SummerCon July, Brooklyn, NY. THE FIREWALL ANDROID DESERVES: A CONTEXT-AWARE KERNEL MESSAGE FILTER AND MODIFIER by DAVID WU.
Defcon August, Las Vegas. SITCH - Inexpensive, Coordinated GSM Anomaly Detection by ashmastaflash. A Journey Through Exploit Mitigation Techniques in iOS by Max Bazaliy. Stumping the Mobile Chipset by Adam Donenfeld. How to Do it Wrong: Smartphone Antivirus and Security Applications Under Fire by Stephan Huber and Siegfried Rasthofer. Discovering and Triangulating Rogue Cell Towers by JusticeBeaver (Eric Escobar). Samsung Pay: Tokenized Numbers, Flaws and Issues and Salvador Mendoza. Attacking BaseStations - an Odyssey through a Telco's Network by Henrik Schmidt and Brian Butterly. Forcing a Targeted LTE Cellphone into an Unsafe Network by Haoqi Shan and Wanqiao Zhang.
Another month has passed and I'm super late again on this blog post.
HushCon EAST badges were super awesome (picture below) did some hacking on them with Trammell Hudson: Hushcon 2016 pagers.
The wait is over, here is the final blog post including source code on Qualcomm's TrustZone: Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption Source extractKeyMaster
The Android Security Bulletin July 2016 fixes a really large number of bugs, including a Remote code execution vulnerability in Bluetooth and Remote code execution vulnerability in OpenSSL & BoringSSL. It is really good to see stuff being fixed and talked about in the open.
Summary on Pokemon GO's permission to your Google Account by the guys from Trail of Bits.
Funny picture of the month:
Breaking Band reverse engineering and exploiting the shannon baseband slides from Recon 2016
Vodafone Global Infrastructure Map
VIDEO: Forcing A Targeted LTE Cellphone Into An Eavesdropping Network
Android changes for NDK developers
Need Android APK samples? `wget -r http://dlapk.etcandroid.com/apk/ ` and wait a few hours... Or until two people do it and server melts... (via @timstrazz)
Android Anti-Hooking Techniques in Java
Tools for analyzing hexagon code
Hacking Team / Crisis Android samples
HARDWARE-ASSISTED ROOTKITS & INSTRUMENTATION: ARM Edition slides from recon 2016
GODLESS Mobile Malware Uses Multiple Exploits to Root Devices
Silent OS 3.0 adds cellular IDS for weak nw encryption. via @raviborgaonkar
Most mobile apps dedicate at least 10% of their traffic to online tracking via @narseo
Strongdb is a gdb plugin that is written in Python, to help with debugging Android Native program.The main code uses gdb Python API
Accessing local variables in ProGuarded Android apps
GOOGLE'S ANDROID REWARDS PROGRAM PAYS OUT HALF MILLION IN FIRST YEAR
This is an all-in-one Java deobfuscator which will deobfuscate code obfuscated by most obfuscators available on the market.
Listening through a Vibration Motor paper
Fingerprint Unlock Security: iOS vs. Google Android (Part I)
Fingerprint Unlock Security: iOS vs. Google Android (Part II)
A cross-platform protocol library to communicate with iOS devices.
Android Anti-Emulator, originally presented at HitCon 2013: "Dex Education 201: Anti-Emulation"
An Online Analysis System for Packed Android Malware
Android Trojan "Hellfire" modified system binaries, boot image, init.rc, SE policy rules, dm_verify, etc. via @claud_xiao
recover deleted information from sqlite files.
TrustZone Kernel Privilege Escalation (CVE-2016-2431)
A dynamic binary instrumentation kit targeting on Android(Lollipop) 5.0 and above.
(In-) Security of Security Applications paper
Hacking smartphones via voice commands hidden in YouTube videos
Bugs in BMWs ConnectedDrive (exploitable via SMS) (German)
Remote Code Execution in Xiaomi MIUI Analytics
Breaking Into the KeyStore: A Practical Forgery Attack Against Android KeyStore (paper)
A Way of Breaking Chrome's Sandbox in Android (slides)
Changes to Trusted Certificate Authorities in Android Nougat
Introducing OpenCellular: An open source wireless access platform (base station)
Android Kernel CVE POCs CVE-2016-3797
Android Kernel CVE POCs CVE-2016-3794
Proof of concept XOR canary support for LLVM
Advanced Android Root : How To Bypass PXN (slides)
PoC for CVE-2016-2434
From HummingBad to Worse NEW DETAILS AND AN IN-DEPTH ANALYSIS OF THE HUMMINGBAD ANDROID MALWARE CAMPAIGN (paper)
This Android Hacking Group is making $500,000 per day
open source 3gpp lte implementation
Lawsuit reveals Silent Circle's Blackphone business is a complete and utter mess
DIFFDroid :Dynamic Analysis for Android
Inside SafetyNet - part 2