View RSS Feed

yinsain

How safe is your Android device

Rating: 2 votes, 3.00 average.
Hi guys this is yash aka yinsain again with a duly awaited post.

THIS IS FOR EDUCATIONAL PURPOSES, I STAND NO INVOLVEMENT IN WHAT YOU DO WITH THE INFORMATION PROVIDED.

Nowdays most of the people around us are in favour of using an android device in the name of a smartphone well after all its a smart choice too.

First thing that people think of while using a smart phone is staying online and updated.
But how safe is it, people are scribbling down their credentials on this tiny device to stay in contact but till date nothing has changed, every app or even a system requires a lookup file to authenticate whether the true user is thr or not.

passwords still are the strongest and the weakest security link in whole infosec thing.

Whenever even a kid even hears about hacking first thing that comes to his/her heart is password of an email-id, well here i will show you how to get in one without using a password.

So we will focus our this post on the same and then we will blend into other security aspects of what can be risky and what cant.

Two possible scenarios are there
--> either you have a brand new phone or a phone that you use as a casual guy nothing hardcore or test-head and by mistake you install a malicious apk that roots your phone for gainig priviledges, this is how most of these things are working.
the infamous GINGERBREAK exploit that created a chaos because of it being used in other malicious apk.

--> or you might be having a rooted phone like me, that you rooted down for your experiments,,

but how aware are you, of all possible dangerous factors.

So lets start with a rooted phone because in both of the cases above end point is this only.

I will be using my real phone only, no emulator to show this, so in this post,
my details will be visible.

Lets plug this phone in debugging mode and spawn the shell.

Name:  Screenshot from 2012-06-14 23:24:01.jpg
Views: 376
Size:  19.2 KB


layout is pretty standard.

now lets move towards the attractive folder data and again in data inside the previous one.

Name:  Screenshot from 2012-06-14 23:27:59.jpg
Views: 363
Size:  18.8 KB

now issue ls command it will show you a long list of installed apk's data folders.

Name:  Screenshot from 2012-06-14 23:29:28.jpg
Views: 768
Size:  19.3 KB

now we can easily navigate to our folder of our desired app.

Our grapes reside inside the com.google.android.gm folder so go into that and then into databases again issue ls command.

Name:  Screenshot from 2012-06-14 23:34:13.jpg
Views: 375
Size:  19.5 KB

As you can see my email id is thr in a folder name.

but the useful db file is downloads.db for android 2.1 and for my specific cyanogemod7rc2 its mailstore.ydeep18@gmail.com.db, we will copy that out to sdcard for further inspection.

cp mailstore.ydeep18@gmail.com.db /sdcard

Name:  Screenshot from 2012-06-15 00:10:30.jpg
Views: 372
Size:  19.3 KB

as this phone is rooted so acces denied problem will be there just like it wont cause a problem for any attacker who has gained root shell on your device.


now we have our db file, now how to open it, well i did this while is was in kota in a hostel so i had no pc around me for an year, so i downloaded an app on my phone only to perform this.
APP :: aSQLiteManager


Lets start first with the phone
so open up your aSQLiteManager

Name:  screenshot-1339698390324.jpg
Views: 352
Size:  17.0 KB

Name:  screenshot-1339698402804.png
Views: 357
Size:  19.3 KB

open db file, the mailstore one.

Name:  screenshot-1339699527311.jpg
Views: 368
Size:  16.7 KB

select whichever you wanna view, but i kno the juicy one is messages. so lets open that

Name:  screenshot-1339699534807.png
Views: 361
Size:  17.8 KB

and with all your guts click on data to kno the truth....

Name:  screenshot-1339699547951.jpg
Views: 367
Size:  13.4 KB

and there it is all your synchronised email, now say who needs a password.
and continously scrolling sideways

Name:  screenshot-1339699578545.jpg
Views: 349
Size:  14.5 KB

Name:  screenshot-1339699586596.jpg
Views: 358
Size:  12.8 KB

Name:  screenshot-1339699593698.png
Views: 355
Size:  16.8 KB

Name:  screenshot-1339699599504.jpg
Views: 368
Size:  11.0 KB
As you can see, how lethal this can be.

PREVENTIONS
:: please check permissions needed by your application before installing
:: never leave your unattented. This works 90% of the time.

THanks for reading
B-)
Tags: None Add / Edit Tags
Categories
Uncategorized

Comments

Trackbacks

Total Trackbacks 0
Trackback URL: