At first sight, Android seems a rather simple operating system; however, it contains a lot of hidden functions and settings (especially in the latest versions) which can make your life much easier. So, before you hurry to get root rights and install tons of software on your smartphone, you should learn about this functionality.
Everyday, new vulnerabilities are discovered in mobile devices that can be exploited by intruders. They can send an SMS to a pay-per-call number, they can collect and sell a large database of contact details, and they can also compromise a specific individual. Successful exploitation of a vulnerability requires that a whole range of conditions are met. There is another way, however! Provide the user with a really useful application (a game with birds), whose manifest contains a list of device information that we are interested in. In this article, we will look at ways of obtaining and saving important information from an Android device.
The most conservative estimates indicate that, by the end of 2015, the share of IPv6 traffic will reach at least 10%, and this growth will continue. A special protocol for regional registries also came into force recently. Now, a new block of IPv4 addresses will be issued only if the company proves it has already implemented IPv6. So if anyone needs a subnetwork of white IPv4 addresses, they will need to implement IPv6. This fact will also encourage the further growth of IPv6 systems and lead to an increase in traffic. As far as ordinary users are concerned, providers began appearing all over the world, issuing real IPv6-addresses to end subscribers. And so, IPv6 will be encountered more and more often, and that’s a fact we cannot ignore.
Since its rise Windows was a natural habitat for all kinds of malware. Now the OS itself seems to have become one big trojan. Right after being installed it starts acting weird. The data flows in rivers to dozens of servers belonging to Microsoft and its partner companies. We will try to look into complaints of espionage manners of Windows 10 and find out what data it sneaks and where it sends it.
Code Injection is a process of injection code (often malicious) into third party application’s memory. A lot of software is using this technique: from malware to game bots. To show this approach, let’s try to execute third party application’s internal function with our own parameters, hacking simple application. Warning, C and debugger knowledge are required!
Philip Kucheryavy, Software Engineer in the Operations Team
- He is 24 and has a beard
- In love with Linux and Python
- Has no diploma of higher education
Task: Set up Cisco as server
Today we are going to cover the topic of Cisco-device (routers, switches) hacking, so to say, carrying on with the once started. Here I would like to amend the information which was presented in the previous issue. First, these devices have not two but three variants of user isolation: by password only, by login and password, or in “AAA” model (also by login and password). There seems to be no practical difference for a pen tester, but we’d still better rely on valid information.