Information Security Resource

Lab 5 Basic Encryption   This post is about encryption flaw on android app for sensitive information. Here we will see the filesystem of device. Sometimes developer store the sensitive info on device that too without encryption. To check for some sensitive info on filesystem we will use our favorite tool 'adb', give below command adb shell after that browse to base app  and we gone  in shared_prefs directory, we explored the preferences.xml so we found this

Lab 4 Secure Logging Welcome back friends, Today we're gonna have a look on lab 4 Secure Logging from Damn Vulnerable Android Application by Security Compass series. Some times developers log the info about application to the android log, this some times contains sensitive information of an application. So in this lab we are gonna test this flaw on the vulnerable app, for this we have use adb logcat. Now after starting the logcat we have to browse through the app or have to make some activity like fund transfer etc. and then we need to check the logs for some sensitive info. We juz tried to check the account balance. and we got this in logs After this we tried for fund transfer We got this in Logs Solution: Developer should be very carefull about what he is logging about the app. He should refrain from logging any sensitive information like session keys etc.

Exploiting SSL 3.0 - The POODLE Attack On 14th Oct,2014 google has published a serious vulnerability in blueprint of SSL 3.0,naming POODLE – short for Padding Oracle On Downgraded Legacy Encryption. This flaw is not a software bug. This vulnerability allows attackers to decrypt the encrypted sessions between website server and client. As per Alexa 542,902 sites are SSL 3.0 supported which is 96.9% of HTTPS Alexa. Exploiting this vulnerability can result in compromise of cookies leading account hijacks. As informed the attack is easy to perform but attacker should be able to capture the traffic. It affects all browsers supporting SSL 3.0 Google Chrome, Mozila Firefox and IE etc.  The attacker can cause connection failure and forcing the browser to use SSL 3.0 or CBC-mode ciphers with SSL 3.0 and exploiting the vulnerability. So to mitigate this vulnerability is simply disable SSL 3.0 but you may face some compatibility issue. Google has recommended use of TLS_FALLBACK

Nmap Cheat Sheet NMAP Commands Goal Command Example Scan a Single Target nmap [target] nmap 192.168.0.1 Scan Multiple Targets nmap [target1, target2, etc] nmap 192.168.0.1 192.168.0.2 Scan a List of Targets nmap -iL [list.txt] nmap -iL targets.txt Scan a Range of Hosts nmap [range of ip addresses] nmap 192.168.0.1-10 Scan an Entire Subnet nmap [ip address/cdir] nmap 192.168.0.1/24 Scan Random Hosts nmap -iR [number] nmap -iR 0 Excluding Targets from a Scan nmap [targets] --exclude [targets] nmap 192.168.0.1/24 --exclude 192.168.0.100, 192.168.0.200 Excluding Targets Using a List nmap [targets] --excludefile [list.txt] nmap 192.168.0.1/24 --excludefile notargets.txt Perform an Aggressive Scan nmap -A [target] nmap -A 192.168.0.1 Scan an IPv6 Target nmap -6 [target] nmap -6 1