Joakim Uddholm

Joakim Uddholm

Security Engineer with a dash of software. Originally from Stockholm, now in Berlin. I like to hack things.

© All rights reserved.

infosec

infosec

Ettercap, Arpspoof and DNSSpoof Examples

I'm spending the night learning about the tool ettercap. May as well write down what I learn for future reference.

Read
infosec

Enumerating Cinema Tickets

This is a hack I disclosed around a year ago to the company in question. It involves the company SF, which has a

Read
infosec

Android mmssms.db

I'm currently playing around with MMS for a possible hack. So I needed to

Read
infosec

One.com CSRF and XSS

About a year ago I found a few vulnerabilities on the one.com website. For those of you that don't know, _one.com_ is

Read
infosec

FitBit CSRF and XSS

A few months ago I bought a fitbit, which is a wristband tracking device.

Read
infosec

Bypassing Authentication to a Paid Wifi Hotspot

I spent the last week and a few days at my family's summer place on the

Read
infosec

MD5 Length Extension Attack

I found this great explanation of a length extension attack [here by Skullsecurity](https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks)

Read
infosec

label clickjacking and javascriptless csrf

Another niche attack. I happened to notice the interesting behaviour of

Read
infosec

Web Timing Attacks, Continued

Continuing on the subjects of timing attacks, I recently found a small

Read
infosec

Getting timing output from CSRF exploits

I've been playing around with the idea of timing attacks lately. The way

Read