Today we're going to have a lesson on password strength and software vulnerabilities.
Disclaimer: Th3J35t3r's site has served targeted malware in the past designed to capture data... especially from members of Anonymous. Perform these steps at your own risk!
There's something interesting afoot on The Jester's website...
In the upper right corner there's a little "Pi" symbol. If you've ever watched the movie "The Net" you know that interesting secrets are beneath the Pi symbol.
After clicking on the Pi icon you are presented with a UNIX style login prompt.
The login prompt allows you to login with the username "guest" and no password. However any attempts to login with "root" are met with a password prompt.
▼
Snapchat Covert Screen Capture for Android Revealed
Capture of a SnapChat image. |
At a family gathering today, a relative introduced me to SnapChat, and showed me how it only temporarily stores images, then deletes them when you're finished looking at them.
For those who don't know SnapChat is a "temporary" image service. The concept is simple - images are sent, viewed, and destroyed within 10 seconds. If a user attempts to take a screenshot of the image, the sender is sent a notification. I tested the "screenshot detection" and sure enough...if you take a screenshot with your Android phone it really does send a notification!
It was recently revealed that there is a method of capturing SnapChat images for iOS without the sender knowing by accessing the files directly on the device's storage drive. But this only works on iPhone or iPod Touch.
Always up for a challenge, I decided to see if I could bypass SnapChat's "temporary" storage and save a permanent copy of photos I receive.
After performing some analysis of how SnapChat works, today I'm going to reveal how to permanently save incoming SnapChat photos on any Android phone.
Android phones have a feature called "USB Debugging" which is commonly only used by tech savvy users or developers. This feature allows you to connect your Android phone to your computer and monitor its activities using the Android SDK.
One of the features of the Android SDK is, you guessed it, a screen capture utility.
By simply following these instructions from AddictiveTips.com you can capture the current screen without alerting the SnapChat app. Simply time clicking the "Refresh" button just right and you'll be able to capture that "secret" photo.
Note that this is not a flaw in the SnapChat app - this is the intentional design of the Android operating system.
This is a "high tech" method of defeating SnapChat. A "low tech" undetectable method would be to simply take a picture of you phone's screen using a camera from another device.
So what should users take away from this? A simple security lesson - if you don't want someone to be able to save something you send them, and don't want to risk that knowledge or picture from being posted publicly, then don't send it to anyone in the first place.
How (not) to handle software vulnerability submissions
If you're a software vendor developing programs more complex than "Hello World", eventually you will face an issue with a security vulnerability in your products.
For those who don't know I currently have an automated crawler searching Pastebin for new exploits and vulnerabilities. This crawler reports its results live via the Twitter hashtag #exploitAlert. Every once in a while if something catches my attention, I'll submit it to the software vendor.
For most vendors the process is very straightforward...just send an email or fill out a form. For an example of the right way to allow submissions of security vulnerabilities take a look at Microsoft's method.
Recently a supposed "0 day" vulnerability for Parallels Plesk was found by my crawler (a permanent copy of this paste is available here). I've never worked with Parallels software before, so I went to their website to try and find out where to submit a vulnerability. Finally I found it was an option on their support form.
My jaw dropped when I saw the warning at the bottom of the support form...
Well that certainly puts a stopper on things. I'm not a paying customer...so obviously I won't be able to continue. And what's even worse...if I was a paying customer...I would be CHARGED for submitting a security vulnerability!
Policies such as the one above will only cause frustrated users to post the vulnerability publicly instead of through responsible disclosure.
If anyone from Parallels reads this I would like to encourage you to push for reform of your vulnerability submission practices.
For those who don't know I currently have an automated crawler searching Pastebin for new exploits and vulnerabilities. This crawler reports its results live via the Twitter hashtag #exploitAlert. Every once in a while if something catches my attention, I'll submit it to the software vendor.
For most vendors the process is very straightforward...just send an email or fill out a form. For an example of the right way to allow submissions of security vulnerabilities take a look at Microsoft's method.
Recently a supposed "0 day" vulnerability for Parallels Plesk was found by my crawler (a permanent copy of this paste is available here). I've never worked with Parallels software before, so I went to their website to try and find out where to submit a vulnerability. Finally I found it was an option on their support form.
My jaw dropped when I saw the warning at the bottom of the support form...
Well that certainly puts a stopper on things. I'm not a paying customer...so obviously I won't be able to continue. And what's even worse...if I was a paying customer...I would be CHARGED for submitting a security vulnerability!
Policies such as the one above will only cause frustrated users to post the vulnerability publicly instead of through responsible disclosure.
If anyone from Parallels reads this I would like to encourage you to push for reform of your vulnerability submission practices.
Detecting Targeted Malware and Advanced Persistent Threats
When dealing with malware, typically your last line of defense is your antivirus. In order for malware to slip past antivirus scanning software, the malware needs to first bypass your perimeter network defenses, such as Network Intrusion Prevention System (NIPS) and network firewall, as well as your Host Intrusion Prevention System (HIPS) and host based firewall. Multiple layers of protection should block a large number of threats to your organization.
Typically, most of the malware which will bypass all of your security layers is targeted malware...never before seen in the wild. If the malware is advanced enough, it will be able to slip past your heuristics defenses, and since it has never been seen in the wild, will go unnoticed by your signature based antivirus scans.
If you're fortunate enough to detect some sign of trouble, the first thing you should do is begin checking common malware load points. Don't bother trying to look for the proverbial "needle in a haystack" and find the file which infected your system. Be aware that there are only a few load points which will be used by malware, and begin your search there.
Typically, most of the malware which will bypass all of your security layers is targeted malware...never before seen in the wild. If the malware is advanced enough, it will be able to slip past your heuristics defenses, and since it has never been seen in the wild, will go unnoticed by your signature based antivirus scans.
If you're fortunate enough to detect some sign of trouble, the first thing you should do is begin checking common malware load points. Don't bother trying to look for the proverbial "needle in a haystack" and find the file which infected your system. Be aware that there are only a few load points which will be used by malware, and begin your search there.