Gambling Affiliation

Gambling Affiliation

Tuesday, 20 December 2016

Nathan: Android Emulator for Mobile Security Testing Tool

Nathan: Android Emulator for Mobile Security Testing Tool

Nathan is a 5.1.1 SDK 22 AOSP Android emulator customized to perform mobile security assessment.

Supported architectures:
x86
arm (soon)

The emulator is equipped with the Xposed Framework and the following pre-installed modules:

SSLUnpinning, to bypass SSL Certificate pinning.Inspeckage, to perform the dynamic analysis of an application.RootCloak, to bypass root detection.


The following tools are already installed:

#SuperSU: Superuser access management toolDrozer: Comprehensive security and attack framework for Android

Features

Only python 2.7.x requiredHooking ready with XposedPre-installed tools for application analysisFully customizableSnapshot and restore of user data

Installation

Download Nathan core scripts from git:
$ git clone https://github.com/mseclab/nathan/
$ cd nathan

Init Nathan for the first time (for downloading firmware files)
$ ./nathan.py init 

If a proxy is required to download files, the parameter -dp is available :
$ ./nathan.py init -dp 127.0.0.1:3128
The init command downloads all the files required to run use Nathan Emulator.

Usage

To start Nathan:
$ ./nathan.py start

To redirect the traffic through a proxy (es. http://127.0.0.1:3128), the parameter -p can be used:
$ ./nathan.py start -p http://127.0.0.1:3128

To create a snapshot of current user image data with a label (current in this case):
$ ./nathan.py snapshot -sl current 
To restore the emulator to the snapshot with label current:
$ ./nathan.py restore --rl current

To get a list of available snapshots to restore:
$ ./nathan.py restore --ll  
Every time the emulator is started, a temporary copy of system image is created and each changes made to system data is lost when the emulator is powered off.

To keep permanent the changes, the command freeze is available:
$ ./nathan.py freeze  

To push files from a folder to a running Nathan emulator, the command push is available:
$ ./nathan.py push -f folder  

The complete list of command is:

usage: nathan.py [-h] [-v] [-a ARCH]
{init,start,snapshot,restore,freeze,push} ...

Optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Show emulator/kernel logs
  -a ARCH, --arch ARCH  Select architecture (arm/x86) - Default = x86

Command to run:
         {init,start,snapshot,restore,freeze,push}
    init                Download and init Nathan emulator
    start               Start Nathan emulator
    snapshot            Create userdata image snapshot
    restore             Restore userdata image snapshot
    freeze              Freeze temporary system image
    push                Push files to Nathan emulator 
The parameter -h for each command shows specific options.

Thursday, 10 November 2016

22 Year Old Student Arrested For Cyber Stalking



A 22 year old student named Kishan, studying second year in AJC Bose College has been arrested for being involved in cyber stalking. The hacker hacked a victims Facebook account of class 10 living in the Tiljala area.
According to joint CP (crime) Visahal Garg, the hacker first hacked the victims Facebook account in early July and changed the password. Being unaware of the hack, the girl dedicated to create a new account. As soon as the girl opened a new account, the hacker started to post obscene images on both the accounts tagging all their friends. The girl and her parents registered a case in Police station on July 18.
Vishal Garg also mentioned that, the hacker had even demanded for $120 ( Rs 10,000) from the minor to stop sending obscene images.
“We have added charges of extortion besides the IT Act against the accused,” he said.
“We took help of Facebook authorities through proper channels and based on their feedback, we arrested the accused. We have recovered two mobile phones used by the accused to carry out the hacking,” he added.

Create Your Own Ubuntu 16.04 or 16.10 Live ISO with MeX and Refracta


GNU/Linux developer Arne Exton is always ahead of time, and it looks like he has just released a new build of his MeX GNU/Linux distribution that ships with the Refracta tools pre-installed.
MeX Build 161030 arrived a couple of days ago, based on the Debian GNU/Linux 8.6 “Jessie” and Ubuntu 16.04.1 LTS (Xenial Xerus) operating systems. It includes a special 4.8.0-25-exton kernel injected with support for additional hardware components, and uses the latest Cinnamon 3.0.7 desktop environment that comes with Linux Mint 18.
However, the new feature of the MeX Build 161030 release is the integration of the Refracta tools, which let users create their own installable and bootable Ubuntu Live ISO images, which can be based on either the Ubuntu 16.04.1 LTS (Xenial Xerus) or Ubuntu 16.10 (Yakkety Yak) operating systems.
“You can use the Refracta tools (pre-installed in MeX Build 161030) to create your own installable Ubuntu Live DVD once you have installed MeX to hard drive,” said Arne Exton in the release announcement. “I mean change everything and then create a whole new Ubuntu 16.04 or 16.10 live system.”
When attempting to create your own Ubuntu-based Live ISO, you should know that you don’t even have to install the MeX operating system on your personal computer, as the Refracta tools work straight from the Live DVD, according to Arne Exton, but you’ll need to have plenty of system memory (RAM) for things to work as expected.
The entire Ubuntu ISO creation process won’t take more than 5 to 10 minutes using the Refracta tools. As one might have expected, all the packages included in MeX Build 161030 have been updated as of October 30, 2016, and you can study the full list of pre-installed packages. In the meantime, download MeX Build 161030 right now via our website.

Images of Upcoming Nokia D1C Leaked and They Look Gorgeous


Day after day we are getting more news about the Nokia’s upcoming smartphones. The information we get from most of the sources is not reliable as one contradicts the other.
A few days back we got news stating about HMD Global company building the Nokia phones in the coming years. They have already appointed a UK-based independent PR agency Mother to take care of the marketing campaign.
We can be sure that the Mother’s first project won’t come out until next year, which suggests that HMD Global might not introduce any Nokia handsets the current year.
Previous rumors claimed the first Nokia phones in a long time will be unveiled later this year, while two other high-end phones might be revealed in Q2 2017.
One of these unannounced smartphones appeared in many leaks as Nokia D1C. Some pictures of the alleged phone emerged several weeks ago, so pretty much every Nokia fans was willing to jump in the hype train.
Unfortunately, we might have to wait a while longer for the first Nokia phones to arrive, as HMD Global is more concerned about marketing and distribution of these devices.

Three Different Colors, Specs and Designs

Still, it doesn’t hurt to learn a bit more about Nokia’s upcoming smartphones, even if they haven’t been confirmed yet. A set of images showing the alleged Nokia D1C have just leaked directly from China.
These renders are based on the images of real Nokia prototypes, the source claims. Even if HMD Global could still make some changes the final design of the phone, at least we have an idea of what’s to come.
Three version of the Nokia D1C are rumored to arrive on the market: Gold, Black and White. However, only the Gold version will come with fingerprint sensor, whereas the Black and White colors will lack this feature.
Also, the Black and White versions of the D1C will have a metal frame and polycarbonate back cover, while the Gold model should feature an all-metal unibody design. We believe these rumors are a bit far-fetched, so take them with a tint of salt.

OpenDoor – OWASP Directory Access Scanner



OpenDoor is an open-source software that scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application.

System Requirements:

  • Python 2.7.x

Installation command:

sudo pip install -r requirements.txt

Features:

  • multithreading
  • filesystem log
  • detect redirects
  • random user agent
  • random proxy from proxy list
  • verbose mode
  • subdomains scanner

How to use:

python ./opendoor.py --url "http://joomla-ua.org"

Note: This tool is only for informational purposes and organizations is prohibited.

Cyber Criminals Attacking LinkedIn User’s With Phishing Scam



Cyber criminals are now targeting LinkedIn users with a phishing scam where they are tricking the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details. The email that is targeting users comes from postmaster [@] fnotify [dot] com which is not linked with LinkedIn. However it is found that the email domain associated with the email is actually a WordPress blog registered to a guy, Torgeir Salvesen from Finland.
beware-linkedin-users-hit-sophisticated-phishing-campaign-2
The password reset link which has been censored by the researchers is actually LinkedIn’s password reset link that asks users to change their password to avoid it from being misused. Also there have been a lot of errors from the cyber criminals and looks like they forgot to link the real phishing link on password reset link.
Apparently the email content also contains another link which redirects to a Dropbox link . The Dropbox link asks users to upload their viewable scanned copy of the payment method, account holder’s government-issued photo identification (that is a driver’s license or passport) and a payment receipt.
beware-linkedin-users-hit-sophisticated-phishing-campaign-1-768x352
This was identified by researchers at Heimdal Security who pointed out that the main reason behind this scam is to steal user’s financial details, driving license and or passport copy. The purpose of collecting this information is to not only hijacking their account but also conduct further scams by stealing their identity.

Radium Keylogger – A Keylogger Using Python


Python keylogger with multiple features.

Requirements:

Install and Use:

Step 1: Download the libraries if you are missing any.
Step 2: Set the Gmail username and password and remember to check allow connection from less secure apps in gmail settings.
Step 3: Set the FTP server. Make the folder Radium in which you’ll store the new version of exe.
Step 4: Set the FTP ip, username, password.
Note: Remember to encode the password in base64.
Step 5: Set the originalfilename variable in copytostartup(). This should be equal to the name of the exe.
Step 6: Make the exe using Pyinstaller
Step 7: Keylogs will be mailed after every 300 key strokes. This can be changed.
Step 8: Screenshot is taken after every 500 key strokes. This can be changed.
Step 9: Remember: If you make this into exe, change the variable “originalfilename” and “coppiedfilename” in function copytostartup().
Step 10: Remember: whatever name you give to “coppiedfilename“, should be given to checkfilename in deleteoldstub().

Features:

  • Applications and keystrokes logging
  • Screenshot logging
  • Drive tree structure
  • Logs sending by email
  • Password Recovery for
    • Chrome
    • Mozilla
    • Filezilla
    • Core FTP
    • CyberDuck
    • FTPNavigator
    • WinSCP
    • Outlook
    • Putty
    • Skype
    • Generic Network
  • Cookie stealer
  • Keylogger stub update mechanism
  • Gather system information
    • Internal and External IP
    • Ipconfig /all output
    • Platform

Things to work on:

  • Persistance
  • Taking screenshots after a specific time. Making it keystrokes independent.
  • Webcam logging
  • Skype chat history stealer
  • Steam credential harvestor


    Video tutorial on Radium keylogger: