Android Hacking

 

Dear Readers, 

Smartphone and mobile are powerful industries these days - and each year they become larger and have a bigger impact on our lives. Almost everyone has their own mobile device and because this topic is so important and current, we decided to dedicate this month’s issue to Android Hacking. Here’s what we prepared: 

We start off with Android for Pentesters and Networks, in which the author covers the best tools and techniques for mobile pentesting. Then we drift off to KaliNetHunter - For Those That Have Fear of Commitment - in this article you’ll learn how to use rootless Kali NetHunter on your mobile phone. 

In Mobile Threat Landscape the author discusses threats, mitigations and best practices in mobile security. Later on we have Introduction to Reverse Engineering of APKs - and the title speaks for itself. 

If you’re interested in mobile RATs, we also prepared a piece on Spynote - in this article the author covers the Spynote tool and presents examples of usage. You may also want to check out DIVA (Damn Insecure and Vulnerable Application) in which the authors present you the DIVA tool and cover all the techniques you can use it for. 

If you’re hungry for more offensive topics, we suggest you take a look at Build Your Own Malware, in which the author explains how to build a keylogger and a botnet, all in compliance with the principles of safety.  

But there’s more! We also prepared articles touching the topics of phishing, Dark Web, OSINT, vulnerability scanning - all the things that are becoming more and more important, especially during the pandemic. 

We hope this issue will help you learn something new and prepare for whatever and whoever is waiting to hack your smartphone. We would also like to send gratitude to our contributors, reviewers and proofreaders, who helped us create this unique issue!

Stay safe and enjoy!

Hakin9 Editorial Team

---

Table of Contents

Android for Pentesters and Networks

Ing. Julio Cesar Pérez Barbosa

Most of us have a smartphone, and many of us have an Android smartphone, which we have given many uses, including controlling smart homes, such as an electronic agenda, keeping an office on the device, using it as a portable computer to develop applications in different programming languages from the powerful Python, through C ++, among other programming languages, use it as a computer for video games, multimedia, etc., and even call by phone. On many occasions, we are outside of our work area and suddenly we are informed of a failure in our network or computer equipment, or in a server, and we do not have our computers at hand. On this occasion, I do not intend to deepen in forms, methods, procedures or to explain specific tools to be able to do certain daily tasks, but to show, in a very general way, what we can use to manage our networks or computers remotely.

---

Kali NetHunter - For Those That Have a Fear of Commitment 

Atlas Stark

Do you have a fear of commitment? Are you growing tired of the phrase “Got Root?”  Are you driving yourself mad with all of the root your phone tutorials and bad apps?  If you answered yes to any of these questions then this is the article for you.  Whether you are new to penetration testing or a veteran in the biz, you will find some valuable knowledge in this article and perhaps a new weapon to add to your arsenal.  After reading this article you will be able to pick up any stock device and get Kali NetHunter up and running.

---

Mobile Threat Landscape

Syed Peer

With the advent of the COVID-19 pandemic there are few things to be cheerful about. If anything, the pandemic has exposed the fragility of our systems and made us fearful of the stress and mental health inducing fatigue of the perpetual “lockdown state”. Thankfully being where we are on the technology curve (as opposed to the Spanish Flu era) organizations were able to scramble their teams and pull together required technologies to make remote working possible at scale. Maintaining a rigorous policy and implementing an appropriate MDM tool will shelter many from the dire risk factors that BYOD device users fall victim to. 

---

Introduction to Reverse Engineering of APKs

Joas Antonio dos Santos, Joao Paulo

Mobile applications are part of our daily lives, be it social networking applications, financial applications, delivery services and so on. But all technology has its vulnerabilities. To become a good mobile pentester, it is not enough just to know about tools, but about how an application works and how it behaves in the operating system, that is, understanding the architecture, be it IOS or Android. In this case, obtaining fundamentals will help a lot in your analysis and in the search for vulnerabilities. In addition, it is always good to consult guides and cheat sheets that help in this aspect and to practice a lot.

---

Spynote

Mayukh Paul 

SpyNote Q 2021 is an Android Remote Access Trojan (RAT) developed by Redmask. This article is a quick guide to this tool, with lots of screenshots, examples of usage and presentation of all of the Spynote abilities. 

---

DIVA (Damn Insecure and Vulnerable Application)

Aarohi Mangal, dr Akashdeep Bhardwaj

What is DIVA? What is it used for? DIVA stands for Damn Insecure and Vulnerable Application. DIVA is the application developed by Payatu. Like bWAPP, DVWA is for web application, it is also developed for practicing purposes. It is intentionally made vulnerable to make developers, testers, security professionals, etc., familiar with the most commonly found bugs/flaws in the application. In this article, we will solve all the challenges provided by DIVA.

---

Build Your Own Malware

Adrian Rodriguez Garcia

Today, we can read all kinds of news about security incidents related to malware. It has become one of the main threats in the world of cybersecurity. For this reason, it is very important to know the main characteristics of malware and its different functionalities. In this article, we will introduce the world of malware and how to build your own keylogger in a basic way and with simple tools.

---

Rogue - Hackers, RAT and "Marketing" on the Dark Web

Felipe Hifram

It is a fact that nowadays many cyber criminals expose their achievements in forums via the dark web, but I swear to you that in my years of experience with cybersecurity, I have never seen marketing as strong as I am seeing with RAT Rogue. Exactly one year ago, the Rogue RAT was leaked on an internet forum (dark web), but even after the leak, there was a lot of demand for the purchase of the malware. After learning about the entire process that led to the sale of this malware, it is clear how exposed mobile devices are today.

---

PHISH-ME-NOT - An Employee Phishing Simulator for Safeguarding Employees Against Phishing Attacks 

Prof. Keshav Kaushik, Dhruv Kandpal, Kirti Chhatwal, Arkaprava Tripathi, Ayushya Mathur

Phish-Me-Not aims at simulating a “real-world spear-phishing scenario” to train and test employees and their ability to differentiate between a legitimate email and a phishing attack. Companies looking to safeguard their employees against cyber criminals and hackers who want to disrupt and steal confidential/personal information about an organization can use this. This project was created in an attempt to replicate the purple-teaming approach to provide realistic assurance to the organization that is being tested. Phish-Me-Not demonstrates how adversaries go to great lengths in spoofing legitimate-looking emails and make use of tactics like social-engineering to compromise the victims and fulfil the purpose of the phishing attack.

---

Open-Source Intelligence – Utilising the Public Domain to Enhance Your Hacking Operations

Aaron Roberts

Open-Source Intelligence or OSINT (pronounced oh-sint) is the practice of finding information that is in the public domain ("open" sources) within an intelligence context. For example, you may have an engagement to penetration test (hack) into an organisation. One of the first steps to help you with doing that would be to conduct reconnaissance, and that's where OSINT can come in. This differs from closed-source or commercial products that provide intelligence. However, there are, of course, commercial tools that can help you with your OSINT investigations. For this article, we'll look at the various types of data and what they mean. I'll also provide you with some further resources that I think can really help you identify and research information.

---

Nuclei - A New Age Vulnerability Scanner

Shubham Garg

Nuclei is a template-based vulnerability scanner. What does that mean? It sends HTTP/DNS requests to the targeted host and checks for response to discovering Vulnerabilities in the target which is defined in nuclei-templates. Nuclei works on top of YAML files that are referred to as templates allowing users to define the behavior they are looking for in a readable format. There are many templates present currently in the nuclei-templates module, which is written mostly by community members. Nuclei offers great features to help a wide range of teams in an organization including security engineers,  pentesters, developers, and individuals like bug bounty hunters. Nuclei has rate limit controls so users can configure requests on the host accordingly.