Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

This article dives into the Spotify Local server that is running. Additionally, it runs into a very weird widget local server that is running.

What are the dangers of localhost servers running? Well, several weird attack vectors!

In the case of Spotify, we can send a request to the local Spotify server that is running on someones computer. Then, this would alter the state of what is running on the local machine (for example, changing songs)

Using a WiFi pinapple also yields interesting results: some DNS requests have Spotify OAuth tokens in them.

In the case of the Übersicht widget, there is a page called runShellCommand. Seriously... I wonder what this does. Well, it runs a freaking shell command!

By making a request to this, we can pop a calculator or do whatever we want.

Popping the calc did have a certain trick though; the content-type of the request had to be one that did not URL encode data (such asenctype="text/plain"). Keep this in mind when trying to run shell commands from the browser.