The tutorial covers how to use the SQLite database for local storage in an Android App. You can download the source code to learn more. Enjoy!!!
Link: code.google.com/p/openmobster/wiki/SQLiteCRUD
Related
AOSP 4.4.4 ROM baked with DEXHUNTER built in.
More info for dexhunter can be found here:
https://github.com/zyq8709/DexHunter
https://github.com/zyq8709/DexHunter/blob/master/slide.pptx
Credits to the DEXHUNTER team that put this together.
Usage:
If you want to unpack an app, you need to push the "dexname" file to "/data/" in the mobile before starting the app. The first line in "dexname" is the feature string (referring to "slide.pptx"). The second line is the data path of the target app (e.g. "/data/data/com.test.test/"). Its line ending should be in the style of Unix/Linux. You can observe the log using "logcat" to determine whether the unpacking procedure is finished. Once done, the generated "whole.dex" file is the wanted result which is located in the app's data directory.
Github Project Page Has more information.
String List:
360: /data/data/XXX/.jiagu/classes.dex
Ali: /data/data/XXX/files/libmobisecy1.zip
Baidu: /data/data/XXX/.1/classes.jar
Bangcle/Secneo: /data/data/XXX/.cache/classes.jar
Tencent: /data/app/XXX-1.apk (/data/app/XXX-2.apk)
ijiami: /data/data/XXX/cache/.
Notes:
This ROM is not rooted and has no modifications other than the DEXHUNTER integration(reason is some apps will detect root). If you have a custom recovery you can apply root easily via flash file. This ROM is built to analyze/dump dex data of packages that use heavy anti debugging, dex manipulation and dynamically loaded methods and classes . If you don't understand this, this ROM is probably not for you. Please deffer to the power point slides for more information.
This ROM has only been tested with Nexus Grouper. It May brick other devices.
Tested via Flashing with TeamWin recovery.
DOWNLOAD FILE:
https://www.dropbox.com/s/y7tixw8rfvx6b0v/DEXHUNTER-aosp_grouper-ota-eng.zip?dl=0
Download link does not work please fix
Could you please reupload?
Please reupload this. I really need this to analyze chinese spyware app
REQUIREMENTS
Oracle Java 8 +
HOW IT WORKS
So I saw this on some shady Russian website and decided to make it more open. I researched more of it on Google and found out it was quite popular.
Your lockscreen gesture pattern is saved as an unsalted hash under the data/system folder in a file "gesture.key".
This is actually an unsalted SHA-1 hash of a sequence of bytes representing your oh so secure pattern! We shall brute force it with ourincluded custom dictionary. So the pattern can easily be surpassed, the only problem is getting to the gesture.key! Use SE or one of metasploits android privilege escalation modules.
For the nerds: http://www.cclgroupltd.com/a-rainbow-table-for-android-pattern-locks/
TL;DR We take the gesture pattern's hash and brute-force it.
USAGE
In your terminal call:
Code:
java GestureCrack gesture.key AndroidGestureSHA1.txt
Reference your paths accordingly
Source
https://gitlab.com/ken-okech-94/android_lockscreen_gesture_pattern_crack/
Download
https://www.mediafire.com/?10845bg1v6djkfg
Have fun and use the tool for white hat causes :angel:
Changelog/Issues/Bugs
Reserved
kenokech2 said:
Reserved
Click to expand...
Click to collapse
It would be nice if you give the instructions how to use it
Explicit Instructions
miju12 said:
It would be nice if you give the instructions how to use it
Click to expand...
Click to collapse
1. Clone the repo or download the compiled binary(Find the links above)
2. Install Oracle Java 8
Java 8 is important cause I used some of the new features while coding the bruteforcer
3. Add Java 8 to your path if on Windows
4. Run it like a normal Java class with the first argument being the location of the key and the second being the loaction of the custom SHA1 dictionary.
Thank you.
cSploit
The most complete and advanced IT security professional toolkit on Android.
cSploit target
The final goal is to write an application that is able to:
- enumerate local hostsdone
- find vulnerabilitiesdone
- find exploits for these vulnerabilitiesdone
- use those exploits to gain access to the targetdone
- crack wifi passwords
- install backdoors for later access
settings
Portability
Thanks to the new core, cSploit will be easily portable.
Basically it can run on any UNIX-based system, but for now only Android is supported. When I reach a beta-state version I will consider working on iOS, OSX, GTK+ and QT.
requirements:
•rooted device
•busybox installed
I tested on A500FU running on 5.0.2 lollipop
chance to support marshmallow
Features:
WiFi Cracking(not working)
RouterPWN
Trace
Port Scanner
Inspector
Vulnerability finder
Login cracker
Packet forger
Man in the middle
Simple sniff
Password sniff
Session Hijacker
Kill connections
Redirect
Replace images
Replace videos
Script injector
Custom filter
the most stable version of csploit is 1.6.6 RC2
Thread closed as this is not what Assist is here for
Learn how to use Assist here
http://forum.xda-developers.com/showthread.php?t=2764768
DNSFlusher on Play Store
DNSFlusher will flush DNS using shell.
No permissions.
This app works on every phone with Android 8.0+.
Download size: around 700KBs.
Source Code can be found here: Github Link
This guide is purely for educational purposes. I am not responsible for anything wrong that happens to your browser when doing this method.
Also note that this isn't a very user friendly way of doing it. This is purely for educational purposes. I'll provide a user-friendly way of doing it soon!!
Follow the steps exactly as I do in the video or follow steps below video
YouTube Tutorial
*Requirements*
1. Rooted phone with Magisk
2. A file explorer!!
3. My extension template
Steps:
1. Find what extension you want to download. Any links from Gitlab or GitHub will work. For example, any extension with the release links on GitHub you will copy into your clipboard.
2. Download my template and store is somewhere. You'll be editing THREE things inside it. They are the following:
public","url":"INSERT URL HERE!!!!!",
"name":"INSERT NAME HERE!!!!",
"summary":"INSERT SUMMARY HERE!!!",
You will replace url with the url download link to the xpi file you copied into your clipboard.
Add a name to the extension
Then lastly, provide a summary.
Save the file.
3. Copy the entire code to your clipboard. Then, with a root browser, navigate to this location:
/data_mirror/data_ce/0/org.mozilla.fenix/files
You will see a file called: mozilla_components_addon_collection_en_Extensions-for-Android.json
Open it up with a text editor
Scroll all the way to the bottom where there will be ":null}]} at the end of the code
Delete the last two characters: ]} and add "," Then PASTE your code.
4. Once pasted, make sure the end of the code ends with
]}
5. Close Firefox and relaunch it. You should see an additional extension added at the bottom of the list of extensions.
6. Profit!!!!!!!
Additional Notes
I will be making an Apk or a script soon that will make the process much easier and quicker. I'll provide more updates soon!!!!