[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCvwp7t4x==EtoY=fA76uURu2Y=5o_2vHki1XWSp2sfRRzNmA@mail.gmail.com>
Date: Wed, 10 Aug 2011 19:55:00 +1000
From: "-= Glowing Sex =-" <doomxd@...il.com>
To: coderman <coderman@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: DEF CON 19 - hackers get hacked!
android exploit attached to bad html file (alot like the myspace
hacking)...so whats s new... same methods, and same bs...
i just dont see any usefulness to what could be done anytime, and if you
were silly enough to accept ASNY files direct dl at ANY **COn, expect it
:P~
but the method, is pathetically old, and, hiding behind some lame
android-root, as most of these ppl do... when i see them lever, linux, with
NO html, ill maybe like them abit :P~~
have a nice defbomb ... hehe
meh.. so whats new... hijacking a phone botnet would be fun but, i dont see
why would bother scanning for them.. when, i have and, theyre pretty
useless... well, maybe for android freaks...and, this is simple a root
exploit or, exoploit being levered, thru an LD
On 10 August 2011 19:21, coderman <coderman@...il.com> wrote:
> while most were enjoying libations or talks a very interesting event
> was taking place at the conference.
>
> we're all familiar with the hostility of WiFi and GSM networks at DEF
> CON, however, this year the most hostile network on earth was not
> 802.11; it was CDMA and 4G!
>
> on Friday some parts of Anon and Lulz made appearance. by early
> Saturday morning a weapon was deployed.
>
>
>
> some characteristics:
>
> - full active MitM against CDMA and 4G connections from Rio to carriers.
>
> - MitM positioning for remote exploitation to ring0 on Android and PC.
>
> - fall back to userspace only or non-persistent methods when
> persistent rootkit unattainable.
>
> - many attack trees and weaponized exploits. escalation from easy pwns
> up to specialized techniques and tactics until success is achieved.
>
> - simultaneous attack across CDMA and 4G connections using full power
> in these LICENSED bands.
>
> - operated continuously (except for outages :) from early Saturday
> until 8am Monday.
>
> - designed with intent: mass exploitation, reconnaissance,
> exfiltration, eavesdropping.
>
>
>
> how to tell if you met the beast at Rio:
>
> - did you accept an upgrade for Android, Java, or other applications?
> (oops)
>
> - did you notice 3G/4G signal anomalies, including full signal yet
> poor bandwidth or no link?
>
> - did you notice your Android at full charged plugged in, but dropping
> to <50% charge once unplugged?
>
> - did you notice 4G download speeds at quarter of usual, yet uploads
> over twice as fast?
>
> - did you notice Android services that immediately respawn when
> killed? (Voice Search?)
>
> - does your Android no longer connect to USB debugging yet adbd is alive?
>
> - does your PC have an sshd that cannot be kill -9'd?
>
> - did your Android crash - a hard freeze, and then take a long time to
> reboot?
>
> ...many other indicators, but for now that's sufficient to express the
> point.
>
>
>
> if you met the beast, it seemed to have a nearly perfect success rate;
> your odds not good. in fact you probably didn't even notice as it
> pilfered bytes off your devices and monitored your conversations.
>
> i have waited over six DEF CONs to meet an adversary of this skill.
> i was not disappointed.
>
> did the talks suck this year because the good stuff is under NDA?
> clearly a lot of you are selling out...
>
>
>
> to those who got pwned, i would be interested in your experiences and
> binaries:
> ID 9B65F087 , FP = 1029 E3E0 F22A C73D B2D6 468F 2798 76BB 9B65 F087
> gpg --keyserver pool.sks-keyservers.net --recv-keys 9B65F087
> gpg --keyserver subkeys.pgp.net --recv-keys 9B65F087
> gpg --keyserver pgp.mit.edu --recv-keys 9B65F087
>
> to the beast operators, i hope to see you next year!
> (and get your availability deficiencies and network anomalies worked
> out. kind of a shame you spent so much time and money only to have
> your kit fall over again and again. and thanks for the 0days :)
>
>
> until next year,...
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists