Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041


Introduction

Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea behind the SOP is the javaScript from one origin should not be able to access the properties of a website on another origin. The origin is formed by the combination of Scheme, domain and port with the port being an exception to IE. There are some exceptions with SOP such the location property, objects wtih src attribute. However, the fundamental are that different origins should not be able to access the properties of one another.

Tags: 7 Comments

Remote Code Execution in PHP Explained - Part 1



This is a two part article about code execution in PHP. It’s a very detailed article and contains references from other sources as well. I will discuss about some of the mistakes done by PHP developers which result in Remote Code Execution Vulnerability. It’s no secret that PHP is an easy to code language; however a lot of new PHP developers lack the knowledge of basic security principles which results in to new poorly written web-application often introducing critical vulnerabilities.

PHP Vulnerable Functions

Let’s take a look at the very common class of functions which when used insecurely result in a remote code execution. Any untrusted input passed through one of these functions without sanitization would result in an arbitrary code being executed. eval() , system(), exec(), shell_exec()

1 Comments

Qmobile Noir A20 Browser And Messaging App Denial Of Service



While being impressed by Collin Mulliner's research on smart phones, I found myself very curious trying to find vulnerabilities inside it and i found several ones out. In this short blog post I would be discussing about DOS vulnerabilities inside the default browser and the messaging app of Qmobile Noir A20. Qmobile Noir A20 runs on Android 4.1.2. The flaw itself is present it inside Android 4.1.2 browser as well as the default messaging system, however since most of the Qmobile smartphones within the released with or slightly after Noir A20 are most likely using the same browser version and messaging app.

Tags: 0 Comments

Puffin Web Browser Pop Up Recursion Vulnerability - DOS


During my recent security research on "Puffin Web Browser" I found several security bugs with "Puffin Web Browser" ranging from low to high risk issues. My recent post "Puffin Web Browser Address Bar Spoofing" already talked about a high risk vulnerability inside Puffin Web browser. 

However, today I would like to discuss about a low/medium risk issue known as "Pop Up Recursion" vulnerability resulting in a Denial Of Service. This is a known issue and in past has been already addressed in browsers such as Google Chrome, however Puffin Web Browser is still affected by the issue.  

1 Comments

Puffin Web Browser Address Bar Spoofing Vulnerability



During my recent research on Mobile browsers i have managed to find couple of interesting vulnerabilities such as SOP bypass, Denial of service and Address bar spoofing vulnerability which are worth doing a writeup. However, In the following writeup I would discuss about an "Address Bar Spoofing Vulnerability" present inside of a well known mobile browser for both Android and iOS known as "Puffin Web Browser". 

Tags: 1 Comments

Nokia Asha Series Lock Screen Bypass



There have been a lot of lock screen bypasses lately in almost every mobile deice such as iPhone, Samsung galaxy, HTC etc and if you observe carefully most of them rely upon abusing the "Emergency Calling" option some how. Hammad Shamsi a Security researcher from RHAinfoSec has found a lockscreen bypass which resides in all the latest versions of Nokia Asha series. The bypass occurred due to mishandling of SOS button (Emergency Panic Button) which is present in all Nokia Asha Series and is used to perform the emergency calls.

3 Comments

Blog Archive

 

Recent Comments

About

Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

Join In!

RHA © 2013. All Rights Reserved.