Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Android Mischief, ARP snooping

  • 14-06-2011 1:29pm
    #1
    Closed Accounts Posts: 2,267 ✭✭✭


    http://faceniff.ponury.net/

    Since android is linux based, it was only a matter of time before this happened I guess!

    Pretty awful this is out really, as it gives novice users really easy access to abuse.


Comments

  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Unlock key algorithm for the application is pretty trivial :-)

    baksmali is a sweet application for Dalvik disassembly.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    I was actually coding an ARP-MITM tool for android until I had a laptop failure and lost all my data. I coded one in Java first as proof of concept, which was straight forward.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    dlofnep wrote: »
    I was actually coding an ARP-MITM tool for android until I had a laptop failure and lost all my data. I coded one in Java first as proof of concept, which was straight forward.

    I have just been reverse engineering this one, seems quite advanced in-fairness to the author. He has also included a native binary in the package also which seems to act as a proxy or web server.


  • Closed Accounts Posts: 4,584 ✭✭✭digme


    whats your mac add, i'll hack jooo


  • Registered Users, Registered Users 2 Posts: 8,813 ✭✭✭BaconZombie


    Hey Kaia Early Celery,

    Can change of getting a copy of the decompiled code?
    I have just been reverse engineering this one, seems quite advanced in-fairness to the author. He has also included a native binary in the package also which seems to act as a proxy or web server.


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Hey Damo2k,

    Can change of getting a copy of the decompiled code?

    The dex classes can be disassembled with baksmali, or if you want to view as close as to the original source java, you could use dex2jar. Then decompile with http://java.decompiler.free.fr/.

    There is also a native elf executable compiled for arm architecture. There might be some free tools to disassemble this. IDA Pro 6.1 can disassemble elf for arm. It can also dissasembe Dalvik dex but its not free, looks a bit niceer than baksmali, but dex2jar will give you readable jabva code anyway. However I don't think its possible to obtain the original source for the native executable. But they didn't "strip" the executable after compilation, so there is lots of debug info included.


  • Closed Accounts Posts: 301 ✭✭pieface_ie


    Was playing with this a few days ago, does what it says. As mentioned it was only a matter of time before something like this was released.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    There is an 2.0 alpha out now.

    Unlock code check has moved into the native binary. Gonna have to scratch up on the arm instruction set I think :-P


Advertisement