PENTESTING WITH ANDROID – EXPLOITING SOFTWARE 06/12

Searching For Exploits, SCAPY Fuzzing
By Craig Wright

SCAPY is a series of python based scripts that are designed for network level packet manipulation. With it, we can sniff network traffic, interactively manipulate it, and fuzz services. More, SCAPY decodes the packets that it receives without interpreting them. The article is going into some of the fundamentals that you will need in order to understand the shellcode and exploit creation process, how to use Python as a launch platform for your shellcode and what the various system components are.

They Are Offline But I Exploited Them
By Bhaumik Merchant

Bhaumik will demonstrate a unique kind of communication technique between an attacker machine and victim machine during the exploitation of any victim system. In the general scenario, while an attacker exploits the remote system and gets the remote command prompt (remote shell), the attacker is only able to execute commands until the session from the remote machine is opened
(established). The article is going to show some ways by which an attacker can attack a remote victim without being online (attacker may or may not be online AND victim may or may not be online). To prevent direct communication between attacker and Victim we use an intermediate server (zombie) that’s up and running all time (24×7).

An In-Depth Analysis on Targeted Attacks
By Cris Pantanilla

Today, threats are not limited to malicious binary files attached to emails. Some people that are not aware of these attacks are usually victims of social engineering. Cybercriminals seems to mix and match exploits on different software that allow new ways of malware infection. You will learn a
basic analysis of a malware code embedded into a document. This Flash file exploit may be also embedded in Microsoft Word or Excel documents and may have different dropped files. Yet this learning may be applied to these new threats that are becoming more common in the wild.

Automated security audit of a web application
By Dominique Righetto

In most of the web application development projects, application security checks are only applied before first production release. This article reveals a tool that can be used to automate web application security check during the implementation lifecycle. This tool is called W3AF. Learn how to create a Python module named “detectClickjackingPreventionHeader.py”

Reverse Engineer Obfuscated
By Travis Altman

Obfuscation is simply a way of hiding something you don’t want others to know about. Typically
it goes “source code –> obfuscation –> hard to understand (garbage)”. This is a simple explanation
of obfuscation and some techniques are better than others. There are a handful of obfuscation
programs on the market that developers can use to hide their code. Travis will show you how the developer uses an obfuscation technique but this isn’t going to stop us from reversing the
program then modifying it to our content.

Cross Site Scripting(XSS)
By Badrish Dubey

Hosting your business web site? Are you curious about the Reputation of your business and website? Do you CARE about your website USERS? Then you must know about cross site scripting (XSS) and how it can dent your business and website’s reputation in market, so that you can take measures to protect your business, website and your users from XSS. Cross Site Scripting (XSS) has been rated 2nd in OWASP (Open Web Application Security Project) TOP 10 vulnerability list and 8th in the list of threat classification v2.0 for WASC (Web Application Security Consortium). XSS was firstly discovered around 1996 and is still in the top ten vulnerability list for the web applications.The most important reason for any XSS attacks is the ability of web browsers to execute different type of scripting languages, such as JavaScript, VB Script, Action Script etc. at the client side. Make sure you implement the proper prevention method starting from the DESIGN phase of the application and also take extra defense for your security wherever it is possible.

Implementing Rsylog to forward log messages on an IP network
By Lara Sanz

A very important function for our systems is keeping saved logs. This must be done to prevent the modification after an intrusion. To accomplish this, security policy should be set to keep the register
logs centralized on one server. In this article you will learn how to configure both the server, where you will send the register logs to save them, and the clients, which will send the logs. Additionally, you will learn to use templates to make a correct separation in your servers. To do this, we will use rsyslog. Rsyslog is an open source software product that uses the syslog protocol and follows the RFC-3195. Rsyslog allows you to send logs using the protocols TCP and UDP, accepting SSL/TLS, email alerting and sender lists and more. You will learn how to send logs from the client to the server using TCP, configure a log server for the reception of the logs using TCP and configure templates to make a correct separation of the logs in our server.

Weak Wi-Fi Security, Evil Hotspots and Pentesting with Android
By Dan Dieterle

Wireless networks and mobile Wi-Fi devices have saturated both the home front and business arena. The threats against Wi-Fi networks have been known for years, and though some effort has been made to lock down wireless networks, many are still wide open. In this article we will look at a few common Wi-Fi security misconceptions. We will also see how a penetration tester (or unfortunately, hackers) could set up a fake Access Point (AP) using a simple wireless card and redirect network users, capture authentication credentials and possibly gain full remote access to the client.
Finally we will look at the latest app for Android that allows you to turn your Wi-Fi smart phone or
tablet into a pentesting tool. With it you can scan your network for open ports, check for vulnerabilities, perform exploits, Man-in-the-Middle (MitM) attacks and even sniff network traffic on both your Wi-Fi network and wired LAN.