40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Use TicWatch Pro as a Keystroke Injector
https://www.mobile-hacker.com/2024/07/18/ticwatch-pro-as-a-keystroke-injector/
Install NetHunter on TicWatch Pro after flashing factory firmware + troubleshooting
https://www.mobile-hacker.com/2024/07/17/install-nethunter-on-ticwatch-pro-after-flashing-factory-firmware/
TicWatch Pro: Returning to Factory Firmware
If you messed up while rooting and installing NetHunter, you can always go back to stock ROM
https://www.mobile-hacker.com/2024/07/16/ticwatch-pro-returning-to-factory-firmware/
How to root and install NetHunter on TicWatch Pro and extend battery life
https://www.mobile-hacker.com/2024/07/15/how-to-install-nethunter-on-ticwatch-pro/
Analysis of the recent Android TangleBot malware sample
https://cryptax.medium.com/untangling-android-tanglebot-38a52cd8f420
OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen
[blog] https://www.recordedfuture.com/research/oilalpha-spyware-used-to-target-humanitarian-aid-groups
[pdf] https://go.recordedfuture.com/hubfs/reports/cta-2024-0709.pdf
Discovered Android Surveillanceware Targeting Middle Eastern Militaries
https://security.lookout.com/threat-intelligence/article/guardzoo-houthi-android-surveillanceware
The many meanings of "system app" in modern Android
https://rtx.meta.security/reference/2024/07/03/Android-system-apps.html
Transparent Tribe (aka APT 36, Operation C-Major) Android Spyware Targeting Gamers, Weapons Enthusiasts
https://www.sentinelone.com/labs/capratube-remix-transparent-tribes-android-spyware-targeting-gamers-weapons-enthusiasts/
Snowblind: A new Android malware abuses security feature to bypass security
Blog: https://promon.co/app-threat-reports/snowblind
Demo: https://youtu.be/zUqZQlQ0ZzQ?si=oZhSdfR1w_SlNjSA
Android Medusa (TangleBot) banking trojan reborn: A New Compact Variant Discovered
https://www.cleafy.com/cleafy-labs/medusa-reborn-a-new-compact-variant-discovered
Monitor file system changes using fsmon
▪️supports Linux, iOS, OS X, Android
▪️identify when are binaries loaded (root)
▪️get dropped payloads (root)
▪️identify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)
https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/
Mobile OAuth Attacks - iOS URL Scheme Hijacking Revamped
30 popular apps, vulnerable to attack in which any installed iOS app from the Apple App Store could perform an account takeover of victim users
https://evanconnelly.github.io/post/ios-oauth/
Exfiltrate WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability [video]
https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
iGoat Challenge Write up
Introduction
https://starkeblog.com/ios/appsec/2024/05/22/igoat-swift.html
APKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps
https://github.com/LucasFaudman/apkscan
Jailbreaking Rabbit R1 running RabbitOS
https://www.da.vidbuchanan.co.uk/blog/r1-jailbreak.html
Android & iOS mobile security cheatsheets
https://github.com/justmobilesec/Android-iOS-Cheat-Sheet/
I have created a dedicated WhatsApp channel with focus on Mobile offensive security, tools, tutorials, red team (without malware news)
Feel free to join and share:
https://whatsapp.com/channel/0029VabYeVdGOj9oBPNRMk3c
Posting in this channel will not be stopped or terminated
[For beginners] Introduction to Android Pentesting
https://owlhacku.com/introduction-to-android-pentesting/
Tiny hacking gadget is equipped with infrared, WiFi, and Bluetooth and easily fits in the palm of your hand | Evil Portal
https://www.mobile-hacker.com/2024/07/10/m5stickc-plus-2-running-nemo-firmware-wifi-evil-portal-attacks/
Kali NetHunter 101: Your Path to Mobile Ethical Hacking
A list of 16 blogs on how to install and use NetHunter and its tools such as KeX, Rubber Ducky, BadUSB, BadBT, WiFi hacking, Rogue AP, WPS & Bluetooth attacks, SET, MITMf, nmap, Metasploit...
https://www.mobile-hacker.com/2024/07/04/kali-nethunter-101-your-path-to-mobile-ethical-hacking/
BlueToolkit - automated Bluetooth vulnerability testing framework
✅Can test 43 exploits
✅Runs on rooted Android, which makes it a portable Bluetooth vulnerability scanner
✅It already helped to find 64 new vulnerabilities in 22 products
https://www.mobile-hacker.com/2024/07/02/uncover-bluetooth-vulnerabilities-with-bluetoolkit/
BADUnboxing: Automated Android unpacker
It works by locating and decompiling code inside the APK that is relevant to the unpacking process. Once Bad Unboxing detects packing, it automatically generates a new Java application based on the decompiled code
https://github.com/LaurieWired/BadUnboxing
Clone and emulate RFID access card in a second using Proxmark3 in a standalone mode
https://www.mobile-hacker.com/2024/06/26/rfid-hacking-with-proxmark3-cloning-emulating-and-standalone-mode/
SpyMax – An Android RAT targets Telegram Users
https://labs.k7computing.com/index.php/spymax-an-android-rat-targets-telegram-users/
Android Rafel RAT - from Espionage to Ransomware Operations campaigns - attributed to APT-C-35 / DoNot Team APT group
https://blog.checkpoint.com/research/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
NetHunter Hacker XVI: Metasploit payload generator in a pocket
https://www.mobile-hacker.com/2024/06/20/nethunter-hacker-xvi-metasploit-payload-generator-in-your-pocket/
Exploiting embedded mitel phones for unauthenticated remote code execution
Achieving a fully unauthenticated RCE exploit as root in a Mitel IP phone. Several 0-days were discovered which chained together gives the privilege of completely owning the phone
https://baldur.dk/blog/embedded-mitel-exploitation.html
Driving forward in Android drivers
Blog: https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
Presentation: https://archive.org/details/shmoocon2024/Shmoocon2024-SethJenkins-Driving_Forward_in_Android_Drivers.mp4
Proof of concept exploit code(CVE-2023-32832): https://bugs.chromium.org/p/project-zero/issues/detail?id=2470#c4