Wireless GUI Android Security Assessment: Hijacker

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...

CVE-2016-2036

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

Design/Logic Flaw

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the...

Null pointer dereference

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

CVE-2016-4030

Technical details for CVE-2016-4030 are not publicly provided in the supplied documents. The Connected documents do not contain product/version/root-cause/impact/remediation for this CVE. Monitor for updates from official advisories and vendor advisories.

Keyboard For Galaxy Note 3 - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Keyboard For Galaxy Note 3 published at the 'play' market has multiple vulnerabilities...

Samsung Note 3 and Galaxy S6 Denial of Service Vulnerability

The Samsung Note 3 and Galaxy S6 are both smartphones released by the South Korean company Samsung Samsung. A security vulnerability exists in the Samsung Note 3 and Galaxy S6. An attacker can exploit the vulnerability to cause a denial of service null pointer backreference by sending an HTTP...

The core area of URL filtering vulnerability affects Samsung Note 3, The Galaxy S6(CVE-2 0 1 6-2 0 3 6)-vulnerability warning-the black bar safety net

A Samsung Note 3, The Galaxy S6 phone Bug-the kernel area of the URL filter will appear what problem? Author: Roberto Paleari @rpaleari and Aristide Fattori @joystickID: CVE-2 0 1 6-2 0 3 6 notification date: 20/10/2 0 1 5 release date: 20/01/2 0 1 6 in the study of the Samsung Android kernel, we...

Samsung Galaxy KNOX Android Browser - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'digest/md5' class Metasploit3 0|1 if an HTTP request has been made to download a payload of that ID attrreader :servedpayloads def...

Samsung Galaxy KNOX Android Browser Remote Code Execution Exploit

This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has bee...

Towelroot : One-Click Android Rooting Tool Released By Geohot

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...