251h 8min