40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
How to attack (and secure) an Android app: An introduction
Presentation: https://www.droidcon.com/2023/07/31/how-to-attack-and-secure-an-android-app-an-introduction/
CTF apk: https://github.com/badolphi/droidcon-berlin
Slides: https://github.com/badolphi/droidcon-berlin/blob/main/Presentation.pdf
Android SpyNote continues to attack financial institutions distributing via fake SMS messages
https://www.cleafy.com/cleafy-labs/spynote-continues-to-attack-financial-institutions
APT Bahamut Targets Individuals with Android Malware Using Spear Messaging
https://www.cyfirma.com/outofband/apt-bahamut-targets-individuals-with-android-malware-using-spear-messaging/
Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns
https://www.trendmicro.com/en_us/research/23/g/cherryblos-and-faketrade-android-malware-involved-in-scam-campai.html
Mobile App Pentesting: AndroGOAT
Walk-through popular vulnerabilities such as Unprotected Android Components, Insecure data storage, SQL injection, XSS, file access via WebView, keyboard leaks, insecure logging, etc. https://infosecwriteups.com/mobile-pentesting-androgoat-assessment-walkthrough-1a63a7edc677
A guide that provides practical knowledge for understanding Android Smali code
Includes video demo and APK challenge
https://www.linkedin.com/pulse/android-static-analysis-fundamentals-smali-code-introduction
Writing your first Frida script for Android
https://labs.cognisys.group/posts/Writing-your-first-Frida-script-for-Android/
In details slides explaining exploitation of binder kernel use-after-free (UAF) vulnerability in the Android kernel (CVE-2022-20421) to achieves full kernel R/W
Affected devices: devices running Kernel version 5.4.x and 5.10.x
Slides: https://0xkol.github.io/assets/files/OffensiveCon23_Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
Research: https://0xkol.github.io/assets/files/Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
PoC: https://github.com/0xkol/badspin
Bypass Instagram and Threads SSL pinning on Android
You can download already patched APKs for none-rooted devices, patch APK using Python script yourself, or download Frida bypass script for rooted Android
https://github.com/Eltion/Instagram-SSL-Pinning-Bypass
How to reverse engineer #Xamarin iOS and Android apps
Xamarin is open-source platform that allows to create cross platform apps for iOS, Android, and Windows using C#
https://www.appknox.com/security/xamarin-reverse-engineering-a-guide-for-penetration-testers
Analysis of WyrmSpy and DragonEgg Android spyware attributed to Chinese Espionage Group APT41
https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41
iOS Forensic Toolkit tips & tricks
https://blog.elcomsoft.com/2023/07/ios-forensic-toolkit-tips-tricks/
Finding the Entrypoint of iOS Apps in Ghidra
In video tutorial we extract the components of an iOS application and learn how to find the entrypoint using Ghidra to start reverse engineering
https://youtu.be/mLDsIMXafP4
Letscall – new sophisticated Vishing toolset consists of three malicious stages
https://www.threatfabric.com/blogs/letscall-new-sophisticated-vishing-toolset
The Turkish Government Masqueraded Site Distributing Android RAT
https://blog.cyble.com/2023/07/10/the-turkish-government-masqueraded-site-distributing-android-rat/
Advanced Frida Usage Part 4 – Sniffing location data from locations in iOS
https://8ksec.io/advanced-frida-usage-part-4-sniffing-location-data-from-locationd-in-ios/
NetHunter Hacker V: How to use MAC Changer, KeX and setup USB Arsenal
https://www.mobile-hacker.com/2023/08/01/nethunter-hacker-v-how-to-use-mac-changer-kex-and-setup-usb-arsenal/
Analysis of Coper Android banking trojan dropper discovered on Google Play as "PDF ProView FManager"
themalwarebug/analysis-of-undetected-dropper-on-playstore-20bd6f064440" rel="nofollow">https://medium.com/@themalwarebug/analysis-of-undetected-dropper-on-playstore-20bd6f064440
NetHunter Hacker IV: Introduction to NetHunter system
In the blog you find out how to setup custom NetHunter commands, Kali services, install additional metapackages and wireless firmware for NetHunter
https://www.mobile-hacker.com/2023/07/27/nethunter-hacker-iv-introduction-to-nethunter-system/
Investigating SMS phishing text messages from scratch
https://blog.bushidotoken.net/2023/07/investigating-sms-phishing-text.html
Recent leaked source code of Android banking Trojan Hook
Leak contains build panel & APK source code.
Hook can VNC into victim device and using accessibility services automatically extract seed phrases from cryptocurrency wallets.
https://github.com/0xperator/hookbot_source
Tutorial on how to build NetHunter image for OnePlus 7 Pro
Kali NetHunter supports 89 Android models, however, offers to download up to 32 precompiled images.
Because of that, for 57 devices, users must manually build an installation image
https://www.mobile-hacker.com/2023/07/24/nethunter-hacker-iii-how-to-build-kali-nethunter-for-oneplus-7-pro/
Reverse Engineering Android game Coin Hunt World and its communication protocol to cheat the app. Bug reported and fixed
https://research.nccgroup.com/2023/05/31/reverse-engineering-coin-hunt-worlds-binary-protocol/
Android SpyNote attacks electric and water public utility users in Japan
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-spynote-attacks-electric-and-water-public-utility-users-in-japan/
Advanced Frida Usage Part 3 – Inspecting iOS XPC Calls
XPC is a type of IPC (InterProcess Communication) used on *OS
https://8ksec.io/advanced-frida-usage-part-3-inspecting-ios-xpc-calls/
How to root OnePlus 7 Pro and install Kali NetHunter with custom kernel
[blog] https://www.mobile-hacker.com/2023/07/18/how-to-install-kali-nethunter-on-rooted-oneplus-7-pro/
[video] https://youtu.be/nkiy5iwa6Vs
Bypassing advance root detections using Frida
Techniques learned from video:
-presence of SU binary
-SELinux policies
-mountinfo
-attr/prev
-looking for SU bin paths using Supervisor calls
Video: https://youtu.be/7KqPwxlA-00
Scripts and POCs: https://github.com/fatalSec/in-app-protections
Obfuscation in Mobile Apps https://speakerdeck.com/marcobrador/droidcon-berlin-2023-obfuscation-in-mobile-apps
Читать полностью…
How to install Kali NetHunter on rootless Android via Termux and how to set it up as a portable Kali Linux workstation
Blog: https://www.mobile-hacker.com/2023/07/11/nethunter-hacker-i-installation-of-rootless-kali-nethunter/
Video tutorial: https://youtu.be/fqaSEbaYkJQ
Android malware installed directly from a website can bypass "installation from untrusted sources" warning using WebAPK technology
WebAPK enables creation Android native apps from web applications
https://www.linkedin.com/pulse/using-webapk-technology-phishing-attacks-csirt-knf