Hi. 馃憢

My name is Naz Markuta and I work in cyber security. This website serves as a personal blog where I share my experiences and occasional guides in various topics (mostly in IT). I鈥檝e tried to keep this blog clean and purely content focused.

Cracking encrypted Lastpass vaults

In this post I will go into technical details on what attackers could do with the stolen encrypted vaults, specifically how they could use tools like Hashcat to crack vault passwords and get access to sensitive log-in credentials. To simulate the stolen data, I will use my test Lastpass account to extract an encrypted vault from the Chrome Browser extension on macOS. Following this, I will use a wordlist attack to bruteforce the vault which has a weak and guessiable password....

23 December, 2022 路 5 min 路 Naz Markuta

Bypass ProtonVPN macOS Certificate Pinning with Proxyman and Frida

A short blog on how to bypass certificate pinning on the ProtonVPN macOS app using Proxyman and Frida. ProtonVPN is a VPN service operated by the Swiss company Proton AG. The service features a cilent application that users can install on various platforms, such as Android TV and Chromebook. I鈥檝e personally had a proton email account for a quite a while now, but never really looked into the VPN service. I was mainly curious at how the macOS app communicates with the backend, and what API end-points it talks to....

18 December, 2022 路 6 min 路 Naz Markuta

Comparing root detection on banking apps with latest version of Magisk

In this post I will be comparing root detection features on 24 UK mobile banking apps using the latest version of Magisk (v24.3) on a Google Pixel 3a. You can head straight to the comparisons table if you want to see the results. Test Device The device used was a Google Pixel 3a running Android 10. It had been rooted using the latest version of Magisk which was v24.3 (at the time of writing)....

17 March, 2022 路 4 min 路 Naz Markuta

Reverse VIN lookup by part numbers

Back story As part of an out-of-country car repair, my partner鈥檚 dad suspected that his transmission had been switched out for a faulty one without his permission. He noticed that after a second trip to a different mechanic, the car was not performing as expected so he asked me to help find out when his part was changed. The vehicle was a Hyundai Santa Fe 2008 bought in Bulgaria. It had a VIN of KMHSH81WP8U272568, with a transmission number of U7LFP467454....

10 March, 2022 路 9 min 路 Naz Markuta

Pod Point exposes customer data

This post will describe how I discovered a security flaw in Pod Point鈥檚 mobile app API endpoints. It covers bypassing certificate pinning with Frida, and demonstrate how attackers can steal full names, addresses, charging history, and more by simply having a registered account that anyone can obtain. Pod Point Pod Point is a UK based company established in 2009 that provides electric vehicle charging equipment to both businesses and individuals. It also operates what鈥檚 called the 鈥淧od Point Network鈥 where customers can use charge points across the country with a mobile app....

20 November, 2021 路 8 min 路 Naz Markuta