Forwarded from fs0c131y - Official Channel (Elliot Alderson)
Evolution of Android Binary Hardening https://cyber-itl.org/2019/12/16/android-evolution.html
Cyber Independent Testing Lab
Evolution of Android Binary Hardening
How has Google’s Android platform evolved with regards to build safey?
WhatsApp bug
Sending custom message WhatsApp application will crash in every phone that is a member of this group.
The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop.
https://research.checkpoint.com/2019/breakingapp-whatsapp-crash-data-loss-bug/
Video demo: https://youtu.be/u-sGONBNrwg
WhatsApp Manipulation Tool: https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint
Sending custom message WhatsApp application will crash in every phone that is a member of this group.
The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop.
https://research.checkpoint.com/2019/breakingapp-whatsapp-crash-data-loss-bug/
Video demo: https://youtu.be/u-sGONBNrwg
WhatsApp Manipulation Tool: https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint
Check Point Research
BreakingApp – WhatsApp Crash & Data Loss Bug - Check Point Research
The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop. Moreover, the user will not be able to return to thegroup and all the data that was written and shared in the group is now gone for good. The…
A Deep Dive Into Samsung's TrustZone (Part 2)
Various tools presented and developed that helped reverse engineere and exploit Trusted Applications as well as Secure Drivers
https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html
Various tools presented and developed that helped reverse engineere and exploit Trusted Applications as well as Secure Drivers
https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html
Quarkslab
A Deep Dive Into Samsung's TrustZone (Part 2) - Quarkslab's blog
In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.
Jailbreaking – Checkra1n Configuration #iOS
https://aboutdfir.com/jailbreaking-checkra1n-configuration/
https://aboutdfir.com/jailbreaking-checkra1n-configuration/
AboutDFIR - The Definitive Compendium Project
Jailbreaking - Checkra1n Configuration - AboutDFIR - The Definitive Compendium Project
In this installment, I felt that I should discuss how to use Checkra1n, and how to actually get into the device via 2 methods: localhost (tethered) and WiFi (untethered). This is not a blog to discuss how Checkra1n is doing, what it is doing, or what Checkm8…
Tested Ring’s Cameras Security
It making it much easier for hackers to reach cameras in peoples' homes
- no checks from unknown IP
- no captcha for bruteforcing
- doesn't show who is logged in, so hacker can sit silently via @josephfcox
https://www.vice.com/amp/en_us/article/epg4xm/amazon-ring-camera-security
It making it much easier for hackers to reach cameras in peoples' homes
- no checks from unknown IP
- no captcha for bruteforcing
- doesn't show who is logged in, so hacker can sit silently via @josephfcox
https://www.vice.com/amp/en_us/article/epg4xm/amazon-ring-camera-security
Vice
We Tested Ring’s Security. It’s Awful
Ring lacks basic security features, making it easy for hackers to turn the company's cameras against its customers.
How to decrypt iOS Signal database
https://github.com/Magpol/HowTo-decrypt-Signal.sqlite-for-IOS/blob/master/README.md
https://github.com/Magpol/HowTo-decrypt-Signal.sqlite-for-IOS/blob/master/README.md
GitHub
HowTo-decrypt-Signal.sqlite-for-IOS/README.md at master · Magpol/HowTo-decrypt-Signal.sqlite-for-IOS
Decrypt signal.sqlite IOS. Contribute to Magpol/HowTo-decrypt-Signal.sqlite-for-IOS development by creating an account on GitHub.
TikTok app had virtually all privacy features disabled by default
https://www.billboard.com/articles/business/legal-and-management/8545568/tiktok-class-action-lawsuit-child-privacy
https://www.billboard.com/articles/business/legal-and-management/8545568/tiktok-class-action-lawsuit-child-privacy
Billboard
TikTok Hit With Class-Action Lawsuit Over Child Privacy Violations
TikTok is the subject of a new class-action lawsuit that accuses the video-sharing app of failing to protect children.
Reverse Engineering Resource Collection including Android & iOS
3000+ open source tools, ~600 blog posts.
https://github.com/alphaSeclab/awesome-reverse-engineering/blob/master/Readme_en.md
3000+ open source tools, ~600 blog posts.
https://github.com/alphaSeclab/awesome-reverse-engineering/blob/master/Readme_en.md
GitHub
awesome-reverse-engineering/Readme_en.md at master · alphaSeclab/awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos) - alphaSeclab/awesome-rever...
Forwarded from The Bug Bounty Hunter
Android Smartphone manufacturer #OnePlus launches an official 'Bug Bounty Program' with rewards up to $7000 for reporting security vulnerabilities.
security.oneplus.com/index.html
Special cases: up to $7,000
Critical: $750 - $1,500
High: $250 - $750
Medium: $100 - $250
Low: $50 - $100
security.oneplus.com/index.html
Special cases: up to $7,000
Critical: $750 - $1,500
High: $250 - $750
Medium: $100 - $250
Low: $50 - $100
Android Root Detection Bypass By Manual Code Manipulation (repacking)
https://medium.com/@sarang6489/root-detection-bypass-by-manual-code-manipulation-5478858f4ad1
https://medium.com/@sarang6489/root-detection-bypass-by-manual-code-manipulation-5478858f4ad1
Medium
Root Detection Bypass By Manual Code Manipulation.
Root Detection Bypass Manually
BFU Extraction: Forensic Analysis of Locked and Disabled iPhones
https://blog.elcomsoft.com/2019/12/bfu-extraction-forensic-analysis-of-locked-and-disabled-iphones/
https://blog.elcomsoft.com/2019/12/bfu-extraction-forensic-analysis-of-locked-and-disabled-iphones/
ElcomSoft blog
BFU Extraction: Forensic Analysis of Locked and Disabled iPhones
We have recently updated Elcomsoft iOS Forensic Toolkit, adding the ability to acquire the file system from a wide range of iOS devices. The supported devices include models ranging from the iPhone 5s through the iPhone X regardless of the iOS version; more…
Forwarded from The Bug Bounty Hunter
Full Account Takeover (Android Application)
https://medium.com/@vbharad/full-account-takeover-android-application-78fa922f78c5
https://medium.com/@vbharad/full-account-takeover-android-application-78fa922f78c5
Medium
Full Account Takeover (Android Application)
Introduction :
Forwarded from The Bug Bounty Hunter
Android Root Detection Bypass Using Objection and Frida Scripts
https://medium.com/@GowthamR1/android-root-detection-bypass-using-objection-and-frida-noscripts-d681d30659a7
https://medium.com/@GowthamR1/android-root-detection-bypass-using-objection-and-frida-noscripts-d681d30659a7
Medium
Android Root Detection Bypass Using Objection and Frida Scripts
This article is a follow up to the previous article. If you guys haven’t checked it out, feel free to visit it.
👍1
Analysis of ToTok iOS application from App Store
-checkra1n
-iProxy
-Frida
https://objective-see.com/blog/blog_0x52.html
-checkra1n
-iProxy
-Frida
https://objective-see.com/blog/blog_0x52.html
objective-see.org
Mass Surveillance, is an (un)Complicated Business
triaging a massively popular iOS application, with a dark side
Android Malware Scoring System
An Obfuscation-Neglect Android Malware Scoring System
https://github.com/quark-engine/quark-engine
An Obfuscation-Neglect Android Malware Scoring System
https://github.com/quark-engine/quark-engine
GitHub
GitHub - ev-flow/quark-engine: Quark Agent - Your AI-powered Android APK Analyst
Quark Agent - Your AI-powered Android APK Analyst. Contribute to ev-flow/quark-engine development by creating an account on GitHub.
Checkra1n Era - Ep 5 - Automating extraction and processing
https://blog.digital-forensics.it/2019/12/checkra1n-era-ep-5-automating.html
https://blog.digital-forensics.it/2019/12/checkra1n-era-ep-5-automating.html
blog.digital-forensics.it
Checkra1n Era - Ep 5 - Automating extraction and processing (aka "Merry Xmas!")
DFIR research
Total mobile surveillance
Your smartphone can broadcast your exact location thousands of times per day, through hundreds of apps, instantaneously to dozens of different companies. Each of those companies has the power to follow individual mobile phones wherever they go, in near-real time.
https://www.nytimes.com/interactive/2019/12/21/opinion/location-data-privacy-rights.html
Your smartphone can broadcast your exact location thousands of times per day, through hundreds of apps, instantaneously to dozens of different companies. Each of those companies has the power to follow individual mobile phones wherever they go, in near-real time.
https://www.nytimes.com/interactive/2019/12/21/opinion/location-data-privacy-rights.html
Nytimes
Opinion | Total Surveillance Is Not What America Signed Up For (Published 2019)
Congress should take bold action to regulate the location data industry.