Preview: Hacking Android Smartphones with NFC Tags

Dear readers,

This edition is somewhat special, as it is being released just before New Year’s Eve. Instead of giving you a quick recap of every article, I would like to focus on this year and what we achieved. It’s been a very long road; every month we closely listened to your comments and suggestions, discussing potential directions for each edition. We wanted to always make sure that every article presented not only great quality but will serve as a resource for the future. After all, we all come from a different background, whether you are a beginner or advanced reader we always aim to have content for every group. All topics in every edition are influenced by you, our dear reader. Don’t forget that, because your constant support is the main motivation for our whole team to do better, to present you with more interesting approaches, to meet your expectations. And I hope we achieved that.

In this December edition, we have miscellaneous articles, each representing a different area from hacking. I hope that something will capture your attention! Thank you for being with us during this year! And if you are a new reader, I hope that you can start this New Year with something amazing that will inspire you!

Out with the old, in with the new: may you be happy the whole year through. Happy New Year!

Hakin9 Magazine

Editorial Team

---

>>If you want to buy this magazine click here <<

>>If you are a subscriber, download your magazine here<<

---

TABLE OF CONTENTS

---

Hacking Android Smartphones with NFC Tags

Carlos Bermejo, Pan Hui

The ubiquity of mobile devices permits billions of users to browse the web at any time, anywhere. Near Field Communication (NFC) appeared as a seamless and simple communication protocol between devices. Commercial services such as Android Pay and Apple Pay offer contactless payment methods that are spreading in more and more scenarios. However, we take risks while using NFC on Android devices; we can be hacked, and our privacy can be affected. In this article, we study the current vulnerabilities in the NFC-Android ecosystem. We conduct a series of experiments and we expose that with NFC, Android devices are vulnerable to URL/URI spoofing, bank/social network information hacking, and user’s device tracking via fingerprint and geo-location. It is important for the community to understand the problem and come up with a solution that can tackle these issues and inform the users about privacy awareness and risks on using these contactless services.

---

A walk down Telecom Security Testing on IP TVs

Samrat Das

IP TV is one of the emerging technologies that provides IP-based digital TV, video-on-demand, and streaming services over the Ethernet. An enhancement over IP TV is the “Fiber to the Home” (FTTx) and “Local Loop Unbundling” (LLU) enhancement. Most service providers offer this as a package referred to as triple play services including (Data, Voice and IPTV). The feature is served to home connections over a single broadband transmission medium. Let’s understand IP TV architecture with a simplified diagram of how the above discussed case of a single broadband line is leveraged.

---

Accurate De-Obfuscation and Analysis of PowerShell Malware

Davide Maiorca, Fabrizio Cara, Giorgio Giacinto

PowerShell is currently a widely-used technology to administer and manage Windows-based operating systems. However, it is also extensively used by malware vectors to execute payloads or drop additional malicious contents. Similar to other scripting languages used by malware, PowerShell attacks are challenging to analyze due to the extensive use of multiple obfuscation layers, which make the real malicious code hard to be unveiled. To the best of our knowledge, a comprehensive solution for properly de-obfuscating such attacks is currently missing. In this article, we present PowerDrive, an open-source, static and dynamic multi-stage de-obfuscator for PowerShell attacks. PowerDrive instruments the PowerShell code to progressively de-obfuscate it by showing the analyst the employed obfuscation steps.

---

Crippling Crypto-Ransomware

Jonathan Graham

This research seeks to expose a major weakness in Crypto-ransomware by modeling it as four integral sub-systems consisting of: an agent, a Command and Control Service (CNC), an anonymous payment channel (APC) and an obfuscated command channel (OCC). We will show that most modern countermeasures focus on either the agent or the CNC subsystems, usually in a reactive way, exposing the target to undue risk. However, by disrupting this fourth component – the Obfuscated Command Channel – we can proactively and safely defeat a wide variety of crypto-ransomware.

---

Cross Site Request Forgery (CSRF)

Hariharann R

This is an attack that will make the user perform some activities in the web application designed by hackers/cyber criminals. Additionally, the user will have no idea that he/she has been trapped since the application looks genuine. Here the intention of the attacker is to change the requests into a forged one and perform the action he/she is not intended to do. Behind his/her back, there could be a possibility of changing the information and gain advantage over the account.

---

Injection Techniques and Recommendations

Berlin Raja

A web application is a combination of client-server computer programs that use web technology to store/restore the information from the application database with the help of the internet. In simple terms, there will be a separate individual database for each website in order to store the collected information, like personal details, email IDs, passwords, card details etc., which can be retrieved quickly at any point of time.

---

How to Hack Wi-Fi: Capturing WPA Passwords with Fluxion

Souvik Mal

Fluxion is based on a script named Linset. There is not much difference between them. The main thing is that most of the bugs in Linset were fixed in Fluxion. This is one of the most advanced and powerful tools for Wi-Fi hacking so far.

---

Deep Learning For Face Recognition: A Critical Analysis

Andrew Shepley

Face recognition is a rapidly developing and widely applied aspect of biometric technologies. Its applications are broad, ranging from law enforcement to consumer applications, and industry efficiency and monitoring solutions. The recent advent of affordable, powerful GPUs and the creation of huge face databases has drawn research focused primarily on the development of increasingly deep neural networks designed for all aspects of face recognition tasks, ranging from detection and preprocessing to feature representation and classification in verification and identification solutions. However, despite these improvements, real-time, accurate face recognition is still a challenge, primarily due to the high computational cost associated with the use of Deep Convolutional Neural Networks (DCNN), and the need to balance accuracy requirements with time and resource constraints.

---

Quantum Authentication Protocols for GSM

Hassan Hassanabadi, Behzad Lari

Security deficiencies and bugs in Authentication of SIM cards in Global Systems for Mobile (GSM) have led us to present new protocols for these networks using the principles of quantum cryptography. In this article, first, we provide a protocol for detecting and removing a SIM card that has a copy, using three entangle particles source and quantum channel when the original SIM card and its copy are simultaneously logging in the mobile network. Then, another protocol based on the use of quantum memory (which is embedded in SIM card) is presented. Both of these protocols can be used to authenticate and remove the SIM card that has a copy.

---

Social Engineering: How to hack Humans

Shivam Lohani

The art of gathering sensitive information from a human being is known as social engineering. Technology has increased drastically in the past few years but the threat of social engineering is still a problem. Social engineering attacks are increasing day by day due to lack of awareness and knowledge. Social engineering is a really common practice to gather information and sensitive data through the use of mobile numbers, emails, SMS or direct approach. Social engineering can be really useful for the attacker if done in a proper manner. 'Kevin Mitnick' is the most renowned social engineer of all time. In this paper, we are going to discuss social engineering, its types, how it affects us and how to prevent these attacks. Also, many proofs of concept are also presented in this paper.