XSS & Command Injection in Android — MobileHackingLab ‘Post Board’ Write-up
https://ajmal-moochingal.medium.com/xss-command-injection-in-android-mobilehackinglab-post-board-write-up-ae9497829615
https://ajmal-moochingal.medium.com/xss-command-injection-in-android-mobilehackinglab-post-board-write-up-ae9497829615
Medium
XSS & Command Injection in Android — MobileHackingLab ‘Post Board’ Write-up
A lab that covers XSS in a WebView within Android which could be exploited by other apps in the device, combined with a Command Injection…
👍18🤡6❤1
Bigpanzi botnet infects 170,000 Android TV boxes with malware
https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/
https://blog.xlab.qianxin.com/bigpanzi-exposed-hidden-cyber-threat-behind-your-stb/
奇安信 X 实验室
Bigpanzi Exposed: The Hidden Cyber Threat Behind Your Set-Top Box
Background
Some time ago, we intercepted a dubious ELF sample exhibiting zero detection on VirusTotal. This sample, named pandoraspear and employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that…
Some time ago, we intercepted a dubious ELF sample exhibiting zero detection on VirusTotal. This sample, named pandoraspear and employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that…
👍13
MavenGate: a supply chain attack method for Java and Android applications
https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/
https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/
News, Techniques & Guides
Introducing MavenGate: a supply chain attack method for Java and Android applications
More recently, the cybersecurity community has seen numerous studies of supply chain attacks on Web apps.
👍14❤1
Getting Started with iOS Penetration Testing — Part 1: The Setup
https://sahil-security-nerd07.medium.com/getting-started-with-ios-penetration-testing-part-1-the-setup-e322c73ab9a0
https://sahil-security-nerd07.medium.com/getting-started-with-ios-penetration-testing-part-1-the-setup-e322c73ab9a0
Medium
Getting Started with iOS Penetration Testing, The Setup.
Introduction:
🔥19🥱5👍3❤1
2023_Mobile_Banking_Heists_Report.pdf
13.3 MB
Mobile Banking Heists Report 2023: 29 Malware Families Targeting 1,800 Mobile Banking Apps
👍18
Mobile malware analysis for the BBC of TeaBot (Anatsa) banking trojan impersonating PDF AI: Add-On app
https://www.pentestpartners.com/security-blog/mobile-malware-analysis-for-the-bbc/
https://www.pentestpartners.com/security-blog/mobile-malware-analysis-for-the-bbc/
Pentestpartners
Mobile malware analysis for the BBC | Pen Test Partners
This is a version of our report referenced in the Helping a mobile malware fraud victim blog post, with all sensitive information removed. Summary One malicious application was identified on the device, and evidence identified during the examination strong…
🔥5🤡4🙈3👍2👎2
PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install Metasploit without proper Bluetooth pairing (CVE-2023-45866). It still affects Android 10 and bellow.
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
Mobile Hacker
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing Mobile Hacker
[update 2024-02-19] This vulnerability can be even used to remotely wipe data of targeted Android smartphone. Using this vulnerability it is possible to guess user lock screen PIN. After five incorrect PINs device is locked out for 30 seconds. This operation…
👍19🔥10🤡5❤2
Hunting for Android Privilege Escalation with a 32 Line Fuzzer
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/
Levelblue
Hunting for Android Privilege Escalation with a 32 Line Fuzzer
Trustwave SpiderLabs tested a couple of Android OS-based mobile devices to conduct the research on privilege escalation scenarios.
👍7
Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application
https://www.cyfirma.com/outofband/pakistan-based-threat-actor-targets-indians-with-fake-loan-android-application/
https://www.cyfirma.com/outofband/pakistan-based-threat-actor-targets-indians-with-fake-loan-android-application/
CYFIRMA
Pakistan-based Threat Actor Targets Indians with Fake Loan Android Application - CYFIRMA
EXECUTIVE SUMMARY The team at CYFIRMA recently identified a pattern where unknown threat actors utilize Android malware to target individuals...
🤣18👍8👎5
Android-based PAX Technology Point of Sale (POS) vulnerabilities
CVE-2023-42133 - Reserved
CVE-2023-42134 - Signed partition overwrite and subsequently local code execution as root via hidden bootloader command
CVE-2023-42135 - Local code execution as root via kernel parameter injection in fastboot
CVE-2023-42136 - Privilege escalation from any user/application to system user via shell injection binder-exposed service
CVE-2023-42137 - Privilege escalation from system/shell user to root via insecure operations in systool_server daemon
CVE-2023-4818 - Bootloader downgrade via improper tokenization
https://blog.stmcyber.com/pax-pos-cves-2023/
CVE-2023-42133 - Reserved
CVE-2023-42134 - Signed partition overwrite and subsequently local code execution as root via hidden bootloader command
CVE-2023-42135 - Local code execution as root via kernel parameter injection in fastboot
CVE-2023-42136 - Privilege escalation from any user/application to system user via shell injection binder-exposed service
CVE-2023-42137 - Privilege escalation from system/shell user to root via insecure operations in systool_server daemon
CVE-2023-4818 - Bootloader downgrade via improper tokenization
https://blog.stmcyber.com/pax-pos-cves-2023/
STM Cyber Blog
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
In this article, we present details of 6 vulnerabilities on the Android POS devices made by the worldwide known company PAX Technology.
👍13
Android Deep Links & WebViews Exploitations Part I
https://medium.com/@justmobilesec/deep-links-webviews-exploitations-part-i-452e8aad124f
https://medium.com/@justmobilesec/deep-links-webviews-exploitations-part-i-452e8aad124f
Medium
Deep Links & WebViews Exploitations Part I
TLDR: This post is the first of a two-part series covering Deep Links & WebViews Exploitations. This article focuses on WebViews. It…
👍15
APK Obfucation Detection - detect code obfuscation through text classification in the detection process
https://github.com/liansecurityOS/apk-obfucation-detection
https://github.com/liansecurityOS/apk-obfucation-detection
GitHub
GitHub - liansecurityOS/apk-obfucation-detection: Detect code obfuscation through text classification in the detection process.
Detect code obfuscation through text classification in the detection process. - liansecurityOS/apk-obfucation-detection
👍18👎2❤1
Buffer-overflow in Android native code — MobileHackingLab ‘Notekeeper’ Write-up
https://ajmal-moochingal.medium.com/buffer-overflow-in-android-native-code-mobilehackinglab-notekeeper-write-up-4e7764be3c2a
https://ajmal-moochingal.medium.com/buffer-overflow-in-android-native-code-mobilehackinglab-notekeeper-write-up-4e7764be3c2a
Medium
Buffer-overflow in Android native code — MobileHackingLab ‘Notekeeper’ Write-up
Exploiting a Buffer-overflow bug in a native library function in an Android App to gain code execution.
🔥8👍5❤2
How to debug Android/iOS native library using GDB debugger?
https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb
https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb
Medium
How to debug Android/iOS native library using GDB debugger?
Hi Guys, after a long time, I am writing a new blog that will help you guys while performing Android/iOS penetration testing. I am going…
👍13
Exploit released for Android local privilege elevation (root) impacts several OEMs (APEX key reuse vulnerability CVE-2023-45779)
Info: Devices contained at least one preinstalled APEX signed only with AOSP test keys, for which anyone can produce an update
Write-up: https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html
Exploit: https://github.com/metaredteam/rtx-cve-2023-45779
Info: Devices contained at least one preinstalled APEX signed only with AOSP test keys, for which anyone can produce an update
Write-up: https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html
Exploit: https://github.com/metaredteam/rtx-cve-2023-45779
Meta Red Team X
Missing signs: how several brands forgot to secure a key piece of Android
We recently discovered that Android devices from multiple major brands sign APEX modules—updatable units of highly-privileged OS code—using private keys from Android’s public source repository. Anyone can forge an APEX update for such a device to gain near…
👍9🔥2❤1
Complete guide on how Bluetooth and BLE works
It also includes source code for a server and client Android apps that demonstrate the communication
https://proandroiddev.com/android-bluetooth-and-ble-the-modern-way-a-complete-guide-4e95138998a0
It also includes source code for a server and client Android apps that demonstrate the communication
https://proandroiddev.com/android-bluetooth-and-ble-the-modern-way-a-complete-guide-4e95138998a0
Medium
Android, Bluetooth and BLE the modern way: a complete guide
Bluetooth is an immensely fun technology to work with. Once you learn how to search for and communicate with devices, you will be surprised…
🔥11👍3
Twelve Android apps containing VajraSpy RAT used by the Patchwork APT group. Six of these apps had previously been available on Google Play; together they reached over 1,400 installs
https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/
https://www.welivesecurity.com/en/eset-research/vajraspy-patchwork-espionage-apps/
Welivesecurity
VajraSpy: A Patchwork of espionage apps
ESET researchers discovered several Android apps that posed as messaging tools but carried VajraSpy, a RAT used by the Patchwork APT group
👍10❤3
NetHunter Hacker XII: Master Social Engineering using SET
Explained SET attack vectors such as create e-mail template, site clone, credential harvester, mass mailer, Arduino attacks, web jacking attack.
Also how to fix common errors and attack prevention tips
https://www.mobile-hacker.com/2024/02/02/nethunter-hacker-xii-master-social-engineering-using-set/
Explained SET attack vectors such as create e-mail template, site clone, credential harvester, mass mailer, Arduino attacks, web jacking attack.
Also how to fix common errors and attack prevention tips
https://www.mobile-hacker.com/2024/02/02/nethunter-hacker-xii-master-social-engineering-using-set/
Mobile Hacker
NetHunter Hacker XII: Master Social Engineering using SET Mobile Hacker
Social engineering is a technique used by attackers to trick people into disclosing private information or doing activities that affect the security of a system or network. The Social-Engineer Toolkit (SET) is one of the most popular tools used in social…
👍19❤1
Hacking a Smart Home Device
Reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant
https://jmswrnr.com/blog/hacking-a-smart-home-device
Reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant
https://jmswrnr.com/blog/hacking-a-smart-home-device
James Warner
Hacking a Smart Home Device
How I reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant.
👍17
Analysis of Android settings during a forensic investigation
https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
blog.digital-forensics.it
Analysis of Android settings during a forensic investigation
DFIR research
👍14❤3
MobSF Remote code execution (via CVE-2024-21633)
https://github.com/0x33c0unt/CVE-2024-21633
https://github.com/0x33c0unt/CVE-2024-21633
GitHub
GitHub - 0x33c0unt/CVE-2024-21633: MobSF Remote code execution (via CVE-2024-21633)
MobSF Remote code execution (via CVE-2024-21633). Contribute to 0x33c0unt/CVE-2024-21633 development by creating an account on GitHub.
👍16🤯8👻1