Showing posts with label Smartphone. Show all posts

Tutorial of Stealing WhatsApp Chat - POC

WhatsApp is the renowned instant messaging service for smartphones. Facebook has acquired whatsapp in February, 2014; the acquisition and its impact on whatsapp is not the topic of our interest, but as an information security professional we should focus on to report the vulnerabilities and exploitation of whatsapp to facebook so that they can secure it. There is a famous saying that you can't secure unless and until you know the bug, its exploitation and the possible damage that the company might bear; so that the parent company will be interested to review your submission.


I was talking with some friends on linkedin about whatsapp security and the way that bad guys (hackers) are hacking and stealing whatsapp chats; one of my friend has shared the prove of concept. It is a tutorial that I want to share with you, written by Mohit Sahu (@mohitnitrr). I don't know him personal but he did a wonderful job and we appreciate his effort.

Android Data Extractor Lite - ADEL


http://www.ehacking.net/2014/06/android-data-extractor-lite-adel.html
This Python script dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow. If no smartphone is connected you can specify a local directory which contains the databases you want to analyze. Afterwards this script creates a clearly structured XML report. 

Is Phone Verification Fool Proof?

Ping! The sound of a new message that fills the inbox of your email account is not something new. Yet another offer to update your business information, sign up to purchase the latest product or join a new social networking site. However, while filling out details of your business and typing in sensitive information, the thought of misuse of data may be the last one on your mind. However, a spurt in cyber crime over the last few years means that your data may not always be safe. It also means that the transmitted information may not always reach the intended destination.