Showing posts with label remotely access. Show all posts
Showing posts with label remotely access. Show all posts

Friday, April 16, 2021

New WhatsApp Vulnerabilities could have allowed Attackers to Hack Android Mobile Remotely

 

WhatsApp technical team recently addressed 2 security vulnerabilities in WhatsApp for Android. As per security researchers Remote attackers could have exploited these vulnerabilities to execute malicious code on a target device.

The flaws allow attackers to execute “man-in-the-disk” attacks that is possible when mobile apps use External Storage that is shared across all the applications. Attacker can manipulate certain data being exchanged between mobile app and the external storage

Census Labs researchers reported one of the two issues(CVE-2021-24027) and said “We will show how the two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions.”

“With the TLS secrets at hand, we will demonstrate how a man-in-the-middle (MitM) attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys used for end-to-end encryption in user communications.”




The CVE-2021-24027 vulnerability , in prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18, leverages Chrome's support in Android and this can allow an attacker with access to the device’s external storage to read cached TLS material. An attacker can send a specially-crafted HTML file to a victim over WhatsApp, which once opened in the victim’s browser, executes the attacker’s code contained in the HTML file.

"All an attacker has to do is lure the victim into opening an HTML document attachment. WhatsApp will render this attachment in Chrome, over a content provider, and the attacker's Javascript code will be able to steal the stored TLS session keys." Census Labs researcher Chariton Karamitas said.

“WhatsApp comes with a debugging mechanism that allows its development team to catch fatal errors happening in the wild during the first few days of a release. More specifically, if an OutOfMemoryError exception is thrown, a custom exception handler is invoked that collects System Information, WhatsApp Application Logs, as well as a dump of the Application Heap (collected using android.os.Debug::dumpHprofData). These are uploaded to crashlogs.whatsapp.net.”  As per report.

The attackers could purposefully throw the exception to force the data being sent to the server to intercept it.

Google has already addressed this vulnerability by introducing the “scoped storage” model in Android 10 that allows each app to access only their own app-specific cache files.

Remediation

The CVE-2021-24027 vulnerabilities were addressed by WhatsApp with the release of version 2.21.4.18.

WhatsApp users are recommended to use version 2.21.4.18 to rule out the risk associated with the vulnerability. When reached for a response, the company confirmed “The "keys" that are used to protect people's messages are not being uploaded to the servers and that the crash log information does not allow it to access the message contents.

Thursday, November 17, 2016

Hack Locked Computer using $5 Device (PoisionTap)



If you think that your computer is safe when it is locked with a strong password, then Samy Kamkar’s device PoisionTap will make you wrong. This cheap exploit tool takes just 30 seconds to install a privacy-invading backdoor into your computer.

PoisionTap, a tiny $5 Raspberry Pi Zero microcomputer loaded with Node.js code and attached to a USB adapter. Inventor has publicly released the source code to PoisionTap, so that any would-be hacker can try it out for themselves.

If you are a hacker and want to hack or get information of any of your coworker in your office. All you need is to plug this device in the target computer and wait. PoisonTap targets the victim’s browser cache and injects the malicious code there.

Once the hacking tool is recognized by the target machine, it is loaded as a low-priority network device that starts impersonating a new Ethernet connection and runs a DHCP request across it. The machine sends a DHCP request to the tool that in response tells it that the entire IPv4 address space is part of PoisonTap’s local network. In this way, the entire traffic it routed through the PoisonTap device before reaching the legitimate gateway to the Internet. With this trick, it intercepts all unencrypted Web traffic and steals any HTTP authentication cookies used to log into private accounts as well as sessions for the Alexa top 1 Million sites.

PoisonTap will give you an invisible position on the local network to connect to the intranet site and send data to a remote server. Now this computer will be in your control even after this tool is unplugged from the targeted computer. Since it uses siphons cookies, you can also hijack the target user's online accounts even they are secured with two-factor authentication (2FA).

Inventor says “it can also bypass many other security mechanisms, including same-origin policy (SOP), HttpOnly cookies, X-Frame-Options HTTP response headers, DNS pinning and cross-origin resource sharing (CORS). Whenever the websocket is open, the attacker can remotely send commands to the victim and force their browser to execute JavaScript code

There is no easy fix available for users as long as a web browser application is running in the background.





Tuesday, August 2, 2016

Take control of another computer

Things to need
Remote Pc’s Account Username And Password

<-- --="" method="">

1. Go tO COmmand Promt(press Windows+R and type cmd)
2. type cd\ (to go to main root Of C:)
3. type the command
c:\net use \\(Rempote PC’s Username i.e Amit)\ipc$ /u:Administrator
c:\net use \\Amit\ipc$ /u:Administrator(press Enter)
(Results of the above Command)
The Password Or Username Is Invalid For \\Amit\ipc$.
Enter The PassWord For “Administrator” tp connect to ‘Amit’:*****
The Command COmpleted Successfuly.
4. Press Window+R Write regedit To Enter RegsitryEditor.
5. Press Alt+F Then C.
6. Write Down The “Object’s Name”.Amit(Computer’s Username)then Press Enter.
(New Computer’s Registry Is Successsfully Accessed).
7. Just GO TO
Amit\HKEY_LOCAL_MACHINE\SFTWARE\Microsoft\Windows\TelnetServer\1.0
On The Right Hand Double Click On The Key Named As “NTLM”(New BOx Appear)
Value Name:NTLM
Value Data:(Replace 2 with 0)
Base :HexaDecimal
Press OK.
Get Out Of registry Editor.
8. Again Press Windows+R And Write mmc.(Consol1 Will Open)
9. Press Alt+F then M(New Windows Will Appear)
10.Press Alt+D Then Double Click On “Computer Management”
11.Select “another Computer” and write its Account Login(Amit).
12.Press Finish And Then Close The “Add StandALone Snap-in”Dialogue Box.
13.Now Press OK Of “Add/Remove Snap-in”.
14.On The Left Hand Expand Computer Management>Select Services And Aplications>Services
15.On The Right Hand Scroll down And Right CLick At “Telnet”And Select Restart Option.
16.Leave It As It is
17.Turn To Command Promt Write
c:\telnet Amit(Press Enter)
it Will Require Login And PassWord
Login:Administrator
PassWord:********(Enter)
*———————————————————–
Welcome TO Microsoft Telnet SErver
C:dir(Enter)


Now you are in your frnd computer....