Path traversal to RCE in Android — Mobile Hacking Lab ‘Document Viewer’ write-up
https://ajmal-moochingal.medium.com/path-traversal-to-rce-in-android-mobile-hacking-lab-document-viewer-write-up-ef9226aea1ac
https://ajmal-moochingal.medium.com/path-traversal-to-rce-in-android-mobile-hacking-lab-document-viewer-write-up-ef9226aea1ac
Medium
Path traversal to RCE in Android — Mobile Hacking Lab ‘Document Viewer’ write-up
During my preparation for eMAPT, I came across Mobile Hacking Lab — and their free hacking labs which I felt would help me for practice…
👍18
A PoC for the CVE-2023-32530, for iOS/MacOS from Operation Triangulation discovered by Kaspersky
- Tested on: iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max) and macOS 13.1 and 13.4 (MacBook Air M2 2022)
- Fixed in iOS 16.5.1 and macOS 13.4.1
https://github.com/felix-pb/kfd/blob/main/writeups/smith.md
- Tested on: iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max) and macOS 13.1 and 13.4 (MacBook Air M2 2022)
- Fixed in iOS 16.5.1 and macOS 13.4.1
https://github.com/felix-pb/kfd/blob/main/writeups/smith.md
GitHub
kfd/writeups/smith.md at main · felix-pb/kfd
kfd, short for kernel file denoscriptor, is a project to read and write kernel memory on Apple devices. - felix-pb/kfd
👍11🔥6❤4
MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords
https://cybernews.com/security/myestatepoint-property-search-app-data-leak/
https://cybernews.com/security/myestatepoint-property-search-app-data-leak/
Cybernews
Real estate Android app leaks user passwords
MyEstatePoint Property Search Android app leaks user passwords.
👍12😱4👏1
Portable Flipper Zero detector
Now you can detect any Flipper Zeros and BLE advertisement spam attacks in vicinity using Android Bluetooth LE Spam app
https://www.mobile-hacker.com/2024/01/09/how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks/
Now you can detect any Flipper Zeros and BLE advertisement spam attacks in vicinity using Android Bluetooth LE Spam app
https://www.mobile-hacker.com/2024/01/09/how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks/
👍11❤2
Analysis of iOS Info Stealer malware distributed via phishing website
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-2-the-ios-app-0529e7b45405
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-2-the-ios-app-0529e7b45405
Medium
Analysis of an Info Stealer — Chapter 2: The iOS App
Introduction
👍16
Android DeviceVersionFragment.java Privilege Escalation Exploit for Pixel Watch (CVE-2023-48418)
https://0day.today/exploit/denoscription/39237
https://0day.today/exploit/denoscription/39237
👍13
Financial Fraud APK Campaign targeting Chinese users
https://unit42.paloaltonetworks.com/malicious-apks-steal-pii-from-chinese-users/
https://unit42.paloaltonetworks.com/malicious-apks-steal-pii-from-chinese-users/
Unit 42
Financial Fraud APK Campaign
Drawing attention to the ways threat actors steal PII for financial fraud, this article focuses on a malicious APK campaign aimed at Chinese users.
👏12👍2
GrapheneOS: Frequent Android auto-reboots block firmware exploits
https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/
https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/
BleepingComputer
GrapheneOS: Frequent Android auto-reboots block firmware exploits
GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should introduce frequent auto-reboots to make it harder for forensic software vendors to exploit firmware flaws and spy…
👍17😁7❤3
Xiaomi HyperOS BootLoader Bypass
A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings
https://github.com/MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass#xiaomi-hyperos-bootloader-bypass
A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings
https://github.com/MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass#xiaomi-hyperos-bootloader-bypass
GitHub
GitHub - MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass: A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community…
A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings. - MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass
👍17👏3❤2
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating
https://blog.nviso.eu/2024/01/15/deobfuscating-android-arm64-strings-with-ghidra-emulating-patching-and-automating/
https://blog.nviso.eu/2024/01/15/deobfuscating-android-arm64-strings-with-ghidra-emulating-patching-and-automating/
NVISO Labs
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating
In a recent engagement I had to deal with some custom encrypted strings inside an Android ARM64 app. I had a lot of fun reversing the app and in the process I learned a few cool new techniques whic…
👍17
A lightweight method to detect potential iOS malware
https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/
https://securelist.com/shutdown-log-lightweight-ios-malware-detection-method/111734/
Securelist
Detecting iOS malware via Shutdown.log file
Analyzing Shutdown.log file as a lightweight method to detect indicators of infection with sophisticated iOS malware such as Pegasus, Reign and Predator.
👍9
XSS & Command Injection in Android — MobileHackingLab ‘Post Board’ Write-up
https://ajmal-moochingal.medium.com/xss-command-injection-in-android-mobilehackinglab-post-board-write-up-ae9497829615
https://ajmal-moochingal.medium.com/xss-command-injection-in-android-mobilehackinglab-post-board-write-up-ae9497829615
Medium
XSS & Command Injection in Android — MobileHackingLab ‘Post Board’ Write-up
A lab that covers XSS in a WebView within Android which could be exploited by other apps in the device, combined with a Command Injection…
👍18🤡6❤1
Bigpanzi botnet infects 170,000 Android TV boxes with malware
https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/
https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/
奇安信 X 实验室
Bigpanzi Exposed: The Hidden Cyber Threat Behind Your Set-Top Box
Background
Some time ago, we intercepted a dubious ELF sample exhibiting zero detection on VirusTotal. This sample, named pandoraspear and employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that…
Some time ago, we intercepted a dubious ELF sample exhibiting zero detection on VirusTotal. This sample, named pandoraspear and employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that…
👍13
MavenGate: a supply chain attack method for Java and Android applications
https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/
https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/
News, Techniques & Guides
Introducing MavenGate: a supply chain attack method for Java and Android applications
More recently, the cybersecurity community has seen numerous studies of supply chain attacks on Web apps.
👍14❤1
Getting Started with iOS Penetration Testing — Part 1: The Setup
https://sahil-security-nerd07.medium.com/getting-started-with-ios-penetration-testing-part-1-the-setup-e322c73ab9a0
https://sahil-security-nerd07.medium.com/getting-started-with-ios-penetration-testing-part-1-the-setup-e322c73ab9a0
Medium
Getting Started with iOS Penetration Testing, The Setup.
Introduction:
🔥19🥱5👍3❤1
2023_Mobile_Banking_Heists_Report.pdf
13.3 MB
Mobile Banking Heists Report 2023: 29 Malware Families Targeting 1,800 Mobile Banking Apps
👍18
Mobile malware analysis for the BBC of TeaBot (Anatsa) banking trojan impersonating PDF AI: Add-On app
https://www.pentestpartners.com/security-blog/mobile-malware-analysis-for-the-bbc/
https://www.pentestpartners.com/security-blog/mobile-malware-analysis-for-the-bbc/
Pentestpartners
Mobile malware analysis for the BBC | Pen Test Partners
This is a version of our report referenced in the Helping a mobile malware fraud victim blog post, with all sensitive information removed. Summary One malicious application was identified on the device, and evidence identified during the examination strong…
🔥5🤡4🙈3👍2👎2
PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install Metasploit without proper Bluetooth pairing (CVE-2023-45866). It still affects Android 10 and bellow.
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
Mobile Hacker
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing Mobile Hacker
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation…
👍19🔥10🤡5❤2
Hunting for Android Privilege Escalation with a 32 Line Fuzzer
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/
Levelblue
Hunting for Android Privilege Escalation with a 32 Line Fuzzer
Trustwave SpiderLabs tested a couple of Android OS-based mobile devices to conduct the research on privilege escalation scenarios.
👍7
Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application
https://www.cyfirma.com/outofband/pakistan-based-threat-actor-targets-indians-with-fake-loan-android-application/
https://www.cyfirma.com/outofband/pakistan-based-threat-actor-targets-indians-with-fake-loan-android-application/
CYFIRMA
Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application - CYFIRMA
EXECUTIVE SUMMARY The team at CYFIRMA recently identified a pattern where unknown threat actors utilize Android malware to target individuals...
🤣18👍8👎5
Android-based PAX Technology Point of Sale (POS) vulnerabilities
CVE-2023-42133 - Reserved
CVE-2023-42134 - Signed partition overwrite and subsequently local code execution as root via hidden bootloader command
CVE-2023-42135 - Local code execution as root via kernel parameter injection in fastboot
CVE-2023-42136 - Privilege escalation from any user/application to system user via shell injection binder-exposed service
CVE-2023-42137 - Privilege escalation from system/shell user to root via insecure operations in systool_server daemon
CVE-2023-4818 - Bootloader downgrade via improper tokenization
https://blog.stmcyber.com/pax-pos-cves-2023/
CVE-2023-42133 - Reserved
CVE-2023-42134 - Signed partition overwrite and subsequently local code execution as root via hidden bootloader command
CVE-2023-42135 - Local code execution as root via kernel parameter injection in fastboot
CVE-2023-42136 - Privilege escalation from any user/application to system user via shell injection binder-exposed service
CVE-2023-42137 - Privilege escalation from system/shell user to root via insecure operations in systool_server daemon
CVE-2023-4818 - Bootloader downgrade via improper tokenization
https://blog.stmcyber.com/pax-pos-cves-2023/
STM Cyber Blog
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
In this article, we present details of 6 vulnerabilities on the Android POS devices made by the worldwide known company PAX Technology.
👍13