Wireless GUI Android Security Assessment: Hijacker

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...

CVE-2016-2036

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

Null pointer dereference

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

Design/Logic Flaw

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the...

CVE-2016-4030

Technical details for CVE-2016-4030 are not publicly provided in the supplied documents. The Connected documents do not contain product/version/root-cause/impact/remediation for this CVE. Monitor for updates from official advisories and vendor advisories.

Keyboard For Galaxy Note 3 - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Keyboard For Galaxy Note 3 published at the 'play' market has multiple vulnerabilities...

Samsung Note 3 and Galaxy S6 Denial of Service Vulnerability

The Samsung Note 3 and Galaxy S6 are both smartphones released by the South Korean company Samsung Samsung. A security vulnerability exists in the Samsung Note 3 and Galaxy S6. An attacker can exploit the vulnerability to cause a denial of service null pointer backreference by sending an HTTP...

The core area of URL filtering vulnerability affects Samsung Note 3, The Galaxy S6(CVE-2 0 1 6-2 0 3 6)-vulnerability warning-the black bar safety net

A Samsung Note 3, The Galaxy S6 phone Bug-the kernel area of the URL filter will appear what problem? Author: Roberto Paleari @rpaleari and Aristide Fattori @joystickID: CVE-2 0 1 6-2 0 3 6 notification date: 20/10/2 0 1 5 release date: 20/01/2 0 1 6 in the study of the Samsung Android kernel, we...

Samsung Galaxy KNOX Android Browser - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'digest/md5' class Metasploit3 0|1 if an HTTP request has been made to download a payload of that ID attrreader :servedpayloads def...

Samsung Galaxy KNOX Android Browser Remote Code Execution Exploit

This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has bee...

Towelroot : One-Click Android Rooting Tool Released By Geohot

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...