kriware 

@[email protected]
52 Followers
34 Following
532 Posts
Security Analyst at Layakk
Permanent student
Kriware Security Feed: Feed of technical blogs about cybersecurity. -> Telegram Channel: https://t.me/kriwarefeed
YouTuber: kriware
RootedCON co-organizer
Webhttps://kriware.com/
kriware 5d ago

Anatomy of a Syscall

Explains how Linux syscalls cross from user space to kernel mode, using read() to show ABI, stack switches, validation, and VFS dispatch.

https://pwnmonk.github.io/blogs/anatomy-of-a-syscall.html

#Linux #Kernel

Anatomy of a Syscall | kernel kathas

Long Long Road to Ring-0 and Back

kriware Jun 10

ISO 8583 Under Fire: Finding Vulnerabilities in a Payment Socket

Raw POS socket tests reveal replay, IDOR, ghost transactions, and card-bypass flaws.

https://m4kr0.vercel.app/posts/iso-8583-under-fire-finding-vulnerabilities-in-a-payment-socket

#ISO8583 #POS

ISO 8583 Under Fire: Finding Vulnerabilities in a Payment Socket - M4KR0 Blog

A hands-on walkthrough of security testing an ISO 8583 payment socket — from reversing the app and enabling hidden debug mode, to finding four critical vulnerabilities in the processor layer

M4KR0 Blog
kriware May 29

Pathfinding Labs: Deploy, test, and learn from 100+ vulnerable AWS environments

Open labs let teams deploy, exploit, and validate cloud misconfigurations.

https://securitylabs.datadoghq.com/articles/introducing-pathfinding-labs/

#Cloud

Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments | Datadog Security Labs

Introducing Pathfinding Labs, a collection of intentionally vulnerable AWS environments for red teamers and blue teamers to deploy, exploit, and use for detection validation.

kriware May 18

OpenSSL, Cert Pinning and Memory Patching

Shows how certificate pinning in Android apps can be bypassed by patching memory at runtime during reversing and traffic interception.

https://sensepost.com/blog/2026/openssl-certpinning-and-memory-patching.-sounds-fun-right/

#Android #ReverseEngineering

SensePost | OpenSSL, Certpinning and Memory patching. Sounds fun right?

kriware May 17

Detecting CrushFTP CVE-2025-31161 Exploitation

Explains detection of CrushFTP exploitation using YARA rules in PacketSmith.

https://blog.netomize.ca/detecting-exploitation-of-crushftp-vulnerability-cve-2025-31161-with-packetsmith-yara-detection-module-using-track-state-and-flow-state

#YARA

kriware May 13

noxen

Android runtime interception tool maps component flows, captures intents, and lets testers inspect, modify, forward, or drop them.

https://github.com/frankheat/noxen

#Android #Frida

GitHub - frankheat/noxen: Android interception tool for component communication and attack-surface mapping

Android interception tool for component communication and attack-surface mapping - frankheat/noxen

GitHub
kriware May 12

CVE-2026-0073 PoC (Wireless ADB TLS Auth Bypass)

PoC shows how faulty ADB TLS key checks may allow unauthorized wireless command access.

https://github.com/adityatelange/poc-CVE-2026-0073

#Android #ADB

GitHub - adityatelange/poc-CVE-2026-0073: CVE-2026-0073 - ADB Wireless Mutual Authentication Bypass PoC

CVE-2026-0073 - ADB Wireless Mutual Authentication Bypass PoC - adityatelange/poc-CVE-2026-0073

GitHub
kriware May 11

Dirty Frag: Universal Linux LPE

Linux flaw chain enables reliable local root privilege escalation across major distros; one CVE patched, another still pending.

https://github.com/V4bel/dirtyfrag

#Linux #LPE

GitHub - V4bel/dirtyfrag

Contribute to V4bel/dirtyfrag development by creating an account on GitHub.

GitHub
kriware May 10

Oh MyAudi!

APIs let guest users with a public VIN expose vehicle metadata and some request data; one issue was fixed after disclosure.

https://decoder.cloud/2026/05/08/oh-myaudi/

#CarHacking #API

Oh MyAudi!

This is quite a different post as it is not related as usual to Windows vulnerabilities 😉. In the past period, I have been looking into the myAudi connected vehicle platform “Audi Connect and…

Decoder's Blog
kriware May 2

CVE-2026-0047: Stealing Screenshots from Every Running App

Missing Android permission check lets any app dump UI bitmaps from running apps.

https://www.mobilehackinglab.com/blog/cve-2026-0047-activitymanager-eop-steal-images

#Android #EoP

0-Click RCE in Samsung's OpenAPV on Android 16

How a missing bounds check in Samsung's APV video codec leads to heap corruption on Android 16 — proved with OOB read/write PoCs, MP4 exploit on Android emulator, and 4 fuzzing approaches including AFL++.