Mobile Application Security Labs
Serial Notes
The challenge revolves around a fictitious note-taking app called Serial Notes. Serial Notes is designed to support markdown editing and has its own file format to share the notes.
OutlineThis challenge focuses on the deserialization vulnerabilities demonstrating how attackers can exploit it to run a command or code on the victim's device.
Objective
Craft a payload exploiting the deserialization vulnerability within the Serial Notes app to execute arbitrary command.
Skills Required- Deserialization Understanding: Familiarity with the concept and implications of deserialization vulnerabilities in application security.
- Basic knowledge of any hex editor and reverse engineering tools is helpful but not needed.
