40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
[For beginners] Introduction to Android Pentesting
https://owlhacku.com/introduction-to-android-pentesting/
Tiny hacking gadget is equipped with infrared, WiFi, and Bluetooth and easily fits in the palm of your hand | Evil Portal
https://www.mobile-hacker.com/2024/07/10/m5stickc-plus-2-running-nemo-firmware-wifi-evil-portal-attacks/
Kali NetHunter 101: Your Path to Mobile Ethical Hacking
A list of 16 blogs on how to install and use NetHunter and its tools such as KeX, Rubber Ducky, BadUSB, BadBT, WiFi hacking, Rogue AP, WPS & Bluetooth attacks, SET, MITMf, nmap, Metasploit...
https://www.mobile-hacker.com/2024/07/04/kali-nethunter-101-your-path-to-mobile-ethical-hacking/
BlueToolkit - automated Bluetooth vulnerability testing framework
✅Can test 43 exploits
✅Runs on rooted Android, which makes it a portable Bluetooth vulnerability scanner
✅It already helped to find 64 new vulnerabilities in 22 products
https://www.mobile-hacker.com/2024/07/02/uncover-bluetooth-vulnerabilities-with-bluetoolkit/
BADUnboxing: Automated Android unpacker
It works by locating and decompiling code inside the APK that is relevant to the unpacking process. Once Bad Unboxing detects packing, it automatically generates a new Java application based on the decompiled code
https://github.com/LaurieWired/BadUnboxing
Clone and emulate RFID access card in a second using Proxmark3 in a standalone mode
https://www.mobile-hacker.com/2024/06/26/rfid-hacking-with-proxmark3-cloning-emulating-and-standalone-mode/
SpyMax – An Android RAT targets Telegram Users
https://labs.k7computing.com/index.php/spymax-an-android-rat-targets-telegram-users/
Android Rafel RAT - from Espionage to Ransomware Operations campaigns - attributed to APT-C-35 / DoNot Team APT group
https://blog.checkpoint.com/research/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
NetHunter Hacker XVI: Metasploit payload generator in a pocket
https://www.mobile-hacker.com/2024/06/20/nethunter-hacker-xvi-metasploit-payload-generator-in-your-pocket/
Exploiting embedded mitel phones for unauthenticated remote code execution
Achieving a fully unauthenticated RCE exploit as root in a Mitel IP phone. Several 0-days were discovered which chained together gives the privilege of completely owning the phone
https://baldur.dk/blog/embedded-mitel-exploitation.html
Driving forward in Android drivers
Blog: https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
Presentation: https://archive.org/details/shmoocon2024/Shmoocon2024-SethJenkins-Driving_Forward_in_Android_Drivers.mp4
Proof of concept exploit code(CVE-2023-32832): https://bugs.chromium.org/p/project-zero/issues/detail?id=2470#c4
Five campaigns targeting Android users in Egypt and Palestine, most probably operated by the Arid Viper APT group. Three of the campaigns are active, distributing Android spyware AridSpy via dedicated websites
https://www.welivesecurity.com/en/eset-research/arid-viper-poisons-android-apps-with-aridspy/
DoS McAfee VPN app via deeplink
McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link (CVE-2024-34406)
https://www.mcafee.com/support/?articleId=000002403&page=shell&shell=article-view
Android (on device) fuzzing using AFL++ Frida Mode
Blog: https://knifecoat.com/Posts/Fuzzing+Redux%2C+leveraging+AFL%2B%2B+Frida-Mode+on+Android+native+libraries
AFL++ Frida Mode Build: https://github.com/FuzzySecurity/afl-frida-build
Becoming any Android app via Zygote command injection (CVE-2024-31317)
https://rtx.meta.security/exploitation/2024/06/03/Android-Zygote-injection.html
OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen
[blog] https://www.recordedfuture.com/research/oilalpha-spyware-used-to-target-humanitarian-aid-groups
[pdf] https://go.recordedfuture.com/hubfs/reports/cta-2024-0709.pdf
Discovered Android Surveillanceware Targeting Middle Eastern Militaries
https://security.lookout.com/threat-intelligence/article/guardzoo-houthi-android-surveillanceware
The many meanings of "system app" in modern Android
https://rtx.meta.security/reference/2024/07/03/Android-system-apps.html
Transparent Tribe (aka APT 36, Operation C-Major) Android Spyware Targeting Gamers, Weapons Enthusiasts
https://www.sentinelone.com/labs/capratube-remix-transparent-tribes-android-spyware-targeting-gamers-weapons-enthusiasts/
Snowblind: A new Android malware abuses security feature to bypass security
Blog: https://promon.co/app-threat-reports/snowblind
Demo: https://youtu.be/zUqZQlQ0ZzQ?si=oZhSdfR1w_SlNjSA
Android Medusa (TangleBot) banking trojan reborn: A New Compact Variant Discovered
https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered
Monitor file system changes using fsmon
▪️supports Linux, iOS, OS X, Android
▪️identify when are binaries loaded (root)
▪️get dropped payloads (root)
▪️identify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
Mobile OAuth Attacks - iOS URL Scheme Hijacking Revamped
30 popular apps, vulnerable to attack in which any installed iOS app from the Apple App Store could perform an account takeover of victim users
https://evanconnelly.github.io/post/ios-oauth/
Exfiltrate WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability [video]
https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
iGoat Challenge Write up
Introduction
https://starkeblog.com/ios/appsec/2024/05/22/igoat-swift.html
Operation Celestial Force employs mobile and desktop malware to target Indian entities (GravityRAT, HeavyLift)
https://blog.talosintelligence.com/cosmic-leopard/
QR code SQL injection and other vulnerabilities in a popular biometric terminal (CVE-2023-3938, CVE-2023-3939, CVE-2023-3940, CVE-2023-3941, CVE-2023-3942, CVE-2023-3943)
https://securelist.com/biometric-terminal-vulnerabilities/112800/
Wpeeper: New Android malware hides behind hacked WordPress sites
https://blog.xlab.qianxin.com/playing-possum-whats-the-wpeeper-backdoor-up-to/
GoldPickaxe exposed: How Group-IB analyzed the face-stealing iOS Trojan and how to do it yourself
https://www.group-ib.com/blog/goldpickaxe-ios-trojan/
iOS 16.5.1 safari RCE Analysis (CVE-2023–37450)
[blog] enki-techblog/ios-16-5-1-safari-rce-analysis-cve-2023-37450-89bb8583bebc" rel="nofollow">https://medium.com/@enki-techblog/ios-16-5-1-safari-rce-analysis-cve-2023-37450-89bb8583bebc
[slides] https://www.synacktiv.com/sites/default/files/2024-05/escaping_the_safari_sandbox_slides.pdf