YPYogeshwar Peelainexploitnotes.hashnode.dev·1d ago · 13 min readFAM CTF: The Library to The Endpoint WriteupExecutive Summary FAM is a mobile CTF challenge distributed as an Android APK (fam-ctf.apk) with four staged flags, each themed around a different layer of the app's Firebase backend: The Library (nat00
Ddev&securityindevandsecurity.com·Feb 3 · 7 min readMobile Hacking Lab: Post Board - WebView XSS to RCE ChallengeObjective: Exploit XSS vulnerability in WebView's markdown parser to achieve Remote Code Execution via command injection This was a fascinating challenge from Mobile Hacking Lab that combined web security (XSS) with Android security (command injectio...00