Sign in

Dealing with Information Security as my Day Job and Information Security Research at night. Co-organizer for #BSidesIslamabad advocate for #HackingIsNotACrime

Clear text Storage in a File or on Disk in TimelyBills ≤ 1.7.0 for iOS and versions ≤ 1.21.115 for Android allows attacker who can locally read user’s files obtain JWT tokens for user’s account due to insufficient cache clearing mechanisms. A threat actor can obtain sensitive user data by decoding the tokens as JWT is signed and encoded, not encrypted


Hello Friend! (Yes, You who’s reading) this isn’t just typical write-up rather my path towards bug bounty and how it had changed my thoughts on approaching programs. This is going to be long (My apologies) and I hope you will enjoy. Feedback as usual will be always welcomed.

Some spoilers before you continue :

  1. I won’t be disclosing how much bounty I earned from the vulnerabilities found.
  2. The program names won’t be disclosed due to restrictions.

So, a little about myself. I’m Pentester (Usually breaking things for living), working with financial services for more than 6 years. Before InfoSec career…

With digital revolution in the world, the internet has become an integral part of everything. The dawn of the computer age gave birth to viruses, however, this also encouraged cyber criminals to misuse the technology. Where the cyberspace created endless possibilities for both businesses and Security Researchers; it also brought forth the Cyber Criminals too.

Cyber threats are encountered all over the world, and now one of the most crucial areas to focus upon. On a rough survey, Business face over 1000s of attacks every day to disrupt business operations. …

Image credits : 3i-infotech

Often during my discussions with college, high school and university students and at times folks who want to switch their career path from development, networking, I’ve been always asked for advice of starting career in Penetration Testing specifically and Information Security commonly. The Information Security is a vast domain which further relies on sub-classes that includes Governance Risk and Compliance, Security Operations, Security in Software Development & last but not the least Awareness. These domains are further divided into categories. The only reason to highlight is Penetration Testing covers and resides under Security and Risk Management and has an important…

Spoiler : This review/walkthrough is solely based on non-jailbroken devices.

Recently, I was tasked to perform pentesting of a mobile application (Later came to know it was an iOS/IPA app testing). However, earlier i had been pentesting mobile applications both for Android and iOS but my experience with Android has been more than iOS. Started to think how can i pentest an iOS application in a very different way rather following the same jailbroken pattern and so on.

0x01 : Prerequisite for Lab

1 — A Macbook
2 — An iPhone

FiberHome Technologies is a leading equipment vendor and global solution provider the field of information technology and telecommunications. FiberHome Deals in fiber-optic communications, data networking communications, wireless communication, and intelligentizing applications. In particular, it has been providing end-to-end solutions integrated with opto-electronic devices, opticpreforms, fiber & cables, and optical communication systems to many countries around the world.

Recently, I was able to successfully attempt to reset FiberHome’s AD1020–25 Model router to it’s default configuration leading to DOS attack. Basically, due to improper authentication method, attacker can easily access the parameter, execute it & hence leading to factory reset. …

[Redacted] is one of the largest seller in Air Conditioners in Middle East, China, North America, South America and Asia. With the rapid change in technology [Redacted] decided to provide an application which will be connected to the Internet and for customer’s ease they can manage their Air Conditioner from application.

Sounds great news? Well it is. You can manage different profiles from your single application. …

The situation of ATM Machine in karachi (Not going to take name). DVR box (Don’t know if its empty) along Switch and Firewall placed in public premises connected to a WIFI enabled Router. This indeed can be very helpful in an attacker perspective. #Infosec #RedTeam


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store