| New User, Welcome! Login |
Next Page >>
cell phone
--- BEGIN ADVISORY ---
Manufacturer: Nokia (www.nokia.com)
Device: Nokia 6131 NFC
Firmware: V 05.12, 19-09-07, RM-216
Device Type: mobile phone
OS: Symbian Series40
Subsystem: Near Field Communication
-----------------------------
--- BEGIN ADVISORY ---
Manufacturer: Nokia (www.nokia.com)
Device: Nokia 6212 Classic
Firmware: V 05.16, 29-09-08, RM-396
Device Type: mobile phone
OS: Nokia Series40
Subsystem: Near Field Communication
-----------------------------
and in the end, compare:
STAT {{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{.}}}]}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
hovever in vsftpd, command lenght is allowed to 4096 bytes. So it's no problem to create request with a huge complexity
To bypass max_per_ip, use ISP with dynamic ip. Disconnect and connect (example for bt mobile phone):
cx@cx64:~$ hciconfig hci0 down
cx@cx64:~$ hciconfig hci0 up
and connect again.
HTC devices running Android 2.1 and Android 2.2 are prone to a directory traversal vulnerability in the Bluetooth OBEX FTP Service. Exploiting this issue allows a remote authenticated attacker to list arbitrary directories, and read arbitrary files, via a ../ in a pathname.
Description:
In the present HTC / Android phones include a Bluetooth stack, which provides Bluetooth communications with other remote devices. The File Transfer Profile (OBEX FTP) is one among all the Bluetooth services that may be implemented in the stack.
The OBEX FTP service is a software implementation of the File Transfer Profile (FTP). The File Transfer Profile (FTP) is intended for data exchange and it is based on the OBEX communications client-server protocol. The service is present in a large number of Bluetooth mobile phones. This service can be used for sending files from the phone to other remote devices and also allows remote devices to browse shared folders and download files from the phone.
In HTC / Android phones, the default directory of the OBEX FTP Server is the SDCard. Only files placed in the directory of the SDCard can be shared. The user cannot select other directory so sensitive files related to the operating system are not exposed.
There exists a Directory Traversal vulnerability in the OBEX FTP Service in the Bluetooth Stack implemented in HTC devices running Android 2.1 and Android 2.2. The OBEX FTP Server is a 3rd party driver developed by HTC and installed on HTC devices running Android operating system, so the vulnerability affects to this vendor specifically.
#2009-014 Android denial-of-service issues
Description:
Android, an open source mobile phone platform, is affected by two bugs
that lead to denial-of-service (DoS) conditions.
Two separate DoS issues have been independently reported to oCERT.
The most recent report concerns Android handling of SMS messages: a
Where: Remote (man-in-the-middle)
3) Vendor's Description of Service
"LiqPAY is global open high-secure payment system that lets anyone
easily send money using mobile phones, Internet and payment cards
worldwide.
...
LiqPAY Benefits: Strong security. Strong identification and
verification using the OTP technology."
Program:
Attacking Telco Core Network - Philippe Langlois (TSTF)
Real World Kernel Pool Exploitation - Kostya Kortchinsky (Immunity)
Cyber Crime: Follow the Money - Pedro Bueno (McAfee)
The Powerful Evil on Mobile Phone - Nanik (COSEINC)
Securing Your Web Application Codes - Kurt Grutzmacher (Pacific Gas)
Hacking RFiD Devices: Octopus Card?? - Adam Laurie (RFIDI0T.org)
Attacking Anti-Virus - Sowhat (Nevis Lab)
Anti-Forensic: Leaving the Police No Trails (the Grugq)
Media Security in VOiP Systems - Shao Weidong (Secure Minded Consulting)
More information here:
CVE-2010-1752 in http://support.apple.com/kb/HT4225
o Security-Advisory: TEHTRI-SA-2010-028 - 0day on BlackBerry
TEHTRI-Security found a security issue, and created a client-side attack
0day for BlackBerry cellphone devices (Hotspot Browser). The code was
shared with RIM who handled this vulnerability quickly, so that a fix
might be added in a future release. It allows an attacker to crash the
remote web application. This was scored with a CVSS of 5.
o Security-Advisory: TEHTRI-SA-2010-027 - 0day on HTC
will close the CFP early once we receive enough quality submissions to
fill the slots.
Please include the following with your submission:
1. Contact information (email, cell phone and postal address)
2. Country and city of origin for your travel to the conference,
as well as nationality/passport for visa requirements
3. Brief biography (including employer and/or affiliations)
4. Title of the presentation
5. Presentation abstract
- Anything else elite
+ Please include
- Speaker name(s) and/or handle
- Contact information (e-mail and cell phone)
- Brief biography
- Presentation Supporting materials
- And why it is cool, or why you want to present it
+ You want to speak!
would not apply to them.
It happened to the Unix environment. Then it happened to the
Microsoft environment. Then it happened to the Linux environment.
And then it happened to the browser environment. Currently it is
happening to the cell phone environment. You expect me to believe it
will not eventually happen to the SCADA environment?
And it does not make an ounce of difference how much the defenders of
the SCADA world whine about full disclosure being evil. I expect a
surge of published exploits against SCADA software, and whining about
CSRF can be used to cause denial-of-service attacks against mobile phones by
flooding the phone with SMS and service messages.
Mobile phone service providers in Israel, and throughout the world, provide
a web interface to send SMS messages. Fortunately, they limit the SMS
sending web interface to 20 messages per day, and they also require the user
to authenticate in order to send an SMS.
Unfortunately, at-least when referring to the Israeli providers, they also
give attackers a way to send endless SMS and service messages without any
kind of authentication and with a simple HTTP request.
+ IF IT'S COOL, SEND IT +
+ Please include
- Speaker name(s) and/or handle
- Contact information (Email and Cell phone)
- Brief biography
- Presentation abstract (500 words max.)
- Supporting materials
- And why it is cool, or why you want to present it
modern society.
Dave 'h1kari' Hulton is a seasoned 'hardware hacker' and the organizer
of the annual Toorcon (www.toorcon.org) security conferences in
Seattle and San Diego. David will be presenting on intercepting mobile
phone and GSM traffic utilizing techniques and hardware that until
recently had been priced out of the range of most individuals and
companies.
John 'jur1st' Benson is a lawyer from Kansas City, MO who specializes
in electronic discovery and is also the chairman of the Kansas City
[*] Attacking Hardware
* Drone hacking: Tic-Tac-Toe in the sky with Reaper and Raptor
* Robots MCU infection: STDs for Petman and Bigdog?
* Attacking Wireless Sensors and their underlying networks.
* Hardware reverse engineering (and exploitation + backdooring)
* LTE mobile phone attack
* eNode-B hacking
* Hacking UEFI & Secure Boot
* Gnu Radio hacking applied to new domains
* RFID exploitation
* Hacking radio protocols, specifications and implementations
Strom Carlson - Why your mother will never care about Linux (a rant)
Stephan Chenette - Ultimate Script Deobfuscation: Browser Hooking versus simulation
Luiz "effffn" Eduardo - a 30,000 feet look at wi-fi, the freezing spot
Adam Cecchetti - Nunchaku: Attack, Defense, and a lot of arm flailing
Dan Griffin - Hacking SharePoint
Zane Lackey & Luis Miras - Mobile Phone Messaging Anti-Forensics
Dan Hubbard - P0wn the Cloud. The good, the bad, and the pugly of Cloud Computing
Tom Stracener - Advanced Cross-Site Scripting Scenarios, Filter Evasion and Browser Exploits
Thomas Ristenpart - Privacy-preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs
Dean Pierce - Seeds of Contempt
Zax - How did that Nigerian do that?! Artificial Intelligence and You
====================================================
3) Summary
The Web Browser for S60 (formally called Nokia Mini Map Browser) is a web
browser for the S60 mobile phone platform developed by Nokia.
It is built upon S60WebKit, a port of the open source WebKit project to the S60
platform. According to several sources, the S60 software on Symbian OS is the
world's most popular software for smartphones.
This version of the Nokia Mini Map Browser does not properly validate JavaScript
maintains a publicly available record of all campaign contributions. The
database contains contributors' personal information.
Intercepting Voice Communications - With the evolution of smart-phone
spyware, the infection of a candidate, campaign staff, or candidate's
family's cell phone with such a freely available application could have
dire consequences. Now, all back-room and hallway conversations partaken
by the candidate can be monitored at all times and intercepted by the
attacker. Worse, opinions that were perhaps not shared with the public
or outsiders are recorded and available for later playback, introducing
the potential for widespread exposure and damage.
For ToorCamp we will be having 50-minute talks on Thursday, 20-minute talks on Friday, and then hands-on workshops throughout the weekend. To submit a talk for the conference, please fill out the information below and email to cfp@toorcamp.org:
0. Name
1. Email Address
2. Mobile Phone Number
3. Brief Bio
4. Title of the Talk
5. Brief Abstract
6. Any supporting materials, links, outlines, etc
7. What talk format are you submitting for:
#2009-006 Android improper package verification when using shared uids
Description:
Android, an open source mobile phone platform, improperly checks developer
certificates when installing packages that request the shared user identifier
(uid) permission.
Normally, Android applications will be allowed to share a uid if the
packages are all signed by the same developer certificate and request
#2009-011 Android improper camera and audio permission verification
Description:
Android, an open source mobile phone platform, improperly checks permissions
when applications access the camera and audio resources.
The permissions are Manifest.permission.CAMERA and
Manifest.permission.AUDIO_RECORD respectively.
We aim to show that it is possible to find and exploit bugs on Symbian
smartphones, even in preinstalled system applications, without having
access to special development hardware, and that exploits and worms
similar to those found on desktop systems may be possible on Symbian.
The bugs listed in this paper have been sent to Nokia and are currently
under review. Mobile phone manufacturers should be aware that remote
vulnerabilities of the kind discussed in this paper could be used in
targeted attacks to remotely compromise a smartphone (track GPS, turn on
mic, etc.), or as a means of propagation for mobile network worms.
--
Please send data to cfp@toorcon.org :
000. Name (or leet alias, non-leet aliases are subject to heckling)
001. Email Address
010. Mobile Phone Number (In case we need to contact you at the con)
011. Brief Bio
100. Title of the Talk
101. Brief Abstract
110. Any supporting materials, links, outlines, etc
111. What talk format are you submitting for:
3.) Fredric Raynal (Head of Research, Sogeti/Cap Gemini) with Arnauld Mascret (Sogeti / Cap Gemini) & Christophe Devaux (Sogeti / Cap Gemini) -- Deception 2.0: Gathering and Exploiting Information
4.) Gynvael Coldwind (Researcher, Hispasec) -- A Case Study of Recent Windows Vulnerabilities
5.) Laurent Oudot (Founder, TEHTRI-Security) -- Silent Steps: Improving the Stealthiness of Web Hacking
6.) Marc Schoenefeld (Independent Network Security Specialist) -- Open Sesame: Examining Android Code with undx2
7.) Shawn Merdinger (Security Researcher) -- We Don't Need No Stinkin' Badges: Hacking Electronic Door Access Controllers
8.) The Grugq (Anti Forensics Specialist) -- Base Jumping: Attacking GSM Base Stations and Mobile Phone Basebands
HITBSecConf2010 - Dubai will also feature a HITB Web Hacking. This years contest will once again include an additional binary reversing challenge as well.
Notes:
** - Speaker changed due to the fscking ash cloud mess!
## - Grugq was stopped by his employer COSEINC from presenting his
original 'Attacking GSM Base Stations and Mobile Phone Basebands'
presentation - WTF?! #fail!!!
See you guys at HITBSecConf2010 - Amsterdam (June 29th - July 2nd at the
NH Grand Krasnapolsky)
The decode of the PDU can be seen in [2]. This decode was achieved
with PDUSpy from http://www.nobbi.com/pduspy.htm. When this message
is received by a SmartPhone it will be silently discarded, which
can also be useful to an attacker who wishes to ascertain if a
cellphone is on without alerting the user through SMS delivery
receipts.
[2] Decode of PDU from PDUSpy
PDU LENGTH IS 118 BYTES
will close the CFP early once we receive enough quality submissions to
fill the slots.
Please include the following with your submission:
1. Contact information (email, cell phone and postal address)
2. Country and city of origin for your travel to the conference,
as well as nationality/passport for visa requirements
3. Brief biography (including employer and/or affiliations)
4. Title of the presentation
5. Presentation abstract
++ Anything else elite ++
+ Please include
- Speaker name(s) and/or handle
- Contact information (e-mail and cell phone)
- Brief biography
- If available, some pesentation supporting materials
(website, code, paper, slides, outline..)
- And why it is cool, or why you want to present it
will close the CFP early once we receive enough quality submissions to
fill the slots.
Please include the following with your submission:
1. Contact information (email, cell phone and postal address)
2. Country and city of origin for your travel to the conference,
as well as nationality/passport for visa requirements
3. Brief biography (including employer and/or affiliations)
4. Title of the presentation
5. Presentation abstract
fill the slots.
Please include the following with your submission:
~ 1. Speaker name(s) and/or handle
~ 2. Contact information (email and cell phone)
~ 3. Brief biography
~ 4. Motivations for presentation (500 words max)
~ 5. Presentation abstract (500 words max)
~ 6. If your presentation references a paper or piece
~ of software that you have published, please provide
Next Page>>
|
|
|
