20 Security Issues Found in Xiaomi Devices
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/
News, Techniques & Guides
20 Security Issues Found in Xiaomi Devices
π15π6π€―4π3π3
How to Improve Your Android & iOS Static Analysis with Nuclei!
https://medium.com/@justmobilesec/how-to-improve-your-android-ios-static-analysis-with-nuclei-d44f3daa9cee
https://medium.com/@justmobilesec/how-to-improve-your-android-ios-static-analysis-with-nuclei-d44f3daa9cee
Medium
How to Improve Your Android & iOS Static Analysis with Nuclei!
TL;DR: In this post, we will cover how to statically analyze Android and iOS applications using Nuclei. Weβll start:
π12β€3
Smart-sex-toy users targeted by Android trojan clicker
https://news.drweb.com/show/?i=14860&lng=en
https://news.drweb.com/show/?i=14860&lng=en
Dr.Web
Smart-sex-toy users targeted by clicker trojan
Virus analysts at Doctor Web uncovered an Android application containing a clicker trojan that silently opens advertising sites and clicks on webpages. Such trojans can be used to stealthily display ads, generate click fraud, sign up unsuspecting victimsβ¦
π©21π€‘11π5π5πΏ3π¨2
DNS traffic can leak outside the VPN tunnel on Android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
Mullvad VPN
DNS traffic can leak outside the VPN tunnel on Android | Mullvad VPN
We were recently made aware of multiple potential DNS leaks on Android. They stem from bugs in Android itself, and only affect certain apps.
π18π±5
Finland warns of Vultur Android malware attacks distributed via received SMS messages
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/
BleepingComputer
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
π₯10π3
Guided fuzzing for native Android libraries (using Frida & Radamsa)
https://knifecoat.com/Posts/Coverage+guided+fuzzing+for+native+Android+libraries+(Frida+%26+Radamsa)
https://knifecoat.com/Posts/Coverage+guided+fuzzing+for+native+Android+libraries+(Frida+%26+Radamsa)
KnifeCoat
Coverage guided fuzzing for native Android libraries (Frida & Radamsa) - KnifeCoat
Intro Recently I have been getting into userland application testing on Android. I want to credit Iddo and Jacob for their excellent course on attacking IM Applications which I took at zer0con. As a β¦
π₯21π2
Forwarded from The Bug Bounty Hunter
Flutter Windows Thick Client SSL Pinning Bypass
https://blog.souravkalal.tech/flutter-windows-thick-client-ssl-pinning-bypass-492389ae1218
https://blog.souravkalal.tech/flutter-windows-thick-client-ssl-pinning-bypass-492389ae1218
Medium
Flutter Windows Thick Client SSL Pinning Bypass
I recently worked on a Flutter-based application and learned that it is different from other hybrid frameworks like React Native orβ¦
π₯26π8β€1
Android Remote Access Trojan Equipped to Harvest Credentials
https://blog.sonicwall.com/en-us/2024/04/android-remote-access-trojan-equipped-to-harvest-credentials/
https://blog.sonicwall.com/en-us/2024/04/android-remote-access-trojan-equipped-to-harvest-credentials/
π16β€2
PoC for CVE-2024-27804, an iOS/macOS kernel vulnerability that leads to the execution of arbitrary code with kernel privileges
https://r00tkitsmm.github.io/fuzzing/2024/05/14/anotherappleavd.html
https://r00tkitsmm.github.io/fuzzing/2024/05/14/anotherappleavd.html
My interesting research.
CVE-2024-27804 Vulnerability in AppleAVD
https://github.com/R00tkitSMM/CVE-2024-27804
π19π3β€1
New Android Banking Trojan named Antidot Masquerades as Fake Google Play Updates
https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/
https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/
Cyble
New Antidot Trojan Disguised As Fake Google Play Updates
Discover the 'Antidot' Android Banking Trojan: a fake Google Play update that steals credentials using overlay attacks and remote control techniques.
π€11π3π2π€‘2π₯±2β€1
Mobile Malware Analysis of Android banking trojan Blackrock
https://8ksec.io/mobile-malware-analysis-part-7-blackrock/
https://8ksec.io/mobile-malware-analysis-part-7-blackrock/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Mobile Malware Analysis Part 7 β Blackrock - 8kSec
Read part - 7 of our mobile malware series to learn about Blackrock Malware and tricks it uses like messing with accessibility settings. Read more now!
β€19π4π₯±3π2π2
Fuzzing Android binaries using AFL++ Frida Mode
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
Medium
Fuzzing Android binaries using AFL++ Frida Mode
You might find this to be a fitting prologue to my earlier post on Creating and using JVM instances in Android C/C++ applicationsβ¦ and youβ¦
π14
Android Firedown Browser app allows a remote attacker to execute arbitrary JavaScript code via an implicit intent (CVE-2024-31974)
https://github.com/actuator/com.solarized.firedown/blob/main/CVE-2024-31974
https://github.com/actuator/com.solarized.firedown/blob/main/CVE-2024-31974
GitHub
com.solarized.firedown/CVE-2024-31974 at main Β· actuator/com.solarized.firedown
CVE-2024-31974. Contribute to actuator/com.solarized.firedown development by creating an account on GitHub.
π21π€¨4
Technical Analysis of Anatsa (a.k.a. TeaBot) Campaigns: An Android Banking Malware Active in the Google Play Store
https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google
https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google
Zscaler
Anatsa Campaign Technical Analysis | ThreatLabz
Explore how Anatsa distributes Android malware by using PDF and QR code reader decoys to lure victims through the Google Play store.
π15
PCTattletale stalkerware leaks victims' screen recordings to entire Internet
https://www.ericdaigle.ca/pctattletale-leaking-screen-captures/
https://www.ericdaigle.ca/pctattletale-leaking-screen-captures/
www.ericdaigle.ca
Eric Daigle
Eric Daigle' personal website
π14π±2
PS4 PPPwn Exploit: Using Android DroidPPPwn app it is possible to jailbreak PS4
Info: https://wololo.net/2024/05/28/ps4-pppwn-exploit-droidpppwn-port-to-android-phones-version-1-1/
DroidPPPwn: https://github.com/deviato/DroidPPPwn
Info: https://wololo.net/2024/05/28/ps4-pppwn-exploit-droidpppwn-port-to-android-phones-version-1-1/
DroidPPPwn: https://github.com/deviato/DroidPPPwn
Wololo.net
PS4 PPPwn Exploit: DroidPPPwn port to Android phones (version 1.1) - Wololo.net
Developer Deviato has released DroidPPPwn, a port of the PPPwn PS4 exploit to Android phones. It relies on the C++ port of the PPPwn exploit (and therefore is reasonably fast to run). As one...
π18π«‘5π±4π₯2
New dalvik bytecode disassembler and graph view
Blog: https://margin.re/2024/05/dalvik-disassembly/
Github: https://github.com/MarginResearch/dalvik
Blog: https://margin.re/2024/05/dalvik-disassembly/
Github: https://github.com/MarginResearch/dalvik
Margin Research
Disassembling Dalvik
In this post, we announce the release of a small library for disassembling Dalvik bytecode. This serves as a foundation for building static analysis tooling for Android applications and system services in Rust. Read on for an example graphview applicationβ¦
π19β€4
Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-bahrain-government-android-app-steals-personal-data-used-for-financial-fraud/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-bahrain-government-android-app-steals-personal-data-used-for-financial-fraud/
McAfee Blog
Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud | McAfee Blog
Authored by Dexter Shin Many government agencies provide their services online for the convenience of their citizens. Also, if this service could be
π₯18π4
Android Universal Root
Rooting Pixel 6 and 7 Pro running Android 13 π
Analysis and Exploitation of CVE-2023-20938 (exploit a use-after-free vulnerability to elevate privileges to root and disable SELinux)
[blog] https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
[slides] https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/offensivecon_24_binder.pdf
[PoC demo] https://www.youtube.com/watch?v=7qFb6RUHnnU
Rooting Pixel 6 and 7 Pro running Android 13 π
Analysis and Exploitation of CVE-2023-20938 (exploit a use-after-free vulnerability to elevate privileges to root and disable SELinux)
[blog] https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
[slides] https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/offensivecon_24_binder.pdf
[PoC demo] https://www.youtube.com/watch?v=7qFb6RUHnnU
Withgoogle
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 - Android Offensive Security Blog
At OffensiveCon 2024, the Android Red Team gave a presentation (slides) on finding and exploiting CVE-2023-20938, a use-after-free vulnerability in the Android Binder device driver. This post will provide technical details about this vulnerability and howβ¦
π20β€1π₯1
iOS 16.5.1 safari RCE Analysis (CVE-2023β37450)
[blog] https://medium.com/@enki-techblog/ios-16-5-1-safari-rce-analysis-cve-2023-37450-89bb8583bebc
[slides] https://www.synacktiv.com/sites/default/files/2024-05/escaping_the_safari_sandbox_slides.pdf
[blog] https://medium.com/@enki-techblog/ios-16-5-1-safari-rce-analysis-cve-2023-37450-89bb8583bebc
[slides] https://www.synacktiv.com/sites/default/files/2024-05/escaping_the_safari_sandbox_slides.pdf
Medium
Clobber the world β Endless side effect issue in Safari
Clobber the world β Endless side effect issue in Safari
π21
Becoming any Android app via Zygote command injection (CVE-2024-31317)
https://rtx.meta.security/exploitation/2024/06/03/Android-Zygote-injection.html
https://rtx.meta.security/exploitation/2024/06/03/Android-Zygote-injection.html
Meta Red Team X
Becoming any Android app via Zygote command injection
We have discovered a vulnerability in Android that allows an attacker with the WRITE_SECURE_SETTINGS permission, which is held by the ADB shell and certain privileged apps, to execute arbitrary code as any app on a device. By doing so, they can read and writeβ¦
π₯33π3β€1