In a previous blogpost, I’ve written how to combine Gnirehtet & proxychains in order to intercept traffic from mobile apps over adb while on a VPN. After some time, the setup seemed to be somewhat buggy and slow. A contact of @FSDominguez suggested to look into port forwarding. I’d like to present a revised adb reverse tethering MITM setup.
Traditionally, to inspect traffic for Android apps, the mobile phone and the security analyst’s PC are connected to the same Wi-Fi hotspot. The proxy settings on the mobile phone are configured to point to the analyst’s PC. Typically, an intercepting software such as Burp Suite Pro is configured on the PC to listen on all incoming connections.
In Android land, it is possible to protect specific components (ex: activities) from being screenshotted. This is achieved by adding the
FLAG_SECURE flag on the desired component:
Certain mobile app pentests are done on a recurrent basis (Agile security). Some of these pentests have common repeating tasks. Since repetition is boring, we want to automate as much as possible.
While doing some security research on the Android operating system, I stumbled upon the following blackhat presentation. It turns out that Android has a unique inter-process communication (IPC) mechanism. Although the internal workings of this mechanism is quite complex, it is abstracted away for Android app developers. The gist of the story is that Android uses Binder for inter-process communications and that it might be a good place for malware to eavesdrop for sensitive information.
One of my favorite tools for Android app security assessments is frida. Frida is a cross platform dynamic instrumentation tool that can help with dynamic analysis of apps and bypass security mechanisms implemented in these apps. The community behind Frida is also extremely active and supportive. Sometimes a few releases are pushed per week with a ton of improvements and bug fixes!
From small note taking apps to critical financial apps, mobile apps are augmenting our daily lives. The presence of mobile apps is undeniably increasing and so is the demand for mobile app security.
Modern regex engines have some powerful features which are not used quite often. Maybe because regexes are considered cryptic and hard to begin with? In this blogpost I want to document a few of my favourite tricks.
For the past years I was very hesitant about my future career choices. Originally, I’m a developer but I liked security and hacking a lot. I was doing all kinds of CTFs in my spare time. For my bachelor degree I had to do a final project (thesis) and thought it might be the best moment to shift into the (professional) security world. I finished my internship at Securify and was offered a job/traineeship. I’ve learned a lot in the last year and I would like to share some tips. The following tips are in no particular order and might even be applied to some other disciplines.
Subroutines and recursion are powerful expressions that are sometimes ignored or forgotten. Maybe because the number of languages that support it are relatively scarce? If you’re using PCRE, PHP which uses PCRE under the hood, Perl or Python with the
regex module then keep reading!