Dino Hacks

Collusion Attack is one of the ways to bypass android permissions and steal user's data. It requires the attacker or a rogue developer to create and install 2 android application in the user's phone. Both these apps can communicate with each other, share data and then sending it to the attacker.  There are 2 ways to communicate between 2 apps: overtly and covertly. An example of overt communication is to use intents to pass data between 2 apps. An example of covert communication is to use files. One app can write to a file in the internal storage and another app can read that file. An sophisticated way of covert communication would be to communicate by scheduling various events and calculating the time difference.  In this post, I am demonstrating the overt way of communications. I have 2 apps: Contact reader app (Phone reader App) and a Calculator App   A pictorial representation of the demo:  Code snippets: So, the contact reader app will have the permission to read your cont

Continuing the kioptrix series, we have Kipotrix level 3 walkthrough. This machine is not so simple like the last 2. It requires the pentester to poke around a bit. I found the ip address of the machine using netdiscover. I did a nmap scan on it. If you see, we have a website here. So, I decided to take at the website. I looked around the website and found this: LotusCMS looks interesting. Let's if there is any exploit for it. Looks like I need to use metasploit for this exploit.  Set the options in meterpreter and it will look like this:       Running this exploit and I got the shell. After getting the shell, I decide to just look around and see if I can find anything interesting. Checking out the gallery file, I found a config file. From that file, we got the root password. Now, since I have the root login and password, let's see if I can login into the phpmyadmin portal. The portal is located at kioptrix3.com/phpmyadmin and logging