Forwarded from The Bug Bounty Hunter
Android Security Testing: Setting up burp suite with Android VM/physical device.
https://medium.com/@hacker7744/android-security-testing-setting-up-burp-suite-with-android-vm-physical-device-e8f713968eef
https://medium.com/@hacker7744/android-security-testing-setting-up-burp-suite-with-android-vm-physical-device-e8f713968eef
Medium
Android Security Testing: Setting up burp suite with Android VM/physical device.
Setting up the Burp suite with an android device is simple but a little tricky.
Demo of vulnerability discovered in Google's Camera app that allowed 3rd party apps to take pictures and video without user knowledge or CAMERA permission (CVE-2019-2234)
https://www.instagram.com/p/CF-Wm32AnhZ/
Slides: https://i.blackhat.com/asia-20/Friday/asia-20-Yalon-Hey-Google-Activate-Spyware.pdf
https://www.instagram.com/p/CF-Wm32AnhZ/
Slides: https://i.blackhat.com/asia-20/Friday/asia-20-Yalon-Hey-Google-Activate-Spyware.pdf
Instagram
Android Security & Hacking
My demo of vulnerability discovered in Google's Camera app allowed 3rd party apps to take pictures and video without user knowledge or CAMERA permission (CVE-2019-2234). This happened because of exported CameraActivity that accepted input from other apps.…
Mobile forensic analysis in action using Andriller
Andriller dumps all accessible data from device, but first you need to enabled ADB debugging. In my case, I performed it on PIN locked, but rooted Samsung S5.
https://www.instagram.com/p/CGEmcz7gv3t/
BTW, Andriller was a commercial toolkit until December 2019, however its author made it free and open-source, so now you can download full version without paying.
Download: https://github.com/den4uk/andriller
Andriller dumps all accessible data from device, but first you need to enabled ADB debugging. In my case, I performed it on PIN locked, but rooted Samsung S5.
https://www.instagram.com/p/CGEmcz7gv3t/
BTW, Andriller was a commercial toolkit until December 2019, however its author made it free and open-source, so now you can download full version without paying.
Download: https://github.com/den4uk/andriller
Sophisticated new Android malware marks the latest evolution of mobile ransomware
https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/
https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/
Microsoft News
Sophisticated new Android malware marks the latest evolution of mobile ransomware
We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms.
BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-spark-bahamut.pdf
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-spark-bahamut.pdf
Malicious Android SDK delivers unwanted out of context ads
https://www.whiteops.com/blog/somewhere-over-the-rainbowmix
https://www.whiteops.com/blog/somewhere-over-the-rainbowmix
HUMAN
Somewhere over the RAINBOW(MIX)
The White Ops Satori Threat Intelligence and Research Team found a group of more than 240 Android apps conducting ad fraud.
Forwarded from The Bug Bounty Hunter
Amazon Kindle: iOS App Reverse Engineering for eBooks Leaking
https://abjurato.github.io/stories/kindleEbooks.html
https://abjurato.github.io/stories/kindleEbooks.html
anatoly.works
Amazon Kindle: iOS App Reverse Engineering for eBooks Leaking
Vulnerability in JioChat for Android
Caller can cause callee device to send audio without user interaction
https://bugs.chromium.org/p/project-zero/issues/detail?id=2059
Caller can cause callee device to send audio without user interaction
https://bugs.chromium.org/p/project-zero/issues/detail?id=2059
Bruteforcing PIN lockscreen using Android as USB HID device
ADB and root are not required to perform this brutforce method!
Requirements:
-Custom compiled Kernel with support for /dev/hidg*
-OTG cable
-Termux
-noscript with commands
https://www.instagram.com/p/CGRmHwog5oy/
Tutorial:
https://github.com/pelya/android-keyboard-gadget
ADB and root are not required to perform this brutforce method!
Requirements:
-Custom compiled Kernel with support for /dev/hidg*
-OTG cable
-Termux
-noscript with commands
https://www.instagram.com/p/CGRmHwog5oy/
Tutorial:
https://github.com/pelya/android-keyboard-gadget
Diving Into mobile APT group DONOT's Rabbit Hole
https://community.riskiq.com/article/6f60db72
https://community.riskiq.com/article/6f60db72
Demo of Binance wallet theft using Accessibility services
Demo: https://twitter.com/LukasStefanko/status/1316275015889965056
Research: https://link.springer.com/chapter/10.1007/978-3-030-59817-4_2
Demo: https://twitter.com/LukasStefanko/status/1316275015889965056
Research: https://link.springer.com/chapter/10.1007/978-3-030-59817-4_2
Twitter
Lukas Stefanko
Demo of Binance wallet theft using Accessibility services Android PoC malware misuses accessibility to take control over device to withdraw Bitcoins without any user interaction. Binance swiftly fixed the issue. Research & video by @yonas_leguesse Paper:…
Malicious Mintegral SDK Leaks Data on Android
https://youtu.be/o79R4fr2cho
https://youtu.be/o79R4fr2cho
YouTube
Malicious Mintegral SDK Leaks Data on Android
For more information about SourMint, visit the research page (SourMint Malicious SDK Research - https://snyk.io/research/sour-mint-malicious-sdk/) and the Snyk blog page (SourMint: iOS remote code execution, Android findings, and community response - htt…
Hacking into Android in 32 seconds
https://youtu.be/aOWr6rWhsIs
https://youtu.be/aOWr6rWhsIs
👍1
Forwarded from The Bug Bounty Hunter
Hacking Android Apps with Frida
https://youtu.be/iMNs8YAy6pk
https://youtu.be/iMNs8YAy6pk
YouTube
Hacking Android Apps with Frida
Recording from Meta's security conference 2020 - Enjoy
GravityRAT: The spy returns
The cybercriminals added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github
https://securelist.com/gravityrat-the-spy-returns/99097/
The cybercriminals added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github
https://securelist.com/gravityrat-the-spy-returns/99097/
Securelist
GravityRAT: The spy returns
In 2018, researchers at Cisco Talos published a post on the spyware GravityRAT, used to target the Indian armed forces. The Indian Computer Emergency Response Team (CERT-IN) first discovered (the document is currently not available at this link, but is
👍1
Android Mobile Hacking Workshop
VIDEO: https://youtu.be/PMKnPaGWxtg
SLIDES: https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRIF4yDF4qmMY2qEelS1M7rI/edit#slide=id.p
VIDEO: https://youtu.be/PMKnPaGWxtg
SLIDES: https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRIF4yDF4qmMY2qEelS1M7rI/edit#slide=id.p
YouTube
Mobile Hacking Workshop - Community Day
This is the mobile hacking workshop I created for HackerOne's Community Day. Each ctf exercise is for learning purposes only and I don't condone any unethical buffoonery.
Workshop Slides:
https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRI…
Workshop Slides:
https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRI…
👍1
Awesome Android Security
Books, bug bounty, courses, tools, labs, talks, write-ups, cheat sheet, blogs
https://github.com/saeidshirazi/awesome-android-security
Books, bug bounty, courses, tools, labs, talks, write-ups, cheat sheet, blogs
https://github.com/saeidshirazi/awesome-android-security
GitHub
GitHub - saeidshirazi/awesome-android-security: A curated list of Android Security materials and resources For Pentesters and Bug…
A curated list of Android Security materials and resources For Pentesters and Bug Hunters - saeidshirazi/awesome-android-security
Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers (Safari, Yandex for Android, Opera Touch for iOS, UC Browser for Android, Opera Mini Android, RITS Browser and Bolt Browser iOS)
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
Miscellaneous Ramblings of a Cyber Security Researcher
Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers
Explore expert insights on pentesting/bug bounty hunting on this blog, your go-to resource for cutting-edge web security research.
HID attack against PC with Android
This is HID (Human Interface Device) attack against Windows 10, using Samsung S7 (HID) that downloads and executes Metasploit payload by hijacking its keyboard. The second Android device is running meterpreter listener and once payload is launched, device is owned
https://www.instagram.com/p/CGrXqKxg41l/
This is HID (Human Interface Device) attack against Windows 10, using Samsung S7 (HID) that downloads and executes Metasploit payload by hijacking its keyboard. The second Android device is running meterpreter listener and once payload is launched, device is owned
https://www.instagram.com/p/CGrXqKxg41l/
Instagram
Android Security & Hacking
Hacking PC with Android This is HID (Human Interface Device) attack against Windows 10, using Samsung S7 (HID) that downloads and executes Metasploit payload by hijacking its keyboard. The second Android device is running meterpreter listener and once payload…
New education article: all about attacks on Android implicit intents
https://blog.oversecured.com/Interception-of-Android-implicit-intents/
https://blog.oversecured.com/Interception-of-Android-implicit-intents/
News, Techniques & Guides
Interception of Android implicit intents
Explicit intents have a set receiver (the name of an app package and the class name of a handler component) and can be delivered only to a predetermined component (activity, receiver, service). With implicit intents, only certain