SPF (part 3) Turning an Android App into a SPF Agent
Video Activity
This lessons covers turning an android app into a SPF agent. Participants receive step by step instructions on using the apk tool to create an SPF agent. This allows for hacking into a malicious device. This lesson also discusses the Android Master Key vulnerability.
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
This lessons covers turning an android app into a SPF agent. Participants receive step by step instructions on using the apk tool to create an SPF agent. This allows for hacking into a malicious device. This lesson also discusses the Android Master Key vulnerability.
Video Transcription
00:04
All right, Now we're gonna take a look at backdoor ing and Avery. Gays are rebuilt.
00:10
Android application on. We're going to turn it into an SPF agent.
00:16
We're in a back door.
00:18
A p k with agent.
00:27
That's just download something. We need a pick a tool.
00:31
Give it the
00:33
location of the absence of the ABC News. Don't be here.
00:40
It's gonna rip it apart.
00:53
Give it some information about our
00:57
athlete when I control it with it,
01:03
Kiki Ones again, always to care you for these examples
01:11
and
01:11
control Bath.
01:19
Gonna build that into
01:21
our back door, J. P. K. And put it back together.
01:33
You can use the android master key Vulnerability with will allow us to replace
01:38
legitimate applications,
01:41
though on my test thrown, I have the rial ABC News that we just back the word
01:49
the master key vulnerability, if the device is vulnerable, actually allowed me to replace that using the
01:56
keys that are on the original long.
02:01
So after there was a replacement and update from the real author, when in fact we should have no business doing that since we don't have access to their private keys at ABC News
02:14
this was a flow and android. It has been fixed but
02:17
Mayor, and not have been fixed on the devices you run into run into older android devices that were not getting updates all the time.
02:27
No different than we saw
02:29
on our Windows Lennox Systems.
02:31
I didn't not sure they have all of the updates they needed
02:39
course alters. Go do something else and then it'll finish. Did it does
02:46
again? This is the legitimate version
02:49
that was already on there, and we're going to replace it with a back door broken that looks and feels that they use their exactly the same. But it has some additional functionality.
03:04
Now. We can do number one until it to attach to a deployed agent
03:08
who will let these guys basically you a handshake with each other in the same way
03:13
our application did. This is a
03:16
phone that's controlled their target. We've managed somewhere another to get them to download this.
03:23
Well, I guess we should send it to them for a strike.
03:25
There was actually send it to them.
03:30
Example. We can send it to them. The text message.
03:37
Let's just uploaded to a Web server and send them a text message telling them, Download it. Maybe not the most sophisticated attack everywhere, but
03:46
they work.
03:49
So are you
03:50
that phone. So 5554 is going to send a text message to 5556
03:55
telling them we just gave it the default text.
04:00
This is a cool happen. It'd give you the option to change that.
04:06
Download the decay
04:11
they are vulnerable to the master key. Vulnerability will actually allow us to replace
04:16
ABC News up. That's already there.
04:19
If not, if they're not vulnerable, or you just don't want to use master feed,
04:24
give you the option of signing it with your own keys If you have a legitimate you. Blake. He even signed it with that.
04:31
Actually, even upload your
04:33
backdoor adapts to the place where I'm sure they wouldn't appreciate it very much. But there's nothing to stop you from doing that
04:48
and install it
04:54
is going to replace another absent freezing master key.
05:21
I'm going. It's following us following.
05:26
I don't know why emulators or so. So
05:30
you're 16 games to memory, Alan. You think they could use some of that?
06:14
Finally.
06:15
All right, then when you click open the look and feel just like the original one.
06:19
Well, you have the same neighbors.
06:42
Then we can do our what I mentioned before. Attach
06:45
with an attached your report agent
06:50
and let them do our three way Hendrik basically with each other. So SPF will be able to communicate with this agent.
06:59
We can communicate our http or SMS that will check in periodically over http or were considered a message from that 55 by five.
07:09
Fine. Fine for you.
07:13
And it will send that text message and we'll hide it in the background and
07:17
do whatever it says to do. It has the right key and come from the right number. So this does actually take a whole minute to finish.
07:31
This is going to give us access to that device. So there are clients sign attacks
07:38
on you could even use medicine Village. There are a few medicine plate modules for phones. A couple of clients, sides for android.
07:46
Simple things for our tunis. Well, certainly not as many as we have for some of our other platforms. But anything that isn't medicine boy for removal, you can use it directly through SPF.
07:57
It has a couple of clients sides all its own going to the client's eyes and social engineering has
08:03
some custom ones there.
08:05
But
08:07
primarily, I think, the best way to get on the devices like this through an application that's militias.
08:15
Well, we were able to get access to it.
Up Next
Similar Content
