PREC: Practical Root Containment For Android Devices

I’ve always thought that my Android device was safe since I only used market apps. This is an eye-opener.

FOR-BIN-SEC

Recently, I had come across this paper which was published by professors from NCSU.  Google Play is the new hub of distributing Malwares to the Android devices. A recent survey said that around 70% of the apps in the Google play are malwares. Currently, there’s no robust and 100% accurate mechanism in Google play to detect the presence of Malicious code in the app which a user submits.  PREC can dynamically identify system calls from high-risk components (e.g., third- party native libraries) and execute those system calls within isolated threads. Hence, PREC can detect and stop root exploits with high accuracy while imposing low interference to benign applications.

My understanding

Existing problems

1. Failure of Google play for detecting malicious applications
2. Current apps are intelligent enough to detect the emulated environment (Google play test on emulated env)
3. Environment couldn’t differentiate apps uses third party native codes which may be malicious (not all time)

Contributions of the…

View original post 471 more words

Check wether a port is open using PHP

I saw Tony running this test and didn’t really understand what was going on. Well, this explains it,or at least tries to 😛

Open and Free Source!

You need to replace the
$address =”the_test_address.com”;
$port = ‘port_number’;

/*Code starts*/
/*port test*/

<?php
$address=”smtp.gmail.com”;
$port = ‘456’;
if (isset($port) and
($socket=socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) and
(socket_connect($socket, $address, $port)))  {
$text=”Connection successful on IP $address, port $port”;
socket_close($socket);
}
else  {
$text=”Unable  connect<pre>”.socket_strerror(socket_last_error()).”</pre>”;
}
echo “<html><head></head><body>”.
$text.
“</body></html>”;
?>

/*code ends*/
code courtesy: http://php.net/socket_connect

How to test :- Copy this code to a file say, porttest.php, change the $address , $port to the required and put it somewhere accessible by your server , like /var/www/ in linux. And run the same by opening localhost/porttest.php

View original post

Crack Windows-XP Administrator account Password

This is something that I haven’t given a try yet . But sounds interesting enough , will try this out soon . You can give it a try yourself .

FOR-BIN-SEC

Computer Lab sessions seems to be the most boring sessions, if it is not utilized properly. I hacked into Windows XP Administrator account using Ubuntu 10.10. Before getting into windows it is important to become a root user in Ubuntu/Linux. Grub (a list shown during system startup to choose the Operating systems installed in the system) can be used to get root shell. Move the cursor to the Linux Distro’s (say Ubuntu 11.10 Natty) option and press ‘e’ (option to edit the grub). At the end of the third line in the new list there will be ro quit splash replace that word by rw init=/bin/bash. This will redirect you to a bash shell of root user. Then press ctrl + x to boot. Prompt with ‘root’ as prefix will appear. This means full access to the system! Now, edit /etc/sudoers
In order to edit /etc/sudoers you have to…

View original post 571 more words

Changing the Authentication Password in Ubuntu

This post will deal with recovering or rather changing the authentication/root password of your system . You might often encounter the need to do this . Maybe you've simply forgotten your password , maybe someone else installed the OS on your system and left you in dark of the authentication password or maybe you just … Continue reading Changing the Authentication Password in Ubuntu