Thick Client Vulnerabilities

  1. Hardcoded Secrets - Binaries, Registries, Files

  2. Sensitive Information in Logs

  3. DLL Hijacking, DLL Injection (In Memory) [JITSI]

  4. Weak File/Folder/Registry Permission - icacls FILEPATH

  5. Weak Service Permissions - accesschk.exe /accepteula -uwcqv "Authenticated Users" * [Check for SERVICE_ALL_ACCESS or SERVICE_CHANGE_CONFIG services]

  6. Sensitive Information in Memory

  7. Unquoted Service Paths - cmd /c wmic service get name,displayname,pathname,startmode|findstr /i /v """

  8. Misconfigured/Weak Permission for Named-Pipes - accesschk.exe /accepteula "PIPE_LOCATION"

  9. Insecure Communication Protocols (EchoMirage, WireShark, Burp Suite)

  10. Buffer Overflow, Integer Overflow, Heap Overflow

  11. Double Free

  12. Use After Free, Null Pointer Reference

  13. Format String Vulnerability

  14. ASLR, DEP, SafeSEH & CFG not enabled (PESecurity)

  15. Path traversal, Arbitrary File Read, Arbitrary File Write, Zip Slip

  16. Lack Of Obfuscation

  17. SQL Injection, Command Injection

  18. Usage Of Vulnerable & Outdated Components

  19. Improper Hostname/SSL Validations

Reverse Engineering Tools -

  1. JD-GUI - Java

  2. JADX - Android

  3. dnSpy - .NET decompiler & debugger

  4. dotPeek - .NET Decompiler

  5. Ghidra

  6. Immunity Debugger & mona

  7. IDA

PreviousIoTNextCloud

Last updated