Driving forward in Android drivers
Blog: https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
Presentation: https://archive.org/details/shmoocon2024/Shmoocon2024-SethJenkins-Driving_Forward_in_Android_Drivers.mp4
Proof of concept exploit code(CVE-2023-32832): https://bugs.chromium.org/p/project-zero/issues/detail?id=2470#c4
Blog: https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
Presentation: https://archive.org/details/shmoocon2024/Shmoocon2024-SethJenkins-Driving_Forward_in_Android_Drivers.mp4
Proof of concept exploit code(CVE-2023-32832): https://bugs.chromium.org/p/project-zero/issues/detail?id=2470#c4
projectzero.google
Driving forward in Android drivers - Project Zero
Posted by Seth Jenkins, Google Project ZeroIntroduction Android's open-source ecosystem has led to an incredible diversity of manufacturers and vendors ...
π23
π15β€2
This media is not supported in your browser
VIEW IN TELEGRAM
Exploiting embedded mitel phones for unauthenticated remote code execution
Achieving a fully unauthenticated RCE exploit as root in a Mitel IP phone. Several 0-days were discovered which chained together gives the privilege of completely owning the phone
https://baldur.dk/blog/embedded-mitel-exploitation.html
Achieving a fully unauthenticated RCE exploit as root in a Mitel IP phone. Several 0-days were discovered which chained together gives the privilege of completely owning the phone
https://baldur.dk/blog/embedded-mitel-exploitation.html
π19β€2π2
Exfiltrate WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability [video]
https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
Mobile Hacker
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability Mobile Hacker
With physical access to Android device with enabled ADB debugging running Android 12 or 13 before receiving March 2024 security patch, it is possible to access internal data of any user installed app by misusing CVE-2024-0044 vulnerability. Internal dataβ¦
π38β€2π2
NetHunter Hacker XVI: Metasploit payload generator in a pocket
https://www.mobile-hacker.com/2024/06/20/nethunter-hacker-xvi-metasploit-payload-generator-in-your-pocket/
https://www.mobile-hacker.com/2024/06/20/nethunter-hacker-xvi-metasploit-payload-generator-in-your-pocket/
Mobile Hacker
NetHunter Hacker XVI: Metasploit payload generator in your pocket
We will explore features of using Metasploit payload generator on NetHunter, and show you how to create and deliver custom payloads to Android smartphone
π30π―5
Mobile OAuth Attacks - iOS URL Scheme Hijacking Revamped
30 popular apps, vulnerable to attack in which any installed iOS app from the Apple App Store could perform an account takeover of victim users
https://evanconnelly.github.io/post/ios-oauth/
30 popular apps, vulnerable to attack in which any installed iOS app from the Apple App Store could perform an account takeover of victim users
https://evanconnelly.github.io/post/ios-oauth/
Evan Connelly
Mobile OAuth Attacks - iOS URL Scheme Hijacking Revamped
Summary
We (Julien Ahrens @MrTuxracer and myself @Evan_Connelly) identified nearly 30 popular apps, as well as a feature within iOS itself, vulnerable to an attack in which any installed iOS app from the Apple App Store could perform an account takeover ofβ¦
We (Julien Ahrens @MrTuxracer and myself @Evan_Connelly) identified nearly 30 popular apps, as well as a feature within iOS itself, vulnerable to an attack in which any installed iOS app from the Apple App Store could perform an account takeover ofβ¦
π15
Android Rafel RAT - from Espionage to Ransomware Operations campaigns - attributed to APT-C-35 / DoNot Team APT group
https://blog.checkpoint.com/research/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
https://blog.checkpoint.com/research/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
Check Point Blog
Rafel RAT, Android Malware from Espionage to Ransomware Operations - Check Point Blog
When it comes to mobile devices, Android is the most popular and used operating system with over 3.9 billion active users in over 190 countries.
π19πΎ3π1
Monitor file system changes using fsmon
βͺοΈsupports Linux, iOS, OS X, Android
βͺοΈidentify when are binaries loaded (root)
βͺοΈget dropped payloads (root)
βͺοΈidentify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
βͺοΈsupports Linux, iOS, OS X, Android
βͺοΈidentify when are binaries loaded (root)
βͺοΈget dropped payloads (root)
βͺοΈidentify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
Mobile Hacker
Monitoring Android file system with fsmon
FileSystem Monitor (fsmon) allows you to monitor file system events at runtime on Linux, OSX, iOS and Android systems. Useful for bug bounty hunters, malware analyst
π20β€2
SpyMax β An Android RAT targets Telegram Users
https://labs.k7computing.com/index.php/spymax-an-android-rat-targets-telegram-users/
https://labs.k7computing.com/index.php/spymax-an-android-rat-targets-telegram-users/
K7 Labs
SpyMax β An Android RAT targets Telegram Users
Threat actors are constantly working on novel ways to target users across the globe. This blog is about SpyMax, an [β¦]
π±19π1
Android Medusa (TangleBot) banking trojan reborn: A New Compact Variant Discovered
https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered
https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered
Cleafy
Medusa Reborn: A New Compact Variant Discovered | Cleafy Labs
Discover the latest insights from the Cleafy Threat Intelligence team on new fraud campaigns involving the Medusa (TangleBot) banking trojan. Learn about Medusa's sophisticated capabilities, recent updates, and shifts in distribution strategies targetingβ¦
π16β€1
Clone and emulate RFID access card in a second using Proxmark3 in a standalone mode
https://www.mobile-hacker.com/2024/06/26/rfid-hacking-with-proxmark3-cloning-emulating-and-standalone-mode/
https://www.mobile-hacker.com/2024/06/26/rfid-hacking-with-proxmark3-cloning-emulating-and-standalone-mode/
Mobile Hacker
RFID Hacking with Proxmark3: Cloning, Emulating, and Standalone Mode
Access cards β those little plastic rectangles that grant us entry to buildings, parking lots, and secure areas. But what if I told you that these cards can be cloned, and even emulated? Enter the Proxmark3, a powerful tool that opens doors (literally) toβ¦
π19β€6
Snowblind: A new Android malware abuses security feature to bypass security
Blog: https://promon.co/app-threat-reports/snowblind
Demo: https://youtu.be/zUqZQlQ0ZzQ?si=oZhSdfR1w_SlNjSA
Blog: https://promon.co/app-threat-reports/snowblind
Demo: https://youtu.be/zUqZQlQ0ZzQ?si=oZhSdfR1w_SlNjSA
promon.io
Snowblind Android Malware - Promon
π21β€4π€1
BADUnboxing: Automated Android unpacker
It works by locating and decompiling code inside the APK that is relevant to the unpacking process. Once Bad Unboxing detects packing, it automatically generates a new Java application based on the decompiled code
https://github.com/LaurieWired/BadUnboxing
It works by locating and decompiling code inside the APK that is relevant to the unpacking process. Once Bad Unboxing detects packing, it automatically generates a new Java application based on the decompiled code
https://github.com/LaurieWired/BadUnboxing
GitHub
GitHub - LaurieWired/BadUnboxing: Automated Android custom unpacker generator
Automated Android custom unpacker generator. Contribute to LaurieWired/BadUnboxing development by creating an account on GitHub.
π₯21π5π3π₯±2β€1π€‘1
Transparent Tribe (aka APT 36, Operation C-Major) Android Spyware Targeting Gamers, Weapons Enthusiasts
https://www.sentinelone.com/labs/capratube-remix-transparent-tribes-android-spyware-targeting-gamers-weapons-enthusiasts/
https://www.sentinelone.com/labs/capratube-remix-transparent-tribes-android-spyware-targeting-gamers-weapons-enthusiasts/
SentinelOne
CapraTube Remix | Transparent Tribeβs Android Spyware Targeting Gamers, Weapons Enthusiasts
SentinelLABS has identified four new CapraRAT APKs associated with suspected Pakistan state-aligned actor Transparent Tribe.
π18
BlueToolkit - automated Bluetooth vulnerability testing framework
β Can test 43 exploits
β Runs on rooted Android, which makes it a portable Bluetooth vulnerability scanner
β It already helped to find 64 new vulnerabilities in 22 products
https://www.mobile-hacker.com/2024/07/02/uncover-bluetooth-vulnerabilities-with-bluetoolkit/
β Can test 43 exploits
β Runs on rooted Android, which makes it a portable Bluetooth vulnerability scanner
β It already helped to find 64 new vulnerabilities in 22 products
https://www.mobile-hacker.com/2024/07/02/uncover-bluetooth-vulnerabilities-with-bluetoolkit/
Mobile Hacker
Uncover Bluetooth Vulnerabilities with BlueToolkit
BlueToolkit is designed to uncover both new and old vulnerabilities in Bluetooth-enabled devices. This makes it a capable tool for vulnerability research, penetration testing, and Bluetooth hacking
π32π4
The many meanings of "system app" in modern Android
https://rtx.meta.security/reference/2024/07/03/Android-system-apps.html
https://rtx.meta.security/reference/2024/07/03/Android-system-apps.html
Meta Red Team X
The many meanings of βsystem appβ in modern Android
Not all Android apps are created equal. The Settings app on an Android device, for example, can change numerous things that no βnormalβ app can, regardless of how many permissions that app requests. Apps with special privileges like Settings are often calledβ¦
π14β€1
Kali NetHunter 101: Your Path to Mobile Ethical Hacking
A list of 16 blogs on how to install and use NetHunter and its tools such as KeX, Rubber Ducky, BadUSB, BadBT, WiFi hacking, Rogue AP, WPS & Bluetooth attacks, SET, MITMf, nmap, Metasploit...
https://www.mobile-hacker.com/2024/07/04/kali-nethunter-101-your-path-to-mobile-ethical-hacking/
A list of 16 blogs on how to install and use NetHunter and its tools such as KeX, Rubber Ducky, BadUSB, BadBT, WiFi hacking, Rogue AP, WPS & Bluetooth attacks, SET, MITMf, nmap, Metasploit...
https://www.mobile-hacker.com/2024/07/04/kali-nethunter-101-your-path-to-mobile-ethical-hacking/
Mobile Hacker
Kali NetHunter 101: Your Path to Mobile Ethical Hacking
This is a recap of a complete NetHunter Hacker series where I covered various aspects of Kali NetHunter providing detailed insights, tutorials, and practical examples to help you harness its capabilities to its fullest potential. Quick video introductionβ¦
π₯27π8
Discovered Android Surveillanceware Targeting Middle Eastern Militaries
https://security.lookout.com/threat-intelligence/article/guardzoo-houthi-android-surveillanceware
https://security.lookout.com/threat-intelligence/article/guardzoo-houthi-android-surveillanceware
Lookout
Lookout discovers Houthi surveillanceware targeting Middle Eastern Military | Threat Intel
In October 2022, Lookout researchers initially discovered a surveillanceware that is still being used to target military personnel from Middle Eastern countries
π13
Tiny hacking gadget is equipped with infrared, WiFi, and Bluetooth and easily fits in the palm of your hand | Evil Portal
https://www.mobile-hacker.com/2024/07/10/m5stickc-plus-2-running-nemo-firmware-wifi-evil-portal-attacks/
https://www.mobile-hacker.com/2024/07/10/m5stickc-plus-2-running-nemo-firmware-wifi-evil-portal-attacks/
Mobile Hacker
M5StickC Plus 2 running Nemo firmware: WiFi evil portal attacks
The M5StickC Plus 2 is a compact, ESP32-based development board with built-in Wi-Fi, infrared and Bluetooth capabilities. When paired with the Nemo firmware, developed by 4x0nn, it becomes a powerful tool for high-tech pranks, wireless attacks, and creativeβ¦
π18β€5
OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen
[blog] https://www.recordedfuture.com/research/oilalpha-spyware-used-to-target-humanitarian-aid-groups
[pdf] https://go.recordedfuture.com/hubfs/reports/cta-2024-0709.pdf
[blog] https://www.recordedfuture.com/research/oilalpha-spyware-used-to-target-humanitarian-aid-groups
[pdf] https://go.recordedfuture.com/hubfs/reports/cta-2024-0709.pdf
Recordedfuture
OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen | Recorded Future
Discover how OilAlpha's malicious applications are targeting humanitarian aid groups in Yemen. Learn about their tactics and how to mitigate risks.
π9β€2
[For beginners] Introduction to Android Pentesting
https://owlhacku.com/introduction-to-android-pentesting/
https://owlhacku.com/introduction-to-android-pentesting/
π26π7π₯±4β€3π₯΄2π€ͺ2π₯1