Host entries 10.0.160.223 Content Default Credentials (admin:admin) File Thingie 2.5.7 - Remote Code Execution (RCE) LFI through Web Server running as root Reconnaissance Initial recon...

Host entries 10.0.14.38 Content ThinkPHP Deserialization vulnerability [CVE-2024-44902] Protoype Pollution on @bit/loader [CVE-2024-24293] Reconnaissance Initial reconnaissance for TCP p...

Host entries 10.0.160.235 Content KodExplorer Dangerous File Upload leading to RCE Arbitrary File Read via Playwright’s Screenshot Feature Exploiting File Wrapper Reconnaissance Initial ...

Host entries 10.0.14.47 Content Default Credentials Haven blog web application RCE Binary allowed to run with superuser (root) privileges sudo -l Reconnaissance Initial reconnaissanc...

Host entries 10.0.160.222 destroyercms.echocity-f.com Content GetSimpleCMS RCE exploit SUID privilege escalation Reconnaissance Initial reconnaissance for TCP ports # Nmap 7.94SVN sca...

SQLite DB To save structured data, such as contact information or to-do lists, we can leverage the iOS Core Data framework. It provides a convenient API for storing data in different store types s...

Realm DB Realm DB is an alternative to SQLite for storing structured data in mobile applications. It is object-oriented, which means that the database internally uses objects that map to the mobil...

Plist File Plist files use an XML format and can be stored in plaintext ASCII or as a proprietary packed file format intended to reduce the file size. These binary files require the use of a suppo...

iOS Keychain Dumper Since the Keychain stores sensitive information, attackers are naturally interested in accessing its contents. We can use the iOS Keychain Dumper tool, to dump the contents of ...

Firebase DB Contrary to SQLite and Realm DB, which store data locally, Firebase is a cloud database. It allows developers to collect data from many application users and store it online in JSON fo...