Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers – is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Exploring and Modifying Android and Java Applications for Security Research

Sometimes pentesters and security researchers need to modify existing Java application but have no access to its source. For example, it might be necessary to adjust the logic a bit to see how the application works in certain specific conditions....

Elephone P9000 Lock Screen Lockout Bypass

Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers employ scaling lockouts that progress into longer and longer periods between attempts and, if the user is security conscious, the device may wipe after 10 attempts. However...

Intercepting SSL And HTTPS Traffic With mitmproxy and SSLsplit

Looking for vulnerabilities in mobile applications and smart home devices presents multiple challenges. One of which is ability to intercept and edit encrypted communication between a device and the server it talks to. Knowing the content of communication is very...

Jailbreak Detection Methods

This post concludes our three-part series about mobile security. Today's post will outline some options for detecting jailbroken devices, should you choose to do so. Yesterday, we asked whether blocking an app's execution on jailbroken devices was worth it. Earlier...

Executing Apps on Jailbroken Devices

This post is part two of a three-part series about mobile security. Today's post will discuss the execution of apps on jailbroken devices. Yesterday, we described some vulnerabilities in iOS web browsers. Tomorrow, we'll explore detecting jailbroken devices. “App cannot...

Exploring and Exploiting iOS Web Browsers

Today we begin a three-post series about mobile security. We start with a discussion of vulnerabilities in iOS web browsers. Later this week we'll cover apps executing on jailbroken devices and the detection of jailbroken devices. While the release and...

Capturing Ghosts: Using inotify to defeat an Android DRM system

Apart from our typical application penetration testing engagements, clients sometimes come to us looking to test the resiliancy of various security mechanisms they want to apply to their applications. This was the case a few weeks ago when one of...

Touchlogging Part 3 - Final Thoughts

This is the third and final part on the subject of Touchlogging. I do recommend reading part one and part two before reading this final part. The previous parts described the technical details of the touchlogging attacks. In this part,...

Touchlogging Part 2 - Android

This is part two in my Touchlogging series, you can find part one here. In part one, I wrote a little bit about the background and how to intercept touch events on jailbroken iOS. This part will focus on Android....

Touchlogging Part 1 - iOS

Although there have been numerous articles posted, I thought I would write about my recent presentation at the RSA Conference on the subject of touchlogging. Since many people have asked, I got the term touchlogging from this paper. I do...

Custom Native Library Loader for Android

If you read my co-worker Neal Hindocha's recent post "Debugging Android Libraries using IDA" you notice he mentioned using a "custom library loader". We had used this on a recent mobile penetration test to have complete control over some home...

Debugging Android Libraries using IDA

During a recent test, I encountered a native JNI library used by an Android application. I needed to understand this library and what it did, so the first step was to load the library in IDA to see what it...

Wardrive, Raspberry Pi Style!

I purchased a Raspberry Pi a few weeks back. I found that I could power it, a WiFi card and a GPS from my 12000mah Li-Ion battery pack for about 12 hours. What a great way to explore with out...

Abusing the Android Debug Bridge

The android debug bridge (or ADB for short) is a valuable tool, it is what allows smart phone tinkerers unobstructed access to their device for customization. This said, the debug bridge has a major caveat of being too easily left...

Blackberry OS 10 BlackLists Batman and PoohBear

A Blackberry oriented website in the UK was the first to notice an interesting new feature in the most recent developer release of the Blackberry 10 OS. They found what looks like a list of one hundred and six blacklisted...

mDNS - Telling the world about you (and your device)

Luiz Eduardo ( @effffn ) and Rodrigo Montoro ( @spookerlabs ) have presented "Mobile Snitch - Devices telling the world about you" at conferences around the world. Today we share a bit about the mDNS protocol and how it impacts...

The Grey Line Between Feature and Vulnerability, iOS edition

I do a lot of Mobile Application Penetration testing for some of our largest clients. Mobile is the new sexiness and everybody wants in. This means that there is a lot of misunderstanding of how some of the technology works...

Using Mobile Applications for attacking Web Applications

This simple blog post was motivated by my desire to look at some mobile applications that I happen to use. I did not choose a specific methodology for testing mobile applications. What I did was to use some of my...

Smart Phone + Mail Server = Location Tracking

My last two posts have touched on the privacy perspective in relation to mobile applications. This post continues on with that privacy theme, however looking at the smart phone itself and how the constant polling to a mail server can...

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Trending Topics