Re: [Full-disclosure] Any not annoying help welcome
the app traffic isn't present... Try the Shark app it uses tcpdump and it's very quick to setup. I used it on the ZON Remote app and others with success. Em 03/12/13 21:06, ICSS Security escreveu: > Making a turn here, let's see what turns out! > > I know that using Wireshark we can capture traffic in/out of the > routers interfaces. > I don't want to dig up the routers concept because face it i already > know how it works and so do you. > > I have only a few questions to ask. > > 1) The traffic on any device is monitored, correct? So, android > devices too. > 2) I have monitor an apk aplication and saved the packets with a > succefull login and an unsuccefull login. > 3) I know what the magic number to look for but, i'm unable to go > further decoding the authentification method. > > Can anyone give me a hand here or should i go elsewere? > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Any not annoying help welcome
Hey I don't know what exactly you mirrored but I can say there is none application specific traffic inside your pcap dumps. A good way to start is to have a look at Mallory (https://intrepidusgroup.com/insight/mallory/) if you don't know what communication protocol the app makes use of. Best regards cd Von: Full-Disclosure [mailto:full-disclosure-boun...@lists.grok.org.uk] Im Auftrag von ICSS Security Gesendet: Mittwoch, 4. Dezember 2013 13:22 An: adam; full-disclosure@lists.grok.org.uk Betreff: Re: [Full-disclosure] Any not annoying help welcome Hi, thanks for replying back... The APK Android app is "MEO GO!" from PT Comunicações. I always have bad luck trying to crack there apps. Back to the subject, It's an on-demand app to watch tv, rent movies and tv shows but there is a feature there that i really want to add to my hacking kit. When i try to login, in the app there's a feature called "MEO GO! Mobile" which only requires user to enter there mobile number. It connects via 3G or Wifi and it's able to determine if the number you enter matches the simcard mobile number. I WANT THAT QUERY FEATURE 1) If the number is incorrect, it says "The number you entered doesn't match your simcard number. Please try again" (in portuguese) 2) If the number is correct, it loads up the service. In the attachment i include the Wireshark packets for anyone. If it's breakable then you should be able to find my number there. I will go test the code and wait for any reply. If no response i will walk away because sometimes things are impossible until certain point... From: iaretheb...@gmail.com<mailto:iaretheb...@gmail.com> Date: Wed, 4 Dec 2013 04:16:56 -0600 Subject: Re: [Full-disclosure] Any not annoying help welcome To: ctrlaltdel...@outlook.pt<mailto:ctrlaltdel...@outlook.pt> CC: full-disclosure@lists.grok.org.uk<mailto:full-disclosure@lists.grok.org.uk> If you want anyone to help you with your specific problem, then you need to provide specifics to your problem. Can you post some (or all) of what you're trying to decode? If not, can you provide more information on what you're seeing? What character set? What length? Is any of it human-readable? On Tue, Dec 3, 2013 at 3:06 PM, ICSS Security mailto:ctrlaltdel...@outlook.pt>> wrote: Making a turn here, let's see what turns out! I know that using Wireshark we can capture traffic in/out of the routers interfaces. I don't want to dig up the routers concept because face it i already know how it works and so do you. I have only a few questions to ask. 1) The traffic on any device is monitored, correct? So, android devices too. 2) I have monitor an apk aplication and saved the packets with a succefull login and an unsuccefull login. 3) I know what the magic number to look for but, i'm unable to go further decoding the authentification method. Can anyone give me a hand here or should i go elsewere? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Any not annoying help welcome
If you want anyone to help you with your specific problem, then you need to provide specifics to your problem. Can you post some (or all) of what you're trying to decode? If not, can you provide more information on what you're seeing? What character set? What length? Is any of it human-readable? On Tue, Dec 3, 2013 at 3:06 PM, ICSS Security wrote: > Making a turn here, let's see what turns out! > > I know that using Wireshark we can capture traffic in/out of the routers > interfaces. > I don't want to dig up the routers concept because face it i already know > how it works and so do you. > > I have only a few questions to ask. > > 1) The traffic on any device is monitored, correct? So, android devices > too. > 2) I have monitor an apk aplication and saved the packets with a succefull > login and an unsuccefull login. > 3) I know what the magic number to look for but, i'm unable to go further > decoding the authentification method. > > Can anyone give me a hand here or should i go elsewere? > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Any not annoying help welcome
Hey there It is a bit difficult to understand what exactly you want to do. But I guess you want to capture some Android traffic via your router. Regarding your questions: 1) If you did setup a mirroring/monitoring port on your router you'll be able to capture all the traffic on the router. The problem here is that you will of course not be able to see encrypted traffic. 2.) If you want to monitor an apk there is an easier way to do this, assuming the apk is generating http/https traffic. Go ahead and download ZAP (Zed Attack Proxy) from OWASP. Then define ZAP as web proxy on the android device and import the SSL-Certificate generated by ZAP on the Android device. This way you'll not only be able to decrypt all the https traffice but also to modify/resend it. (There are some problems when it comes to defining proxys on Android devices. I tested the above method successfully on iOS devices.) I hope this helps Cheers, Mike Am 03.12.2013 22:06, schrieb ICSS Security: > Making a turn here, let's see what turns out! > I know that using Wireshark we can capture traffic in/out of the routers > interfaces.I don't want to dig up the routers concept because face it i > already know how it works and so do you. > I have only a few questions to ask. > 1) The traffic on any device is monitored, correct? So, android devices > too.2) I have monitor an apk aplication and saved the packets with a > succefull login and an unsuccefull login.3) I know what the magic number to > look for but, i'm unable to go further decoding the authentification method. > Can anyone give me a hand here or should i go elsewere? > > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Any not annoying help welcome
Hi, thanks for replying back... The APK Android app is "MEO GO!" from PT Comunicações. I always have bad luck trying to crack there apps. Back to the subject, It's an on-demand app to watch tv, rent movies and tv shows but there is a feature there that i really want to add to my hacking kit. When i try to login, in the app there's a feature called "MEO GO! Mobile" which only requires user to enter there mobile number. It connects via 3G or Wifi and it's able to determine if the number you enter matches the simcard mobile number. I WANT THAT QUERY FEATURE 1) If the number is incorrect, it says "The number you entered doesn't match your simcard number. Please try again" (in portuguese) 2) If the number is correct, it loads up the service. In the attachment i include the Wireshark packets for anyone. If it's breakable then you should be able to find my number there. I will go test the code and wait for any reply. If no response i will walk away because sometimes things are impossible until certain point... From: iaretheb...@gmail.com Date: Wed, 4 Dec 2013 04:16:56 -0600 Subject: Re: [Full-disclosure] Any not annoying help welcome To: ctrlaltdel...@outlook.pt CC: full-disclosure@lists.grok.org.uk If you want anyone to help you with your specific problem, then you need to provide specifics to your problem. Can you post some (or all) of what you're trying to decode? If not, can you provide more information on what you're seeing? What character set? What length? Is any of it human-readable? On Tue, Dec 3, 2013 at 3:06 PM, ICSS Security wrote: Making a turn here, let's see what turns out! I know that using Wireshark we can capture traffic in/out of the routers interfaces.I don't want to dig up the routers concept because face it i already know how it works and so do you. I have only a few questions to ask. 1) The traffic on any device is monitored, correct? So, android devices too.2) I have monitor an apk aplication and saved the packets with a succefull login and an unsuccefull login. 3) I know what the magic number to look for but, i'm unable to go further decoding the authentification method. Can anyone give me a hand here or should i go elsewere? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ login sucefully (membership).pcapng Description: Binary data logoff (solicit) & login errously (membership).pcapng Description: Binary data ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
