Archive for Juli 2015

 
 

„Stagefright“ possible remote code excecution – disable MMS how-to

Security researcher Joshua Drake from Zimperium zLabs announced what he called „he worst Android vulnerabilities discovered to date[…]“

Who can be infected?
Mostly all Android phones ranging from Android version 2.2 bis 5.1.1.
Unfortunately, the bugs found by Zimperium allow shellcode – executable instructions disguised as harmless multimedia data to take control of your device as soon as the content of a malicious message is downloaded.

This bug, as ZimPerium wrote on their blog, can infect around 950.000.000 devices all around the world.

MMS

The infection is spread mostly using MMS and Hangout as MMS/SMS handler.
It’s not confirmed but it could be only Android Version < 4.1 are vulnerable to this MMS attack but it is recommended to disable MMS until full-disclosure.

Is there a fix for this vulnerability ?
Not yet, Google did release some fixes and will fix the issue after Joshia’s full-disclosure on August 5 at the Black-Hat

CyanogenMod did fix the issue: The following CVE’s have been patched in CM12.0

How can I disable MMS functionality ?
Here is a step-by-step instruction which shows you how to disable your MMS functionality:
(Please make backups of the IP addresses in case you want to enable MMS later)

Video (German + ENG subtitles)

Step-by-Step

droidAtScreen-1

droidAtScreen-2

droidAtScreen-3

droidAtScreen-4






droidAtScreen-5

droidAtScreen-6

droidAtScreen-7

1. make a backup of the IP addresses or URL
2. Change alle URL / IP addresses to: 127.0.0.1 – this will disable your MMS functionality

droidAtScreen-8

droidAtScreen-9

droidAtScreen-10






droidAtScreen-11

droidAtScreen-12

It would be great if someone could send me some pictures of an English version of this step-by-step process.

Bitcoin Armory 101 – generate list of BTC addresses from command line

Using Armory as my primary Bitcoin Wallet I played around with the Armorys python scripts.

Goal: pre-generate a list of 100 BTC addresses from my personal Armory wallet and make accessible.

Using Armory With Python

Armory was built in Python because of its extraordinary flexibility and ease of extensibility. Even the parts of Armory that are implemented in C++ have been made accessible through familiar Python syntax using SWIG. Just about everything related to Bitcoin and Armory is accessible by importing armoryengine.py in the base BitcoinArmory directory. Both ArmoryQt.py and armoryd.py are just large python scripts that use that engine, and therefore all functionality needed for a full client implementation is available using just armoryengine.py…. [read more]

1. Find your Armory installation path:

By default, Armory is installed to the following locations:

Windows: C:\Program Files (x86)\Armory
Linux: /usr/lib/armory
OS X: /Applications/Armory.app

2. use this script to access your Wallet and get a new BTC addresses:

#! /usr/bin/python
import sys
sys.path.append(„/usr/lib/armory/“) # change this path if needed !
from armoryengine.ALL import *

wlt = PyBtcWallet().readWalletFile( CLI_ARGS[0] )
print wlt.getNextUnusedAddress().getAddrStr()

3. Now run this script 100 times to generate 100 BTC addresses
Use a small Bash script to get things done:

#!/bin/bash
for (( c=1; c<=100; c++ )) do echo "$c generated" /home/$user/armory_generate_addresses_from_wallet.py /media/$user/.armory/armory_XXXXXXX_.wallet | tee >> /home/$user/armory/BtcAddressGen.txt

done

4. Upload your text file to your webspace and use a small PHP script to show one address and delete it from the list. (protect it via basic auth and don’t blame me for any RFI)

Example:
Selection_006

Liked it? Feel free to donate: 1H4amKeadr16UYRGkMz1nqFtiAxYV4zpyS