Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Android Mischief, ARP snooping

  • 14-06-2011 01:29PM
    #1
    Closed Accounts Posts: 2,267 ✭✭✭


    http://faceniff.ponury.net/

    Since android is linux based, it was only a matter of time before this happened I guess!

    Pretty awful this is out really, as it gives novice users really easy access to abuse.


Comments

  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Unlock key algorithm for the application is pretty trivial :-)

    baksmali is a sweet application for Dalvik disassembly.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    I was actually coding an ARP-MITM tool for android until I had a laptop failure and lost all my data. I coded one in Java first as proof of concept, which was straight forward.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    dlofnep wrote: »
    I was actually coding an ARP-MITM tool for android until I had a laptop failure and lost all my data. I coded one in Java first as proof of concept, which was straight forward.

    I have just been reverse engineering this one, seems quite advanced in-fairness to the author. He has also included a native binary in the package also which seems to act as a proxy or web server.


  • Closed Accounts Posts: 4,584 ✭✭✭digme


    whats your mac add, i'll hack jooo


  • Registered Users, Registered Users 2 Posts: 8,814 ✭✭✭BaconZombie


    Hey Kaia Early Celery,

    Can change of getting a copy of the decompiled code?
    I have just been reverse engineering this one, seems quite advanced in-fairness to the author. He has also included a native binary in the package also which seems to act as a proxy or web server.


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Hey Damo2k,

    Can change of getting a copy of the decompiled code?

    The dex classes can be disassembled with baksmali, or if you want to view as close as to the original source java, you could use dex2jar. Then decompile with http://java.decompiler.free.fr/.

    There is also a native elf executable compiled for arm architecture. There might be some free tools to disassemble this. IDA Pro 6.1 can disassemble elf for arm. It can also dissasembe Dalvik dex but its not free, looks a bit niceer than baksmali, but dex2jar will give you readable jabva code anyway. However I don't think its possible to obtain the original source for the native executable. But they didn't "strip" the executable after compilation, so there is lots of debug info included.


  • Closed Accounts Posts: 301 ✭✭pieface_ie


    Was playing with this a few days ago, does what it says. As mentioned it was only a matter of time before something like this was released.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    There is an 2.0 alpha out now.

    Unlock code check has moved into the native binary. Gonna have to scratch up on the arm instruction set I think :-P


Advertisement