Pinned ·

Reverse Engineering Yaesu FT-70D Firmware Encryption

Background Ham radios are a fun way of learning how the radio spectrum works, and more importantly: they're embedded devices that may run weird chips/firmware! I got curious how easy it'd be to hack my Yaesu FT-70D, so I started doing some research. The only existing resource I c…

Pinned ·

Apple ImageIO Denial of Service

Last Updated: April 5, 2017 to address some incompleteness and errors. You can view the revision history here. Application Services is a framework in iOS and OS X which provides what's known as the Image I/O framework. ImageIO itself is a collection of utilities and data types f…

Pinned ·

Finding a CSRF vulnerability in phpBB

The phpBB team released phpBB version 3.1.7-PL1 on Jan 11, 2016 which fixed a CSRF issue I found in the admin control panel BBCode creation form. Since BBCode is basically whitelisted HTML created by admins this CSRF vulnerability could allow an attacker to inject arbitrary HTML …

Pinned ·

CVE-2016-1902: Symfony SecureRandom

Overview Recently the Symfony project published a security advisory to the SecureRandom class in their Security component that affects Symfony versions 2.3.0-2.3.36, 2.6.0-2.6.12, 2.7.0-2.7.8. On most sane systems there is no problem, but in the event that something goes wrong th…