Sean Pesce's Avatar

Sean Pesce

@seanpesce.bsky.social

https://seanpesce.blogspot.com

554 Followers  |  21 Following  |  6 Posts  |  Joined: 03.07.2023  |  1.5214

Latest posts by seanpesce.bsky.social on Bluesky

Preview
Understanding and Modifying the Hermes Bytecode - Payatu The React Native Pentesting for Android Masterclass has taught us how to edit and patch React Native apps in the previous blog. Let’s now move on to the Hermes bytecode.Β  The React Native team created...

Great post from the Payatu blog: Understanding and Modifying the Hermes Bytecode

payatu.com/blog/underst...

18.12.2024 23:10 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Exploiting Android Client WebViews with Help from HSTS

seanpesce.blogspot.com/2024/09/expl...

(Repost from my X/Twitter)

25.11.2024 13:01 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
New crazy payloads in the URL Validation Bypass Cheat Sheet The strength of our URL Validation Bypass Cheat Sheet lies in the contributions from the web security community, and today’s update is no exception. We are excited to introduce a new and improved IP a

We've just updated our URL Validation Bypass Cheat Sheet with a new IP address obfuscator, and new payloads by @seanpesce.bsky.social and @t0xodile.bsky.social. Check out the full details at portswigger.net/research/new...

29.10.2024 14:31 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

3/3

At the end of the day this isn't super consequential though, because a WebView will default to HTTPS if the domain has HSTS preloading configured (I'd be more concerned about MitM potential resulting from cleartextTrafficPermitted)

20.03.2024 11:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

2/?

Consider this scenario: you can trick a WebView into opening an arbitrary URL with a string such as "attacker[.]com/?https://victim[.]com"

This normally only works with cleartextTrafficPermitted, because otherwise it will trigger a "plaintext traffic" error.

20.03.2024 11:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

1/? #Android #appsec trivia tidbit:

Apps with cleartextTrafficPermitted allow easier exploitation of WebView URI confusion vulns because WebViews will default to plaintext HTTP if no protocol is provided to loadUrl(), but normally this results in NET::ERR_CLEARTEXT_NOT_PERMITTED

20.03.2024 11:15 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

AWS IoT Core: A Compromised Device Perspective

seanpesce.blogspot.com/2023/11/aws-...

09.11.2023 01:11 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@seanpesce is following 20 prominent accounts