lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <529F2D46.4090802@strikedown.ch>
Date: Wed, 04 Dec 2013 14:25:26 +0100
From: Michael von Dach <michael.vondach@...ikedown.ch>
To: full-disclosure@...ts.grok.org.uk
Cc: ICSS Security <ctrlaltdelete@...look.pt>
Subject: Re: Any not annoying help welcome

Hey there

It is a bit difficult to understand what exactly you want to do. But I
guess you want to capture some Android traffic via your router.

Regarding your questions:

1) If you did setup a mirroring/monitoring port on your router you'll be
able to capture all the traffic on the router. The problem here is that
you will of course not be able to see encrypted traffic.

2.) If you want to monitor an apk there is an easier way to do this,
assuming the apk is generating http/https traffic. Go ahead and download
ZAP (Zed Attack Proxy) from OWASP. Then define ZAP as web proxy on the
android device and import the SSL-Certificate generated by ZAP on the
Android device. This way you'll not only be able to decrypt all the
https traffice but also to modify/resend it.
(There are some problems when it comes to defining proxys on Android
devices. I tested the above method successfully on iOS devices.)

I hope this helps

Cheers,
Mike

Am 03.12.2013 22:06, schrieb ICSS Security:
> Making a turn here, let's see what turns out!
> I know that using Wireshark we can capture traffic in/out of the routers interfaces.I don't want to dig up the routers concept because face it i already know how it works and so do you.
> I have only a few questions to ask.
> 1) The traffic on any device is monitored, correct? So, android devices too.2) I have monitor an apk aplication and saved the packets with a succefull login and an unsuccefull login.3) I know what the magic number to look for but, i'm unable to go further decoding the authentification method.
> Can anyone give me a hand here or should i go elsewere? 		 	   		  
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists