[email protected] +84 (0) 9679 24241

Posts by enderphan

Understand Solidity Storage in depth

You can see the details here https://enderspub.kubertu.com/understand-solidity-storage-in-depth

Thinking about Requests

The reason I want to wrap up this topic is just to keep all of my logics and comprehension of...

Android App – Local Attack

If you have read the “Thinking about request” article. This would be much more relevant. Previously, I had made a...

Capture The Coin Write-up

Result ‌ My team: Kubertu stayed at top #6‌ My personal work stayed at top #10 ‌Read more: https://enderspub.kubertu.com/capture-the-coin-writeup ‌

Andump (Dump sensitive info)

Git: https://github.com/enderphan94/andump This is the repository for Andump. If you are looking for the Andump website. Click here. For Android Data...

Mobipika Scanning Tool

Our mobile scanning tool is being developed whic is called “mobipika” aiming to check for security issues in Android mobile...

CVE-2019-11384

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11384 Author: Ender Phan Description: The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e. plain...

CVE-2019-11383

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11383 Author: Ender Phan Description: An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android....

Crypto Wallet Local Storage Attack

‌PDF: https://www.exploit-db.com/docs/46466 Background During our mobile security pen testing, we have found a very interesting attack scenario in (Android application)....

NodeJS: Event-Stream Backdoor Analysis

I – The story On November 11th, 2018, at the “event-stream” repository there was a nickname FallingSnow saying that: ‌...