infoseckenya.blogspot.com
Infosec Kenya: February 2015
http://infoseckenya.blogspot.com/2015_02_01_archive.html
My take on security, tutorials and research. Monday, February 9, 2015. Subscribe to: Posts (Atom). AUTO - MIGRATE A METERPRETER SESSION. The process used to gain access to a remote system may not always be stable and may crash locking you out of the system. You could always mi. REVERSE ENGINEERING ANDROID APPS. Having covered the security implications of being able to access data directory of android apps as root and what you information you can get. ANDROID HEAP DUMPS – A SECURITY PERSPECTIVE. One of th...
infoseckenya.blogspot.com
Infosec Kenya: HUAWEI IDEOS (Android OS)
http://infoseckenya.blogspot.com/2011/03/huawei-ideos-android-os.html
My take on security, tutorials and research. Wednesday, March 30, 2011. HUAWEI IDEOS (Android OS). I have been playing around with the Huawei IDEOS android phone, more so in terms of infosec and just like Charles let the pictures do the talking for this Nokia N90 series here. I will also do the same. Overlook fing network scan results. Overlook fing service scan on a particular host on a network. Overlookfing service scan results. Am waiting for an android metasploit. May 15, 2011 at 9:59 PM. The process...
infoseckenya.blogspot.com
Infosec Kenya: ANDROID HEAP DUMPS – A SECURITY PERSPECTIVE
http://infoseckenya.blogspot.com/2011/05/heap-dumps-security-perspective.html
My take on security, tutorials and research. Tuesday, May 17, 2011. ANDROID HEAP DUMPS – A SECURITY PERSPECTIVE. This blog is kind of a flip of that, can a security researcher find any use for heap dumps? To answer this question, I set out to find out how to generate heap dumps on android and analyze them to find out what interesting information I could find. To generate a dump file on android, you have to be SU i.e. the device has to be rooted. Type the following command on the SU command line:. C: cd p...
infoseckenya.blogspot.com
Infosec Kenya: SSLSTRIP
http://infoseckenya.blogspot.com/2011/03/sslstrip.html
My take on security, tutorials and research. Tuesday, March 1, 2011. One of the cool attacks that completely evades ssl is sslstrip. Conjured up by a hacker named moxie (http:/ www.thoughtcrime.org/software/sslstrip/) this attack can be used to capture passwords once the perimeter network defenses have been punched through. Linux backtrack distro currently v.4 r.2 (). Ip address of the target. Default router of the target. Which by default in sslstrip.py is 10000. Start arp spoofing using the command.
infoseckenya.blogspot.com
Infosec Kenya: ANDROID DEVICES VULNERABILITY.
http://infoseckenya.blogspot.com/2011/03/android-devices-vulnerability.html
My take on security, tutorials and research. Monday, March 14, 2011. Thomas cannon discovered a vulnerability in Android devices operating system http:/ thomascannon.net/blog/2010/11/android-data-stealing-vulnerability/. This vulnerability allows an attacker to obtain the contents of a file when a user browses to a web server that has been compromised. He passed on this info as any responsible hacker should and Google who have promised to fix this hole in the upcoming Android 2.3. From the metasploit team.
infoseckenya.blogspot.com
Infosec Kenya: KIST TECT TALK
http://infoseckenya.blogspot.com/2015/02/kist-tect-talk.html
My take on security, tutorials and research. Monday, February 9, 2015. Subscribe to: Post Comments (Atom). AUTO - MIGRATE A METERPRETER SESSION. The process used to gain access to a remote system may not always be stable and may crash locking you out of the system. You could always mi. REVERSE ENGINEERING ANDROID APPS. Having covered the security implications of being able to access data directory of android apps as root and what you information you can get. PASS THE HASH ATTACK. HUAWEI IDEOS (Android OS).
infoseckenya.blogspot.com
Infosec Kenya: May 2013
http://infoseckenya.blogspot.com/2013_05_01_archive.html
My take on security, tutorials and research. Wednesday, May 8, 2013. Trip down memory lane). While looking around for qemu images, I came across one for the linux kernel 0.11 and simply had to try it. Http:/ oldlinux.org/Linux.old/qemu-images/Linux-0.00-041217.vfd.gz. To run the qemu image run. Qemu -L pc-bios -hda linux-0.11-devel-060625.qcow2 (Ctrl Alt f) takes you into full screen. Subscribe to: Posts (Atom). AUTO - MIGRATE A METERPRETER SESSION. REVERSE ENGINEERING ANDROID APPS. PASS THE HASH ATTACK.
infoseckenya.blogspot.com
Infosec Kenya: AUTO - MIGRATE A METERPRETER SESSION
http://infoseckenya.blogspot.com/2011/03/auto-migrate-meterpreter-session.html
My take on security, tutorials and research. Wednesday, March 9, 2011. AUTO - MIGRATE A METERPRETER SESSION. The process used to gain access to a remote system may not always be stable and may crash locking you out of the system. You could always migrate to a new process using the migrate script, but the sometimes you may not be fast enough to migrate manually. In comes the autorun script which allows you to specify a more stable process to migrate to once the system has been exploited. My wireshark adve...
infoseckenya.blogspot.com
Infosec Kenya: September 2013
http://infoseckenya.blogspot.com/2013_09_01_archive.html
My take on security, tutorials and research. Friday, September 13, 2013. Standard Chartered KE Document in/Security :-). My first challenge was how to generate the 60,466,176 numbers, turns out kali linux. Comes with a tool that met my requirement named crunch. Is a word-list generator based on the password format used whether alphabets,numeric or a combination of the two. Is one of the tools in the operating systems arsenal. Subscribe to: Posts (Atom). AUTO - MIGRATE A METERPRETER SESSION. A heap dump i...