Silent ServicesSilent Services | The quieter you become, the more you are able to hear. – Lao Tzu

[APP] Raider – A special use case backup tool ;-)

c0rnholio — Mon, 14 May 2012 21:39:28 +0000

Just finished the work on the initial release of Raider. Like I wrote in the last post this tool is inspired by p2p-adb from Kyle Osborn, so all creds go to him. This app requires root and adb installed on the device. You can find adb for arm7 here. I successfully tested Raider on my Xoom running Honeycomb 3.2 and on my Galaxy Tab running ICS. As target I used several rooted phones which all could be “backed up”.

This is the initial work I’ve done on this topic. The app is not threaded currently so if something goes wrong…

All backup files go to the devices sdcard (internal or external) and the filenames begin with raider-xxx.tar

Enjoy it and leave a comment if you like it (else just go ahead).

Grab it while it is on the play store

[Android] Work in progress: Raider – A phone to phone adb app based on @theKos’s idea

c0rnholio — Thu, 10 May 2012 07:33:29 +0000

Yesterday Kyle Osborn twitted a method to use adb on an android device with usb host to connect to another android device which has debugging enabled. The scripts he kindly made available (source available at github) look promising and I decide to write an app for exactly the purpose he posted about. I already started development but am currently unable to test as I’m on a business trip and don’t have enough gadgets with me to test (lack of usb-otg cable and second android device). Looks like in the future I’ll have to carry more luggage just in case stuff like this comes out again when I’m on the road.
However, expect a first beta to be out in a week when I’m back.

[Android] btCrawler – Bluetooth Diagnostic Tool for Android released today

c0rnholio — Wed, 14 Mar 2012 21:01:07 +0000

It’s done, finaly. I ported my Bluetooth Scanning Tool btCrawlerto Android. Sure, some features from the WinMo version are missing, but as time comes I will add more features to it.

So what is btCrawler and what can I do with it?

On startup a list of currently paired devices is shown. By touching a device entry a popup menu appears which lets you query sdp services or pair/unpair a device. There are three buttons at the top. The left lets you scan for devices arround you which are in discoverable mode. After devices have been found, you can again touch an entry and get the popup menu again. The middle button lets you change your device’s discoverable mode and make it visible to others for 300 second or make it invisible again. The right button shows you the list of currently paired devices again.

When you press the sdp query option in the popup menu a query for services will be performed for the chosen device and displayed in a popup.

I hope you enjoy this tool.

Cheers

Screenshots:

[Android] btPair – Bluetooth Pairing Helper released

c0rnholio — Fri, 02 Mar 2012 19:32:52 +0000

Today I released btPair for Android, a helper utility for pairing and unpairing surrounding visible bluetooth devices.

Why? U ask?

Ever sat in a rental car wanting to quickly pair your phone with the handsfree unit?
Ever bought some new BT equipment and wanted to pair ASAP?

In Android, managing bluetooth sucks. So I wrote this tool to quickly pair an unpair visible surrounding devices. If you start the tool and press scan you will be prompted with a list off visible devices and their current pairing state. Just click on a device to quickly pair or unpair with a device. A red or green icon shows the current pairing (I know, in reality it’s called bonding) state.

Enjoy

See a screenshot here.

[Android] HushSMS Full Version availabe

c0rnholio — Fri, 17 Feb 2012 17:26:12 +0000

I just published the first full version release of HushSMS for Android in the Android Marketplace. You can find it here.

For a full description of the program and all message types please visit: http://www.silentservices.de/HushSMS-Android.html

This is my first Android Software, so there might still be some bugs. If you find any please report them to me so I can make the software even better.

I suggest that you first install the free Lite version to check if your device is capable of sending the different message types. After that you can decide to buy the full version or just uninstall the Lite version again. Whatever you think, please rate the app in the market enad tell me your thoughts so I can improve it.

Cheers

[Android] HushSMS for Android is on it’s way

c0rnholio — Thu, 16 Feb 2012 15:10:51 +0000

Yesterday I published the demo version of the first release of HushSMS for Android to the market. Unfortunately and even with enough testing there was a bug that prevented the sent and delivered notifications from working properly for some messages.
In this demo there is a character limit of 30 per each message. This demo is to check if it works on your device. A full version will follow soon.

Demo version message types for fully supported devices (mainly all HTC with Sense UI):

- Normal SMS
- Flash SMS (Class0)
- WAP Push SI
- WAP Push SL
- MMSN (MMS Notification)
- MWIVA (Message Waiting Indicator Voice Activation = 1 new voice msg waiting)
- MWIVD (Message Waiting Indicator Voice DeActivation)

Demo version message types for partially supported devices:

- Normal SMS
- WAP Push SI
- WAP Push SL
- MMSN (MMS Notification)

The full version will add the following message types:

- PING (Type0)
- PING2

Check this blog for updates or follow me on twitter.

[iPhone] Authentication bug still present in iOS 4 (at least on my 3G)

c0rnholio — Tue, 04 Jan 2011 13:05:14 +0000

Maybe you all have read about the authentication bug found by Bernd Marienfeldt in May 2010. I tested this against my 3G after doing the upgrade to IOS4. It worked directly using libimobiledevice under my Backtrack installation (I don’t have plain Ubuntu here). Now I thought that the device is still vulnerable because I only did an upgrade and not a full recovery. So I did the full recovery and tested my iPwn against this vuln. Guess what, it’s still vulnerable!

I get asked by my customers every now and then why I do not recommend the iPhone in an enterprise environment. My default answer is:”Because it is vulnerable as hell and iPhone is the source of all evil!” They usually ask for demo or exploit and all I can tell them is that all exploits will be kept privately because they might have the potential to be used for an unlock or jailbreak. Now this is something worth for a short demo at the customer site… harhar

iPhone 3G and iOS4 annoyances…

c0rnholio — Tue, 04 Jan 2011 13:04:22 +0000

Short intro just to tell you WHY I got an iPhone: Well, about 2 month ago I’ve got an iPwn for security testings and such stuff. I held a presentation about iPwn (+droid) sec on our companies event “Integralis Security World 2010″ (slides are available for download, but they are in German).

I played around withit and believe me when I say I’m not an iPhone or iDevice (or Apple) Fanboy. The last 6 years I used WinMo devices mainly, but that’s another sad story…

That being said, I must admit that the iPhone is a nice device to play with. I never thougth I would use one because of this stupid apple policy of not beeing able to “legally” run whatever you want on it and because of not beeing able to “legally” use it the way I would. As I in fact don’t care about Apples stupidity, I’m happy to be able to jailbreak and unlock the phone (thx to the dev-team and George for their hard work!). Well done as said. I recently upgraded to IOS4 on my 3G, removed the jail and unleashed the baseband touse it with another provider (next time I will definately by an unlocked one). I then installed all my favority tools like Wifi Analyzer, Metasploit, nmap, etc…

After the IOS4 upgrade my 3G just started to become slow and sluggish. I had lags, low memory conditions missing config options (for APN settings, VPN option button, etc) and the worst: the battery drained about 2 times a day to zero. I googled a lot andfound that most of the users who upgraded experience the same results. I installed battery monitor software, process watchers, observed cpu usage with top but t no avail.

To make it short: the solution to all annoyances was to to a fresh recovery install of IOS4 and to not install my previous 3.1.3 backup. It was a long way to reconfigure all my options and to reinstall all of my tools but it was worth every second of it. The battery now lasts as long as before the upgrade and the device is fast and respnosive again. I have enough free mem and all of my config options like APN settings, tethering and VPN toggle are usable again. So to all folks out there having problems with their device after upgradeing to IOS4: Do a fresh full recovery and don’t install your old backups!

it’s done…the BLOG-MATRIX has me…

c0rnholio — Tue, 04 Jan 2011 13:02:20 +0000

I never thought i would, but things change and so here it is: my own blog.

What will the contents be? Well mostly I “plan” to write about IT security with the main focus on mobile devices.

Feel welcome and I hope you find some of the stuff that will be posted here useful.

Cheers,

c0rnholio

[Security Advisory] XSS and Content Injection in HTC Windows Mobile SMS

c0rnholio — Thu, 22 Apr 2010 09:19:44 +0000

XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp

Date: 22.04.2010

- Description
Windows Mobile shows message previews if configured to do so. Due to missing input validation the contents of a sms is not properly sanitized and interpreted as it is. This can lead to content injection and xss.

- Example
Send a sms with the following sample contents to a Windows Mobile based device which has message preview enabled:

1.
2.
3. You know waht you can do with that, find your own…

- Tested on
HTC Touch Pro 2, Windows Mobile 6.5
Other devices from HTC are vulnerable too

- Solution
Disable the “Show Message” Option in the notification settings, or if the device is from HTC install the supplied patch for your device (which does the same).

- Credits

The vulnerability was discovered by Michael Mueller from Integralis
michael#dot#mueller#at#integralis#dot#com

Inspired by the Palm WebOS SMS Hack by intrepidusgroup

- Timeline
22.04.2010 – Vulnerabilities discovered
22.04.2010 – Public release