Tweets from June 2013

RT @Joshua_Brindle: Galaxy S4 SE for Android followup, with code, exploit demo and a howto for those who want to try it on their own: http://t.co/Fm4TA0Bg6Z

8:48pm June 30th 2013 via Falcon Pro

Making an ARM TrustZone rootkit [PDF] - http://t.co/81e5MBhWck

3:20pm June 30th 2013 via Falcon Pro

Androguard: One year after, end of Magnificent 7 project ! - http://t.co/8ex1G6utnd

3:16pm June 30th 2013 via Falcon Pro

@0xabad1dea @TeamAndIRC qualcomm has published several advisories w/CVE numbers in CodeAurora website. Google has some security tests in CTS

7:40pm June 29th 2013 via Falcon Pro in reply to TeamAndIRC

@0xabad1dea afaik such thing does not exist.

6:26pm June 29th 2013 via Falcon Pro in reply to 0xabad1dea

RT @mdowd: For those interested, the ZRTPCPP / Crypto-phone security weaknesses blog is back up. Thanks for your patience: http://t.co/3klnZmvja3

2:48pm June 29th 2013 via Falcon Pro

building the OpenSSL FIPS Object Module and OpenSSL FIPS Capable library for Android devices - http://t.co/nxuwWI5gkI

1:58pm June 29th 2013 via web

@adumont @J_r0dd no problem to place a su binary or a setuid shell and get root through adb, but has all the sec_restrict shit: no root apps

11:09am June 29th 2013 via Falcon Pro in reply to adumont

RT @0xroot: How I hacked your Instagram account https://t.co/s5AkWrm5eS :)

1:35am June 29th 2013 via Falcon Pro

Glad to have the 4.3 leak, sad to see Samsung put all the SEC_RESTRICT root stuff in. http://t.co/RloXmlsv5s

1:00am June 29th 2013 via Falcon Pro

RT @ChainfireXDA: Stock Android 4.3 for SGS4 and root - https://t.co/YAdzc4BCRQ

11:18pm June 28th 2013 via web

RT @viaforensics: Want to learn #JTAG? Our new JTAG training is online - and JTAG 101 is ONLY $19.95. More info: https://t.co/a61tGlm46O

9:38pm June 28th 2013 via Falcon Pro

Install Android 4.3 on your Galaxy S4 (GT-I9505), ported from Google Play Edition (GT-I9505G) - http://t.co/bwakoZhopM

9:27pm June 28th 2013 via Falcon Pro

RT @0xroot: Transparent Interception of Android HTTPS Traffic - http://t.co/XMyRa0VA0d via @marioballano

9:22pm June 28th 2013 via Falcon Pro

@timstrazz @lookout three years kicking ass! congrats :)

11:49pm June 27th 2013 via Falcon Pro in reply to timstrazz

Gerrit: interesting framework patch to "Help reduce system service hijacking" - https://t.co/AOFzgNxris via @insitusec

11:41pm June 27th 2013 via web

RT @TeamAndIRC: and this is why I prefer Google's "approval" process over Apple's https://t.co/MBWZRl5eL0 (tho editing the comments was eh)

11:27pm June 27th 2013 via Falcon Pro

RT @andreasdotorg: "Hey, Debian, we're security researchers and have 1.2k bugs, how do we file them?" http://t.co/hJmh74C9NJ

10:35pm June 27th 2013 via Falcon Pro

Check out deurus's Android Crackme04 at Crackmes.de - http://t.co/RGmdUERtWu

8:22pm June 27th 2013 via Falcon Pro

Working with GPIO on the Wandboard and Writing an Android Driver for GPIO Interrupts - http://t.co/dXfb0ztrDV

7:48pm June 27th 2013 via Falcon Pro

RT @quine: UnSexy flaws in CSipSimple - http://t.co/aLlzwNMzub

6:16pm June 27th 2013 via Falcon Pro

RT @forensikblog: New major version (5.0) of #010Editor released: http://t.co/q5IokH5nDp

6:10pm June 27th 2013 via Falcon Pro

RT @jduck: Reversing and Auditing Android's Proprietary Bits (my @reconmtl slides are now available at http://t.co/Ux8GS0V6rT) cc @iamnion

5:49pm June 27th 2013 via TweetDeck

Good explanation of app_process command in Android - http://t.co/tymtuATfIZ

7:17am June 27th 2013 via Falcon Pro

RT @AndroidPolice: Google: No Factory Image Or Driver Binary Hosting For Google Play Edition One Or S4, OEMs Will Handle OTAs http://t.co/G0EDTtSQnb

12:28am June 27th 2013 via Falcon Pro

RT @AndroidPolice: HTC And Google Release Google Edition HTC One, Galaxy S4 Source Code http://t.co/APQ3SFk1HU

12:19am June 27th 2013 via Falcon Pro

@NuShrike @PaulOBrien a tradeoff worth making if you get stock android :)

12:15am June 27th 2013 via Falcon Pro in reply to NuShrike

RT @PaulOBrien: You WILL be able to flash your 'normal' One or S4 to Google Play edition software. So don't feel bad if you can't order one! :-)

7:04pm June 26th 2013 via Falcon Pro

RT @quine: Our (@tmanning+me) talk is now listed on the @_defcon_ site. uNF. http://t.co/1h1uYjPxLi (/cc @TheDukeZip @tufts_cs_mchow)

6:23pm June 26th 2013 via Falcon Pro

RT @AndroidPolice: Google Search/Now Updated With Support For More Voice Actions, Integrated Offers, And TV Show Information In The US http://t.co/SPg5MSFmAg

6:23pm June 26th 2013 via Falcon Pro

@phr0nak congrats! és públic el fallo que has reportat?

12:09am June 26th 2013 via Falcon Pro in reply to phr0nak

RT @collinrm: Mobile Security News June 2013 part2 (REcon review) http://t.co/ovaUjtmI7U

10:46pm June 25th 2013 via Falcon Pro

RT @insitusec: Our Stronger Identify Protection via Mobile Devices abstract announced for Passwords^13 http://t.co/TlHdQV8Xej #passwords13 #android

10:39pm June 25th 2013 via Falcon Pro

RT @TeamAndIRC: XDA's security forum is now live http://t.co/n7yaWQnwZN

10:37pm June 25th 2013 via Falcon Pro

RT @tewilove: #Huawei_Ascend_P6 rooted, simply like exynos-abuse. https://t.co/z7hV5QV4wH

6:57pm June 25th 2013 via web

RT @TeamAndIRC: APK for my LG/Sprite Backup vulnerability (CVE-2013-3685) http://t.co/xzHqNKWvdI

12:09pm June 25th 2013 via Falcon Pro

RT @viaforensics: This Thursday we kick off our 2013 webinar series by discussing corporate espionage via compromised device. Signup: https://t.co/XRIYWxpXux

12:05pm June 25th 2013 via Falcon Pro

RT @BlueboxSec: Debunking Five Mobile Security Myths http://t.co/TEgB8MaM0H via @cmswire

12:01pm June 25th 2013 via Falcon Pro

How to exploit msm_acdb (CVE-2013-2597) by @fi01_IS01 - [jp] https://t.co/ZEvNP5kkbM

11:44am June 25th 2013 via web

Nmap NSE: Vulnerability Scanner module for Nmap - http://t.co/WhyAfE5boX

11:28am June 25th 2013 via web

RT @saidelike: Download HTC RUU and zip roms: http://t.co/mkJmhmLZAO

8:37pm June 24th 2013 via Falcon Pro

RT @0xroot: Shellcode on ARM architecture - http://t.co/VTp4xlr7rs

8:20pm June 24th 2013 via Falcon Pro

RT @iamnion: cool, someone is working on a basic open soure x64/x86 decompiler plugin for #ida https://t.co/a9J3DZZkwv

8:14pm June 24th 2013 via Falcon Pro

LGPwn exploit (CVE-2013-3685) by @TeamAndIRC affects more than 40 LG devices - https://t.co/Mp5UfSkCa7

6:10pm June 24th 2013 via web

RT @BorjaMerino: Debugging Android Libraries using IDA http://t.co/TsL13qCDga

5:31pm June 23rd 2013 via Falcon Pro

Stack-based buffer overflow in acdb audio driver (CVE-2013-2597) - https://t.co/7ZBAutaQgZ

7:44am June 22nd 2013 via Falcon Pro

RT @cryptax: Told you my next blog post wouldn't concern Android. So it is... Firefox OS. With a very very simple crackme: http://t.co/cIa1qbwlek

6:05am June 22nd 2013 via Falcon Pro

RT @xdadevelopers: Manage Individual App Permissions with XPrivacy http://t.co/ldx3Ne2Ho0

6:41am June 21st 2013 via Falcon Pro

RT @kaiyou_: #hip2k13 Here are the slides for "Remoting Android apps for fun & profit" http://t.co/HJvUhdsPbS @virtualabs

11:26am June 20th 2013 via Falcon Pro

RT @thorstenholz: Comprehensive overview of unofficial Android marketplaces: http://t.co/2zAodFU4yy

11:17am June 20th 2013 via Falcon Pro

RT @viaforensics: Videos: Exploiting mobile devices to enter corporate networks & using third party apps to compromise BYOD security: http://t.co/K8KQPSvByn

10:33pm June 19th 2013 via Falcon Pro

@trufae woo all final ha arribat! Ja diras que tal!

9:47pm June 19th 2013 via Falcon-Pro in reply to trufae

@G13net you haven't slept long enough.

1:19pm June 18th 2013 via Falcon-Pro in reply to G13net

arm7-dasm: Android kernel disassembler based on MAME emulator code - https://t.co/HyT0F2snq9

11:58am June 18th 2013 via web

@madCdan working now, thanks for the quick fix :D

10:06am June 18th 2013 via Falcon-Pro in reply to madCdan

RT @CyanogenMod: +Steve Kondik chatted with the folks at Ars Technica on the Incognito app mode. Take a look! http://t.co/zJ8q29GvJn

9:46am June 18th 2013 via Falcon-Pro

@madCdan yes, genymotion-1.0_x64.bin, but it happens with all others as well. Eclipse plugin download is the only one that works

9:18am June 18th 2013 via web in reply to madCdan

RT @m_spreitz: Heimdall Suite 1.4.0 Released -- http://t.co/szqRKteo5G

9:15am June 18th 2013 via web

@madCdan getting 403 forbidden when trying to download Genymotion from the new website...

9:14am June 18th 2013 via web

RT @roman_soft: #int3pids finally ranked #18 at #defcon #quals. Our scoreboard: http://t.co/CPDdSNiFIE

4:53pm June 17th 2013 via Falcon-Pro

RT @anantshri: Sharing : Adb restore directory traversal vulnerability for android http://t.co/Pf0CPS2OKk cc : @pof

1:27pm June 17th 2013 via Falcon-Pro

RT @aykay: Cracking iOS personal hotspots using a Scrabble crossword game word list, full report at https://t.co/MYeLNXCJRP

12:48pm June 17th 2013 via Falcon-Pro

RT @thuxnder: Wanna see how the Manifest of Obad.a looks like? http://t.co/AqGpI5GjGL Fixed the parser, so he now deobfuscates dexguarded apps #Android

11:31pm June 13th 2013 via Falcon-Pro

@cryptax thanks! are you coming to LV?

11:30pm June 13th 2013 via Falcon-Pro in reply to cryptax

RT @trufae: Save a file in vim as root: cmap w!! %!sudo tee > /dev/null % /via irc

10:35pm June 13th 2013 via Falcon-Pro

RT @jduck: vulnerability patch of the qualcomm /dev/msm_acdb, which came out in late May https://t.co/7D8c3wAPQW … (from @goroh_kun)

10:20pm June 13th 2013 via Falcon-Pro

RT @0xb3nn: Even better than UltraReset, hats off to NFC Tag Cloner. Copy, Save, Reset ultralights and classics from Android. https://t.co/gbQls5EO8Y

7:22am June 13th 2013 via Falcon-Pro

.@TeamAndIRC is on fire today, now breaking dex2jar - https://t.co/j3ZBP9Qe3M

2:17am June 13th 2013 via Falcon-Pro

RT @trufae: FirefoxOS application security. https://t.co/BA6o2kizED #fxos

1:31am June 13th 2013 via Falcon-Pro

RT @timstrazz: #010Editor has syntax highlighting? Created a smali one… It sort of works? Highlighting engine is odd though https://t.co/60KzhdJsvc

1:26am June 13th 2013 via Falcon-Pro

@timstrazz lol, i'll bring the full movie at defcon... grab some pop corn :P

12:57am June 13th 2013 via Falcon-Pro in reply to timstrazz

RT @timstrazz: Little known #Android hacker fact, early on, @pof played a part in a classic movie playing a frenchman… http://t.co/lpQ4sHhpOB

12:53am June 13th 2013 via Falcon-Pro

breaking decompilers is the new fashion, @TeamAndIRC breaks JEB (followed by @NicolasFalliere hyper-quick fix!) - https://t.co/WG7QMXMZHD

12:31am June 13th 2013 via web

@DannOfThurs i guess, all materials are made available after the conference

11:59pm June 12th 2013 via Falcon-Pro in reply to DannOfThurs

My talk appears on #defcon speaker's website - https://t.co/eipkI8nJE2

11:53pm June 12th 2013 via web

RT @grsecurity: @pof Your Defcon talk on defeating SEAndroid can't be true, they have information flow graphs and 30 years of beautiful tradition!

11:49pm June 12th 2013 via web

RT @_defcon_: Peruse the new batch of speakers posted at https://t.co/W9qBthJCzU

11:47pm June 12th 2013 via Falcon-Pro

RT @c0rnholio: HushSMS ROOT Edition released. Theres hope for CM users now. Read more here http://t.co/HgO1unNWeL

11:41pm June 12th 2013 via Falcon-Pro

Again! iOS 7 Beta lockscreen bypass to access photos - http://t.co/iD6bwv5WLT

11:35pm June 12th 2013 via Falcon-Pro

@lattera still is a DoS and should be fixed imho @reyammer

8:23pm June 12th 2013 via Falcon-Pro in reply to lattera

RT @reyammer: New blog post! What The Fork: how to immediately block *any* Android device: http://t.co/BR3pykPfXC #android #dos #forkbomb

6:57pm June 12th 2013 via web

RT @andremoulu: Slides of my presentation on #Android Samsung apps (in)security (in English) #SSTIC http://t.co/dL7d96y9Zb cc @jduck @pof

1:28pm June 12th 2013 via Tweet Button

@trufae jejeje, no va desencaminada :)

8:26am June 12th 2013 via Falcon-Pro in reply to trufae

New per-app "incognito mode" privacy feature to return empty content providers in CyanogenMod soon - https://t.co/Fgdp8DpkRH

8:17am June 12th 2013 via web

RT @carlosacastillo: Analyzing "Obad.a" a.k.a. "The most sophisticated Android Trojan" http://t.co/TPima6nR9O - IMO the best analysis of Obad I've seen so far

8:03am June 12th 2013 via Falcon-Pro

RT @tewilove: Easy root many MTK based devices. 1. ln -s /sys/kernel/uevent_helper /data/mdl/ehehe 2. reboot 3. now uevent_helper is world rwx. @MediaTek

11:07am June 11th 2013 via web

Exploit source for Framaroot Gandalf exploit (Uncontrolled memory mapping in camera driver CVE-2013-2595) - http://t.co/wK6fgZSOfT

10:56am June 11th 2013 via web

A couple of Android Qualcomm specific exploits: DIAG - https://t.co/zjgrBBRo21 & msm_acbd - https://t.co/0oDliwZBCj

10:32am June 11th 2013 via web

libperf_event exploit for Android CVE-2013-2094 - https://t.co/BUA4hcb4Wr

10:24am June 11th 2013 via web

RT @NicolasFalliere: Decompiled code for Android.OBad - still an eye-sore, I haven't annotated it. http://t.co/BC4EO89DCl #JEB #android #security

1:42am June 11th 2013 via Falcon-Pro

RT @esizkur: Whoot! GSMK has released their Hexagon CPU module for IDA Pro: https://t.co/8buq2xVgSn #baseband #qualcomm

1:40am June 11th 2013 via Falcon Pro

RT @TeamAndIRC: LG beat the race against 2 weeks! They responded to the middle of 3 disclosures (why no response to the first or last?) in 13 days!

3:10pm June 10th 2013 via Falcon Pro

RT @mwrlabs: An introduction to BB10 and QNX security (OS and Apps) http://t.co/5zEWnvz2sU

2:55pm June 10th 2013 via Falcon Pro

@andremoulu improving my french skillz :) thanks for sharing!

2:53pm June 10th 2013 via Falcon Pro in reply to andremoulu

RT @andremoulu: Slides of my presentation on #Android Samsung apps (in)security and backdoor without permission (in French) #SSTIC https://t.co/pR0Fx3PzxJ

2:52pm June 10th 2013 via Falcon Pro

RT @skier_t: Automated Deobfuscation of Android Applications http://t.co/qgNRWqR4oa #AthCon @AthC0n

1:41pm June 10th 2013 via web

So, two different S-OFF tools for HTC One released the same day: RevONE (http://t.co/zpG9tLSekJ) and Moonshine (http://t.co/g904sz1eSu)

9:25am June 8th 2013 via web

RT @alpharevx: RevONE S-OFF for HTC One: http://t.co/X40ullgyNu Early access preview edition. Come get some!

10:43pm June 7th 2013 via Falcon Pro

RT @_defcon_: Have a good idea for an awesome party space/chill zone for #DEFCON? Here is your chance, we'll made it easy for you. https://t.co/cXXLikOCMq

12:52pm June 7th 2013 via Falcon Pro

@wojdyga nope, in that case change the system language or use xposed framework 'app settings' to set a different locale per app.

8:01am June 7th 2013 via Falcon Pro in reply to wojdyga

@wojdyga add &hl=language at the end of the URL, for example &hl=es would change them to Spanish.

7:50am June 7th 2013 via Falcon Pro in reply to wojdyga

Kony 2013, A different kind of Android reversing (lua bytecode inside a "mp3" file in assets) - http://t.co/AkBaes4Fgj via @kapitanpetko

7:35am June 7th 2013 via web

LOL everyone is trolling Samsung with User Reviews in this app - https://t.co/QatMA875tm

7:21am June 7th 2013 via web

AntiTaintDroid (a.k.a. ScrubDroid) source code released - http://t.co/2sCOVWwn1D

7:06pm June 6th 2013 via web

@shawnvalle lol, be selective... twitter is a continuous procrastination source :)

6:52pm June 6th 2013 via Falcon Pro in reply to shawnvalle

RT @timstrazz: @ikoz @pof it's decently expensive for an obfuscator (not arguing if it's worth it or not, it does a good job)

6:36pm June 6th 2013 via Falcon Pro

RT @ikoz: @pof @timstrazz well dexguard isn't that hard to come by or prohibitively expensive, I'm surprised it's not used more. JEB decompiles it!

6:36pm June 6th 2013 via Falcon Pro

@timstrazz the malware is not exploiting anything afaik, but the fact that it uses a commercial packer makes it interesting.

6:24pm June 6th 2013 via Falcon Pro in reply to timstrazz

Android malware packed with Dexguard (commercial version of proguard) - http://t.co/VmILBr1uFn via @TeamAndIRC

6:09pm June 6th 2013 via web

FORTIFY_SOURCE for everyone: Retrofitting buffer bounds checks to widely used legacy code, by Nick Kralevich - https://t.co/WJ2dE11w6y

6:04pm June 6th 2013 via web

RT @thorsheim: Announcing David Weinstein @insitusec & Andrey Belenko @andreybelenko as speakers at #passwords13 http://t.co/ksmR89g8We

3:30pm June 6th 2013 via Falcon Pro

RT @xdadevelopers: Record and Replay Touches and Swipes on Your Android Device http://t.co/PsbTGZP3Cg

3:26pm June 6th 2013 via Falcon Pro

very complete smartphone market share spreadsheet: src from ComScore, Kantar, IDC and Strategy Analytics - https://t.co/Fmasy1DWsg

1:40pm June 6th 2013 via web

Say bye to mercury, say hello to drozer - http://t.co/VSs6eYtbq9

9:12am June 6th 2013 via web

another android (adb) backup unpacker/packer in python - https://t.co/SOOfqd1AOT

12:53am June 6th 2013 via Falcon Pro

android adb backup extractor: compilation of utilities to work with adb backup files - http://t.co/Hy1A1BsI2H

12:34am June 6th 2013 via web

RT @0xroot: Tracing the baseband pt 1 http://t.co/3csfat7fAZ Tracing the baseband pt 2 http://t.co/VnPfjvJuy8 via @pof

10:49am June 4th 2013 via web

RT @attrc: Checking the ARM (Android) System Call Table and Exception Vector Table for Signs of Rootkits - http://t.co/XmP6VCjcWR CC: @jtsylve #dfir

6:33pm June 3rd 2013 via Falcon Pro

Interesting post and specially comments from @jbqueru about 5 years of AOSP - https://t.co/E2rPtURMtk

9:04pm June 2nd 2013 via Falcon Pro

RT @attrc: Want to see Dalvik Inspector & new Reg Decoder? Check out @jtsylve & @vicomarziale at @BlackHatEvents arsenal http://t.co/bAGkCFSVXv #dfir

8:51pm June 2nd 2013 via Falcon Pro

RT @MarkoGargenta: Slides from my Android Enterprise Security talk from #AnDevCon: http://t.co/hQM8Vo7McN #AndroidDev

9:25am June 2nd 2013 via Falcon Pro

RT @MarkoGargenta: Slides from my Android Security Underpinnings talk #AnDevCon: http://t.co/G4k0QOc2oh #AndroidDev

9:25am June 2nd 2013 via Falcon Pro