Lesser-known Tools for Android Application PenTesting
-Magisk + modules
-DisableFlagSecure
-AdbManager
-ProxyDroid
-pidcat
-resize
https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html
-Magisk + modules
-DisableFlagSecure
-AdbManager
-ProxyDroid
-pidcat
-resize
https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html
Mobile Securit Framework (MobSF) v3 (released in December 2019)
-OWASP Mobile Top 10 2016 is supported
-iOS & Android Analysis improved
https://mobsf.github.io/Mobile-Security-Framework-MobSF/changelog.html
-OWASP Mobile Top 10 2016 is supported
-iOS & Android Analysis improved
https://mobsf.github.io/Mobile-Security-Framework-MobSF/changelog.html
Mobile Security Framework (MobSF)
v4.4.2 Changelog
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Android malware threats of December, 2019
Full list - https://skptr.me/malware_timeline_2019.html
Download samples - https://github.com/sk3ptre/AndroidMalware_2019
Full list - https://skptr.me/malware_timeline_2019.html
Download samples - https://github.com/sk3ptre/AndroidMalware_2019
GitHub
GitHub - sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
Popular Android threats in 2019. Contribute to sk3ptre/AndroidMalware_2019 development by creating an account on GitHub.
iOS Application Injection
https://arjunbrar.com/post/ios-application-injection
https://arjunbrar.com/post/ios-application-injection
You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you
https://www.nowsecure.com/blog/2020/01/02/how-to-conduct-jailed-testing-with-frida/
https://www.nowsecure.com/blog/2020/01/02/how-to-conduct-jailed-testing-with-frida/
Nowsecure
How to Conduct Jailed Testing with Frida - NowSecure
Recent enhancements to the Frida open-source toolkit greatly ease the process of conducting jailed testing. Learn the process of using Frida on a jailed device.
The recent Android Brazilian Banking Trojan - COYBOT
https://www.buguroo.com/en/blog/banking-malware-in-android-continues-to-grow.-a-look-at-the-recent-brazilian-banking-trojan-basbanke-coybot
https://www.buguroo.com/en/blog/banking-malware-in-android-continues-to-grow.-a-look-at-the-recent-brazilian-banking-trojan-basbanke-coybot
CyberTruck Challenge 2019 — Android CTF
https://medium.com/bugbountywriteup/cybertruck-challenge-2019-android-ctf-e39c7f796530
https://medium.com/bugbountywriteup/cybertruck-challenge-2019-android-ctf-e39c7f796530
Medium
CyberTruck Challenge 2019 — Android CTF
CyberTruck Challenge 2019 is a premier event to bring together a community of interest related to heavy vehicle cybersecurity issued and…
AirDoS: Spam all nearby iOS devices with the AirDrop share popup
https://kishanbagaria.com/airdos/
PoC: https://github.com/KishanBagaria/AirDoS
https://kishanbagaria.com/airdos/
PoC: https://github.com/KishanBagaria/AirDoS
Kishan Bagaria
AirDoS: Remotely render any nearby iPhone or iPad unusable
What if you could walk into a room and make every* iPhone or iPad unusable while you're there? Wait, that sounds evil. What if you could get that one annoying person off their iPhone who's always...
First Attack Exploiting CVE-2019-2215 (use-after-free vulnerability) Found on Google Play #SideWinder
https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/
https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/
Trend Micro
First Binder Exploit Linked to SideWinder APT Group
We found malicious apps that work together to compromise devices and collect user data. One of the apps, called Camero, exploits CVE-2019-2215, a flaw that exists in Binder. This is the first instance in the wild that exploits said UAF vulnerability.
What a interesting vulnerability in HockeyApp platform #Android #iOS #BugBounty
Leaked API key allowed:
-fetch internal employee contacts
-distribute #malware directly to devices of organization employees as internal app update
+PoC Metasploit scenario
https://www.allysonomalley.com/2020/01/06/saying-goodbye-to-my-favorite-5-minute-p1/
Leaked API key allowed:
-fetch internal employee contacts
-distribute #malware directly to devices of organization employees as internal app update
+PoC Metasploit scenario
https://www.allysonomalley.com/2020/01/06/saying-goodbye-to-my-favorite-5-minute-p1/
allysonomalley.com
Saying Goodbye to my Favorite 5 Minute P1
In this post, I’m going to reveal the fastest, easiest P1 that I’ve ever reported – multiple times! It’s the sort of oversight that seems so simple to avoid, but surprisingl…
CSRF + XSS + SMS spoofing + Android deep link URL redirection
Great example of chaining low impact vulnerabilities in #TikTok to remotely manipulate account content
-delete user video
-upload user video
-make "private" videos "public"
https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/
Great example of chaining low impact vulnerabilities in #TikTok to remotely manipulate account content
-delete user video
-upload user video
-make "private" videos "public"
https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/
AdFraud malware found on Google Play with 100K installs
https://www.evina.fr/a-malware-rises-to-the-top-applications-in-google-play-store/
https://www.evina.fr/a-malware-rises-to-the-top-applications-in-google-play-store/
www.evina.fr
A MALWARE RISES TO THE TOP APPLICATIONS IN GOOGLE PLAY STORE – Evina
Android smartphone - UMX U686CL - comes with preinstalled and unremovable malware.
Selling of this phone is funded by US government for lower income people.
https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/
Selling of this phone is funded by US government for lower income people.
https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/
Malwarebytes
United States government-funded phones come pre-installed with unremovable malware
A US-funded government assistance program is selling budget-friendly mobile phones that come pre-installed with unremovable malicious apps.
Forwarded from The Bug Bounty Hunter
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
projectzero.google
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project ZeroIntroductionThis is the first blog post in a three-part series...
Forwarded from The Bug Bounty Hunter
Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
Blogspot
Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass
Posted by Samuel Groß, Project Zero This post is the second in a series about a remote, interactionless iPhone exploit over iMessage.The f...
Forwarded from The Bug Bounty Hunter
Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
Blogspot
Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution
Posted by Samuel Groß, Project Zero This is the third and last post in a series about a remote, interactionless iPhone exploit over iMessa...
Joker Trojan Family history by Google
-tracked since 2017
-removed 1.7K unique apps before going public
-SMS fraud then WAP billing (as we know Joker now)
-at peak, 23 different Jokers submitted in one day to Google Play
https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html
-tracked since 2017
-removed 1.7K unique apps before going public
-SMS fraud then WAP billing (as we know Joker now)
-at peak, 23 different Jokers submitted in one day to Google Play
https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html
Google Online Security Blog
PHA Family Highlights: Bread (and Friends)
Posted by Alec Guertin and Vadim Kotov, Android Security & Privacy Team In this edition of our PHA Family Highlights series we introdu...
Memory corruption vulnerability in audio processing during a voice call in #WeChat app
Report includes PoC code + steps how to reproduce the bug
https://bugs.chromium.org/p/project-zero/issues/detail?id=1948
Report includes PoC code + steps how to reproduce the bug
https://bugs.chromium.org/p/project-zero/issues/detail?id=1948
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks
https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/
https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/
ZDNet
Academic research finds five US telcos vulnerable to SIM swapping attacks
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks.