I stumbled upon these links that talks about spying whatsapp account (same whatsapp account on two phones with same number)
gohacking . com / spy-on-whatsapp-messages /
gohacking . com / spoof-mac-address-on-android-phones /
I found it little interesting and wanted to try this out but I did not have two phones so I decided to download an emulator and finally got through a rooted bluestacks tool. Everything was ok until i tried to spoof mac address of bluestacks. Upon researching a bit, I found that mac address of bluestacks cannot be changed since it is a virtual device.
My question is, if I do the other way round, i.e., if I spoof my mobile device mac address using terminal emulator and busybox and give it my bluestacks mac address, will that affect my phone? I know that I will have to reinstall whatsapp on my phone because the mac address is changed and I can do it. Just wanted to check what all things will affect if I change the mac address of my phone.
I want to try this and find out if it really works but at the same time I dont want to take any chances with my phone....
Related
I installed cyanogenmod after rooting it with SuperOneClick.
I installed a few packages from F-Droid - I dont have any google services installed. I installed Droidwall and K9-Mail and tried to access a gmail account.
I whitelisted K9-Mail. Emails weren't fetched, so I whitelisted linux kernel; When I whitelisted linux kernel, Android System (which I blocked, to know exactly which ips the system tries to call) tried to call ip91.189.176.203 - which is coreless dot net. (This ip isn't always called, just sometimes in this scenario. I cant post links cause Im new).
Does anyone here knows something about this? How can I try to sniff my lan and see which packets are being sent?
EDIT: New strange ip: 92.249.120.2
EDIT2: New ips: 85.91.1.164 and 71.75.250.39
EDIT3: The android services are calling a bunch of different ips. If someone could try to do the same diagnosis I'm doing, connect to your wireless router, and make droidwall block every packet from every app. Wait for 3h, Android Services will try to call a bunch of different ips.
(Im new to Android... if this is some kind of hidden service for something please forgive me)
Strange ips keep appearing... is this really normal?
I would check the CM site as they change alot of the stock android programing to their own code
I tried the Cyanogenmod forums (http://forum.cyanogenmod.com/topic/...oidwall-its-calling-some-random-external-ips/) but people don't see too worried about to help me... :/
I believe nothing is secure in my phone including passwords, security pin and even what i'm typing now. Recently, my facebook acct got hacked too.I think my phone is being keylogged. So, I did the following things:
1.First of all, I resetted mydevice
2. Then, I even changed the rom
But, still I feel insecure. I want to know is there any way that the keylogging is kernel masked? Do I need to update the kernel? I need to know about the things I should do to make sure that my phone is completely keylogger free. Please help!
dreamer04 said:
I believe nothing is secure in my phone including passwords, security pin and even what i'm typing now. Recently, my facebook acct got hacked too.I think my phone is being keylogged. So, I did the following things:
1.First of all, I resetted mydevice
2. Then, I even changed the rom
But, still I feel insecure. I want to know is there any way that the keylogging is kernel masked? Do I need to update the kernel? I need to know about the things I should do to make sure that my phone is completely keylogger free. Please help!
Click to expand...
Click to collapse
Im no expert in this subject, but what I would do is Flash a new Rom and kernel, then Monitor packets send and recieved by the phone with an app, or with a router. The rooting method also matters. So, Flash the original OEM Software first. Rooting methods that harvest IMEIs have been reported. So, dont go with the "one clickers" to root your device method, but do it the Long way.
I am curretly also using a Firewall in my phone and also my Connection goes through a router with a Firewall.
Normally, I never enter sensitive data when in a dangerous enviroment, such as an unprotected Caffe WiFi.
If you are concerned about a keylogger, then you should be more concerned on how you got your device infected.
I usually refrain from using the Google Appstore. I mostly use Open Source programs/apps that can be compiled or tested
You should look into Fdroid, which Hosts open source apps, not many, but there are some.
Tell me what to do?
My phone is over heating too. So I installed network log from play store and watched the log. I found my phone sending and receiving packets through kernel.
I have uploaded the screenshots with this. Please have a look and tell me is this normal or if it isn't, what to do?.
Also, before unlocking the lock screen shows some messages as in the screenshot. But, after unlocking there is no such messages exist.
Please help.
dreamer04 said:
My phone is over heating too. So I installed network log from play store and watched the log. I found my phone sending and receiving packets through kernel.
I have uploaded the screenshots with this. Please have a look and tell me is this normal or if it isn't, what to do?.
Also, before unlocking the lock screen shows some messages as in the screenshot. But, after unlocking there is no such messages exist.
Please help.
Click to expand...
Click to collapse
I'm not sure about the message in your lockscreen but the IP's in your kernel log seem to be corresponding with these domains:
Host 24.9.193.104.in-addr.arpa. not found: 3(NXDOMAIN)
Host 233.127.230.115.in-addr.arpa. not found: 3(NXDOMAIN)
Host 54.213.160.61.in-addr.arpa. not found: 3(NXDOMAIN)
Host 108.213.160.61.in-addr.arpa. not found: 3(NXDOMAIN)
233.24.249.123.in-addr.arpa domain name pointer error-cdnzz-com.cdnzz.net.
188.200.125.74.in-addr.arpa domain name pointer sa-in-f188.1e100.net.
As you can see, the first 4 are unresolved, hence there is no domain linked to the IP.
The last 2 do have a domain linked, but I'm have no idea if they are used for malicious stuff.
But like shadowcore said, shouldn't you be more concerned about where you got this infection from?
After resetting and reinstalling a new rom, there are little places left for a logger/malicous-app to have been hiding.
What you could do is install OSMonitor. This is yet another logging app, but it provides you with a list of all the current running processes and connections, with the option to watch it, or kill it. Maybe you can use this to filter out any loggers still on running your device. You can find it on the Play Store.
You can also restrict networktraffic with AFWall+, which is a firewall app. It takes some time to configure, but it does wonders.
Also: Unclefab has written a really good tutorial about securing your phone, in a multitude of ways.
It's here: http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
Traffic through the kernel is normal see:
Code:
https://github.com/ukanth/afwall/wiki/FAQ#34-why-the-kernel-need-an-internet-connection-all-the-time-afwall-shows-appid--11-blocked
You should probably install afwall+ to restrict internet access to some apps.
Does anybody know how to change the MAC address on an M8 running 5.0? I'd appreciate any help you can give me.
I'm trying to change my phone's MAC address so that I can spoof a "Nintendo Zone" hotspot and get some of the freebie-goodies for my 3DS from home. The process is pretty straight forward (Make a hotspot, name it "attwifi", change the MAC to something Nintendo uses, get goodies.), but I'm having trouble getting the MAC address changed. Most tutorials have you use a terminal emulator with busybox to change it via command, or a hex editor to change the MAC address in a specific file, but I've not had any luck with either approach. Even the apps on the Play Store seem to fail. My guess is that it has something to do with Lollipop likely changing how MAC addresses are stored and used.
I've tried just about everything I could find, and am running out of ideas as well as ways to phrase the question to google to try looking this up myself. If anybody could tell me how to do this, or give me some pointers, that'd be great.
Also, in case it needs to be said: I am rooted, and unlocked with busybox installed.
Wow. I have the exact same issue. I also have a M8 running ViperOne with Android 5.0.1
Tried every app from the play store. Most say the MAC Address has been changed but that doesn't appear to be the case.
I want to connect to the Router at my workplace. I took the MAC address from the laptop that can connect to it and tried it in a few apps that can spoof it on my phone but none work.
I'd love some assistance with this as well.
Thanks in advance.
Perhaps now, 6 months later, there is a solution? anybody?
Please bear with me. I have never done anything like this.
Rooting doesn't appear to work with cortex. System manufactury specifically prevented it, as Kingroot said. I tried maybe 5-6 different types of rooting programs with no success. I wanted to change my MAC address, through programs that required the route.
Online, all I could find was MTK mac address changes, without root. Nothing for other services. I checked out a few snapdragons, but they don't seem to ever get anywhere. I kept going through threads, with no results.
Is there a way to change my phone's Mac address temporary? If I left things out, please ask. I'm new.
Should I post this in another category?
You could but you won't find help. In some countries it is illegal to change the Mac address so xda doesnt allow talks about it.
As for kingroot. All they do is check for known vulnerabilities in the system, then downloads a pre-made exploit and runs it. Nothing more then a virus really. For real root you have to have 2 things. An unlocked bootloader and kernel source.
How do I do those with a cortex?
I am trying to set up a PPP connection from a Zte MF820b 4G LTE USB modem/router to a WiFi only Android tablet with a 4.2.2 os that has a custom ROM installed which technically shouldnt of been jailbroken. The tablet is running a Linux version 2.4.3 and KERNEL:3.0.36. The problem here is me. I am a complete newbie, but do know a little about command prompts and how this should work in theory. The tablet is fully rooted and has all the necessary applets installed via busy box(chat, nc, pppd, ect) and terminal emulator, or at least I think that's what's necessary. I installed PPPwidget 2 and 3 but as apk's and since they are not from the Play Store will not function. I have Google play store installed but its all but useless since I can not log into my account, for reasons I suspect as being that the system is too old and says something about the connection not being secure or private and as such...can not actually get the app with license verification from Google play store. I tried to lucky patch the apk and remove license verification but that did nothing as well. However the apk will read the modem and ask permission to allow pppwidget to be used but shortly fail after for the aforementioned lack of correct license. There must be a way to manually call the modem and connect via terminal emulator using adb ppp or nc? Without any understanding on how to actually write a script I'm hoping someone can help me get this functioning. Situation beyond current controll will not allow me to work with anything other than what's at hand, and I'm willing to pay for someones time if I can actually get this working. I also have a tablet with a different os (8.1 Oreo) should that be easier. With the 4.2.2 the device pops up as "storage" in my file manager. With the 8.1 it pops up as a device Id number when I type in lsusb in my terminal emulator. The 8.1 has Termux installed should that open up a different venue. The carrier I'm using is T-Mobile and the nameserver and ISP info is NS1-AUTH.SPRINTLINK.NET; IP 206.228.179.10. The device is functional as when the opportunity arose I was able to plug up to a computer and try it out. That's no longer viable. Again, I'm willing to pay for the help as I'm sure I'll need to correspond back and forth a few times and will probably need help writing the correct script if needed. Please email me @ [email protected]. Thank you.