β β β Uππ»βΊπ«Δπ¬πβ β β β
All about SS7 HACKING + GUIDE :
SigPloit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. SigPloit aims to cover all used protocols used in the operators interconnects SS7, GTP (3G), Diameter (4G) or even SIP for IMS and VoLTE infrastructures used in the access layer and SS7 message encapsulation into SIP-T. Recommendations for each vulnerability will be provided to guide the tester and the operator the steps that should be done to enhance their security posture
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Version 1: SS7
SigPloit will initially start with SS7 vulnerabilities providing the messages used to test the below attacking scenarios
A- Location Tracking
B- Call and SMS Interception
C- Fraud
Version 2: GTP
This Version will focus on the data roaming attacks that occur on the IPX/GRX interconnects.
Version 3: Diameter
This Version will focus on the attacks occurring on the LTE roaming interconnects using Diameter as the signaling protocol.
Version 4: SIP
This is Version will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. Also, SIP will be used to encapsulate SS7 messages (ISUP) to be relayed over VoIP providers to SS7 networks taking advantage of SIP-T protocol, a protocol extension for SIP to provide intercompatability between VoIP and SS7 networks
Version 5: Reporting
This last Version will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited.
BETA Version of SigPloit will have the Location Tracking attacks of the SS7 phase 1
Installation and requirements
Β»The requirements for this project are:
1) Python 2.7
2) Java version 1.7 +
3) sudo apt-get install lksctp-tools
4) Linux machine
https://github.com/SigPloiter/SigPloit
5) To run use
cd SigPloit
6) sudo pip2 install -r requirements.txt
7) python sigploit.py
β β β Uππ»βΊπ«Δπ¬πβ β β β
All about SS7 HACKING + GUIDE :
SigPloit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. SigPloit aims to cover all used protocols used in the operators interconnects SS7, GTP (3G), Diameter (4G) or even SIP for IMS and VoLTE infrastructures used in the access layer and SS7 message encapsulation into SIP-T. Recommendations for each vulnerability will be provided to guide the tester and the operator the steps that should be done to enhance their security posture
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Version 1: SS7
SigPloit will initially start with SS7 vulnerabilities providing the messages used to test the below attacking scenarios
A- Location Tracking
B- Call and SMS Interception
C- Fraud
Version 2: GTP
This Version will focus on the data roaming attacks that occur on the IPX/GRX interconnects.
Version 3: Diameter
This Version will focus on the attacks occurring on the LTE roaming interconnects using Diameter as the signaling protocol.
Version 4: SIP
This is Version will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. Also, SIP will be used to encapsulate SS7 messages (ISUP) to be relayed over VoIP providers to SS7 networks taking advantage of SIP-T protocol, a protocol extension for SIP to provide intercompatability between VoIP and SS7 networks
Version 5: Reporting
This last Version will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited.
BETA Version of SigPloit will have the Location Tracking attacks of the SS7 phase 1
Installation and requirements
Β»The requirements for this project are:
1) Python 2.7
2) Java version 1.7 +
3) sudo apt-get install lksctp-tools
4) Linux machine
https://github.com/SigPloiter/SigPloit
5) To run use
cd SigPloit
6) sudo pip2 install -r requirements.txt
7) python sigploit.py
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - SigPloiter/SigPloit: SigPloit: Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
SigPloit: Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP - SigPloiter/SigPloit
Forwarded from DailyCVE
Dailycve
Lms app crash bug error | CVE
Details:
The LMS app integrates h, the Hypothesis client, Via 3, and Via, so you will need to set up development environments for each of those before you can develop the LMS app.
The LMS app crashes if you post to its /welcome endpoint with missing params.β¦
The LMS app integrates h, the Hypothesis client, Via 3, and Via, so you will need to set up development environments for each of those before you can develop the LMS app.
The LMS app crashes if you post to its /welcome endpoint with missing params.β¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Google and its parent company have announced the formation of hundreds of staff unions.
#International
#International
Forwarded from DailyCVE
Dailycve
libproxy in ubuntu CVE-2020-26154 | CVE
Details:
libproxy - automatic proxy configuration management library
libproxy vulnerability 04 January 2021 libproxy could be made to crash or execute arbitrary code if it received a specially crafted file. Releases o Ubuntu 20.10 o Ubuntu 20.04 LTS o Ubuntuβ¦
libproxy - automatic proxy configuration management library
libproxy vulnerability 04 January 2021 libproxy could be made to crash or execute arbitrary code if it received a specially crafted file. Releases o Ubuntu 20.10 o Ubuntu 20.04 LTS o Ubuntuβ¦
Forwarded from UNDERCODE NEWS
In early 2021, Apple is scheduled to announce the first iPad Pro with a mini LED display.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
The fixed and mobile network inefficiencies have been formalized by Tiscali after attack.
#CyberAttacks
#CyberAttacks
Looking for more ecryption, a management tool for dnscrypt-proxy :
-Free
-Open source
https://simplednscrypt.org/
β β β Uππ»βΊπ«Δπ¬πβ β β β
-Free
-Open source
https://simplednscrypt.org/
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
This year, Apple will change the cash incentives for managers based on environmental principles.
#International
#International
Forwarded from UNDERCODE NEWS
The Russian hackers sells in darknet a program that allows you to distribute spam messages bypassing traffic and email protection.
#Malwares
#Malwares
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Pyongyang 2407 - Android ROM from North Korea, modified to run on WBW5511_MAINBOARD_P2 devices. Releases contains an archived ROM with all needed tools to boot DPRK Android on compatible hardware. β¦
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Check you can see the preloader of your device, this shows up very briefly on powering device without battery. It contains a simple download & boot from RAM backdoor that lets you run any .bin code to read/write/format the EMMC / NAND and SDMMC (which MT6582 boots from). It is provided by the "preloader" function.
1) [136466.320357] usb 1-5: new high-speed USB device number 48 using xhci_hcd
2) [136466.462845] usb 1-5: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice= 1.00
[136466.462853] usb 1-5: New USB device strings: Mfr=1, Product=2, SerialNumber=0
3) [136466.462858] usb 1-5: Product: MT65xx Preloader
4) [136466.462862] usb 1-5: Manufacturer: MediaTek
5) [136466.526864] cdc_acm 1-5:1.1: ttyACM0: USB ACM device
6) [136468.181907] usb 1-5: USB disconnect, device number 48
7) If you can see something similar to above in dmesg output and no ModemManager is running you can proceed.
load included jellybean (WBW5511GI_0202_T5752) based rom onto device, using SPFlashTool
8) Boot device, it will take a few minutes
root device - kingroot APK (works)
9) put data.ext4 and system.tar onto /sdcard via "adb push"
upload "gnutar" and "busybox-android" from this repo
"adb shell" and check "su" works
10) Install ROM νμ files
I made some modifications to the KCC files to work with the supplied ROM. For instance I have replaced missing kernel modules in "/usr/lib/modules" and created a compatible layout file with a new kernel image and clean boot loaders. you still need to manually overwrite "/system" and "/data" from a root shell. You must first remount both into rw mode from "adb shell" as root.
11) "mount -o rw,remount /system" "mount -o rw,remount /data"
You then want to "rm -rf /system/" and "/data/" but you cannot run "busybox-android" from "/sdcard" so you must ensure that it survives your "rm -rf" brutality. You are going to wipe important system files and replace them with the contents of the two tar files.
12) cp "busybox-android" and "gnutar" into a executable safe place such as /data.
13) wipe /system after remount rw with "rm -rf /system", run twice, some files will stick.
14) use supplied "gnutar" and PRESERVE PERMISSIONS with "gnutar -xvpf" and unpack system.tar /system
once you have /system unpacked, put busybox-android and gnutar in /system/xbin
15) now do the same "rm -rf /data/*" and "gnutar -xvpf" to /data with data.ext4
16) reboot
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Pyongyang 2407 - Android ROM from North Korea, modified to run on WBW5511_MAINBOARD_P2 devices. Releases contains an archived ROM with all needed tools to boot DPRK Android on compatible hardware. β¦
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Check you can see the preloader of your device, this shows up very briefly on powering device without battery. It contains a simple download & boot from RAM backdoor that lets you run any .bin code to read/write/format the EMMC / NAND and SDMMC (which MT6582 boots from). It is provided by the "preloader" function.
1) [136466.320357] usb 1-5: new high-speed USB device number 48 using xhci_hcd
2) [136466.462845] usb 1-5: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice= 1.00
[136466.462853] usb 1-5: New USB device strings: Mfr=1, Product=2, SerialNumber=0
3) [136466.462858] usb 1-5: Product: MT65xx Preloader
4) [136466.462862] usb 1-5: Manufacturer: MediaTek
5) [136466.526864] cdc_acm 1-5:1.1: ttyACM0: USB ACM device
6) [136468.181907] usb 1-5: USB disconnect, device number 48
7) If you can see something similar to above in dmesg output and no ModemManager is running you can proceed.
load included jellybean (WBW5511GI_0202_T5752) based rom onto device, using SPFlashTool
8) Boot device, it will take a few minutes
root device - kingroot APK (works)
9) put data.ext4 and system.tar onto /sdcard via "adb push"
upload "gnutar" and "busybox-android" from this repo
"adb shell" and check "su" works
10) Install ROM νμ files
I made some modifications to the KCC files to work with the supplied ROM. For instance I have replaced missing kernel modules in "/usr/lib/modules" and created a compatible layout file with a new kernel image and clean boot loaders. you still need to manually overwrite "/system" and "/data" from a root shell. You must first remount both into rw mode from "adb shell" as root.
11) "mount -o rw,remount /system" "mount -o rw,remount /data"
You then want to "rm -rf /system/" and "/data/" but you cannot run "busybox-android" from "/sdcard" so you must ensure that it survives your "rm -rf" brutality. You are going to wipe important system files and replace them with the contents of the two tar files.
12) cp "busybox-android" and "gnutar" into a executable safe place such as /data.
13) wipe /system after remount rw with "rm -rf /system", run twice, some files will stick.
14) use supplied "gnutar" and PRESERVE PERMISSIONS with "gnutar -xvpf" and unpack system.tar /system
once you have /system unpacked, put busybox-android and gnutar in /system/xbin
15) now do the same "rm -rf /data/*" and "gnutar -xvpf" to /data with data.ext4
16) reboot
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Why are features such as HDMI performance from FreeSync not built into the open source driver?
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Dynamic analysis of Android applications :
Deploying release candidate
This is a guide to get DroidBox running. The release has only been tested on Linux and Mac OS. If you do not have the Android SDK, download it from http://developer.android.com/sdk/index.html. The following libraries are required: http://www.scipy.org/PyLab'>pylab and http://matplotlib.sourceforge.net/'>matplotlib to provide visualization of the analysis result.
1) Export the path for the SDK tools
export PATH=$PATH:/path/to/android-sdk/tools/ export PATH=$PATH:/path/to/android-sdk/platform-tools/
2) Download necessary files and uncompress it anywhere wget http://droidbox.googlecode.com/files/DroidBox411RC.tar.gz
3) Setup a new AVD targeting Android 4.1.2 and choose Nexus 4 as device as well as ARM as CPU type by running: android
4) Start the emulator with the new AVD: ./startemu.sh <AVD name>
5) When emulator has booted up, start analyzing samples (please use the absolute path to the apk): ./droidbox.sh <file.apk> <duration in secs (optional)>
6) The analysis is currently not automated except for installing and starting packages. Ending the analysis is simply done by pressing Ctrl-C. A package will also be implemented soon to populate the emulator with data prior to performing analysis.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Dynamic analysis of Android applications :
Deploying release candidate
This is a guide to get DroidBox running. The release has only been tested on Linux and Mac OS. If you do not have the Android SDK, download it from http://developer.android.com/sdk/index.html. The following libraries are required: http://www.scipy.org/PyLab'>pylab and http://matplotlib.sourceforge.net/'>matplotlib to provide visualization of the analysis result.
1) Export the path for the SDK tools
export PATH=$PATH:/path/to/android-sdk/tools/ export PATH=$PATH:/path/to/android-sdk/platform-tools/
2) Download necessary files and uncompress it anywhere wget http://droidbox.googlecode.com/files/DroidBox411RC.tar.gz
3) Setup a new AVD targeting Android 4.1.2 and choose Nexus 4 as device as well as ARM as CPU type by running: android
4) Start the emulator with the new AVD: ./startemu.sh <AVD name>
5) When emulator has booted up, start analyzing samples (please use the absolute path to the apk): ./droidbox.sh <file.apk> <duration in secs (optional)>
6) The analysis is currently not automated except for installing and starting packages. Ending the analysis is simply done by pressing Ctrl-C. A package will also be implemented soon to populate the emulator with data prior to performing analysis.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Android Developers
Download Android Studio & App Tools - Android Developers
Android Studio provides app builders with an integrated development environment (IDE) optimized for Android apps. Download Android Studio today.
π΅Cross Site Request Forgery vulnerability in McAfee :
https://dailycve.com/cross-site-request-forgery-vulnerability-mcafee
https://dailycve.com/cross-site-request-forgery-vulnerability-mcafee
Forwarded from UNDERCODE NEWS
CES 2021 is going to open online soon. Intel will take the opportunity to warm up the desktop Core.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The Automation FOrensics Tool (AFOT) is an automation tool build in Python and used for Windows Forensics in order to combine the following tools:
> AnalyzePESig (http://didierstevens.com/files/software/AnalyzePESig_V0_0_0_2.zip)
> National Software Reference Library reduced set (http://www.nsrl.nist.gov/RDS/rds_2.52/rds_252m.zip)
>NSRL Tool (http://didierstevens.com/files/software/nsrl_V0_0_2.zip)
>VirusTotal Search Tool (http://didierstevens.com/files/software/virustotal-search_V0_1_2.zip)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/harris21/afot
2) cd https://github.com/harris21/afot
3) now run python afot.py in your terminal.
So the procedure is pretty straight-forward:
The user provides the path, which will be used to analyze all the executables included in those folders/subfolders.
AnalyzePESig looks for signed executables, whom certificate will soon be revoked.
AFOT will collect all the non-signed executables and cross-check them with NSRL's hashset database, using the NSRL tool.
Last but not least, if any hashes were found to be in NSRL's hashset database too, we cross-check those hashes with VirusTotal, using the VirusTotal Search tool.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The Automation FOrensics Tool (AFOT) is an automation tool build in Python and used for Windows Forensics in order to combine the following tools:
> AnalyzePESig (http://didierstevens.com/files/software/AnalyzePESig_V0_0_0_2.zip)
> National Software Reference Library reduced set (http://www.nsrl.nist.gov/RDS/rds_2.52/rds_252m.zip)
>NSRL Tool (http://didierstevens.com/files/software/nsrl_V0_0_2.zip)
>VirusTotal Search Tool (http://didierstevens.com/files/software/virustotal-search_V0_1_2.zip)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/harris21/afot
2) cd https://github.com/harris21/afot
3) now run python afot.py in your terminal.
So the procedure is pretty straight-forward:
The user provides the path, which will be used to analyze all the executables included in those folders/subfolders.
AnalyzePESig looks for signed executables, whom certificate will soon be revoked.
AFOT will collect all the non-signed executables and cross-check them with NSRL's hashset database, using the NSRL tool.
Last but not least, if any hashes were found to be in NSRL's hashset database too, we cross-check those hashes with VirusTotal, using the VirusTotal Search tool.
β β β Uππ»βΊπ«Δπ¬πβ β β β