Kon-Boot is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! In other words you can login to your Windows profile without knowing your password. Easy to use and excellent for tech repairs, data recovery and security audits.
The Certified Ethical Hacker (CEH) exam was developed by the International Council of E-Commerce Consultants (EC-Council) to provide an industry-wide means of certifying the competency of security professionals. The CEH certification is granted to those who have attained the level of knowledge and security skills needed to perform security audits and penetration testing of systems and network.
The CEH exam is periodically updated to keep the certification applicable to the most recent hacking tools and vulnerabilities. This is necessary because a CEH must be familiar with the latest attacks and exploits.
A Security researcher and hacker, named John Gordon, has found an easy way to bypass the security of locked smartphones running Android 5.0 and 5.1 (Build LMY48M).
Many of us use various security locks on our devices like Pattern lock, PIN lock and Password lock in order to protect the privacy of our devices.
However, a vulnerability could now allow anyone to take your Android smartphone (5.0 build LMY48I) with locked screen, perform a "MAGIC TRICK" and as a result crash the user interface (UI) for the password screen and gain access to your device.
The vulnerability, assigned CVE-2015-3860, has been dubbed as "Elevation of Privilege Vulnerability in Lockscreen".
How the Attack Works?
The secret behind the researcher's "MAGIC TRICK" is as follows:
Get the device and open the Emergency dialer screen.
Type a long string of numbers or special characters in the input field and copy-n-paste a long string continuously till its limit exhausts.
Now, copy that large string.
Open up the camera app accessible without a lock.
Drag the notification bar and push the settings icon, which will show a prompt for the password.
Now, paste the earlier copied string continuously to the input field of the password, to create an even larger string.
Come back to camera and divert yourself towards clicking pictures or increasing/decreasing the volume button with simultaneously tapping the password input field containing the large string in multiple places.
All this is done to make the camera app crash. Further, you will notice the soft buttons (home and back button) at the bottom of the screen will disappear, which is an indication that will enable the app to crash.
At this time, stop your actions and wait for the camera app to become unresponsive.
After a moment, the app will crash and get you to the Home Screen of the device with all the encrypted and unencrypted data.
Now without wasting time go to Settings > Developer options > Enable USB debugging and control the device by installing the Android Debug Bridge (ADB) utility.
Video Demonstration shows Attack in Work
Watch the video demonstration given below, where you can see practically how Gordon executed the hack.
In addition to this, if we notice the number of users with Android 5.0 and 5.1 with hardware compatibility as Nexus 4 and software installed as Google factory image - occam 5.1.1 (LMY47V) are less. Therefore, the risk associated will affect those users only.
Furthermore, for those users we have a good news that is- the patch has released for the vulnerability and is made public by Google.
2. Android Phone ( Jelly Beans - I am Using Samsung S3)
3. Common Wireless Network ( Using Hotspot)
I am not gona take much time hence will do it fast in simple steps. So lets go.
Step 1: Open Your Kali terminal and type the following command.
Step 2: After pressing the enter key, just type ls for listing the files on same directory. And you will see app.apk file.
Step 3: Now use the exploit i.e exploit/multi/handler , set the respective payload and after setting lhost and lport just type exploit to trigger the exploit.
Step 4: Now send the .apk file we just created to victim, it will be having an M icon showing Metasploit icon on it. As user tries to install it you on attacker machine i.e Kali Linux in our case will get the reverse connection.
Step 5: Now as you can see in below image we got the shell of the Android phone and can have access to its data. If the phone is rooted then you can even get Call Logs, SMS and other data stored in the internal storage space.
Note down the interface on which you want to start the monitoring. In my case it is wlan0 so I will be using wlan0.
Enter: airmon-ng start wlan0 If the result looks like this: then your card is in monitor mode.
Note down the monitoring interface’s name (“monitor mode enabled on mon0“). In my case it is mon0 so I will be using mon0.
Enter: airodump-ng mon0
My target is “mtnl” which is using WEP encryption and authentication. Wifi “mtnl” is working on channel 4 and BSSID (or bssid) is 0C:D2:B5:03:43:68. I will be using this information. Enter: airodump-ng –w mtnl-org –c 4 –bssid 0C:D2:B5:03:43:68 mon0
After about 15,000 packets have been captured, enter: aircrack-ng mtnl-org-01.capto start cracking the WEP password.
5 : Set disk space ( 20 GB is good enough, minimum 12 GB to work smoother )
10 : wait until installer finish copying files setting system
11 : set network mirror and set boot-loader ( very important )
12 : after installation restart and login with username ” root ” and password ( what you set at step 6 )
SQL Vulnerable Websites For Practice 2015 http://classic-sprint.net.IN/article.php?id=3 http://fmshirtssale.IN/art...
Procedure : 1. Dial 1 2 9 from Airtel number. 2. You will listen a song then you will be asked to choose language. ...
How to Use your Android Device as a Webcam Requirements : Android Device of course PC with WIFI Connectivity Download...
How to Earn Rs 50 Flipkart EGV by Refer PROCEDURE : Firstly Download FlipkartPing app HERE . Open This app and ...
Procedure : 1. Firstly, register Yroo account from Here . 2. Now signup using Facebook or Gmail . Note : Do no...
A Security researcher and hacker, named John Gordon , has found an easy way to bypass the security of locked smartphones running ...
