little brother is watching we know all your secrets
play

Little Brother is watching - we know all your secrets! Siegfried - PowerPoint PPT Presentation

Mar 29, 2023 •274 likes •1.23k views

Little Brother is watching - we know all your secrets! Siegfried Rasthofer | Fraunhofer SIT, Germany Steven Arzt | Fraunhofer SIT, Germany Stephan Huber | Fraunhofer SIT, Germany With the help of: Alexander Traud, Benedikt Hiemenz, Daniel

  1. Little Brother is watching - we know all your secrets! Siegfried Rasthofer | Fraunhofer SIT, Germany Steven Arzt | Fraunhofer SIT, Germany Stephan Huber | Fraunhofer SIT, Germany With the help of: Alexander Traud, Benedikt Hiemenz, Daniel Hitzel, Julien Hachenberger, Julius Näumann, Kevin Steinbach, Michael Tröger, Philipp Roskosch, Sebald Ziegler VB 2018, October 4 th 2018

  2. Who are we? Steven Siegfried § Deputy head of Secure Software § Head of department Secure Software Engineering Engineering § PhD, M.Sc., M.Sc., B.Sc. in CS & IT Sec. § PhD, M.Sc., B.Sc. in computer science § Code and data flow analysis § Static and dynamic code analysis § Ethical hacker § Founder of @TeamSIK and @CodeInspect 2

  3. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Sideloading-Malware § Responsible Disclosure Process § Summary 3

  4. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Sideloading-Malware § Responsible Disclosure Process § Summary 4

  5. Surveillance - Now Benign Reasons? Spyware/RAT 5

  6. Surveillance - Now Family Couple Benign Reasons? Friends 6

  7. Good vs. Bad Family Couple Spyware/RAT Friends 7

  8. Surveillance - Apps Google Play Store *Android Security Report 2017 8

  9. How well is the collected data protected? 9

  10. App Name Google Play Store Installations Couple Tracker App 5-10 m My Family GPS Tracker KidControll GPS Tracker Rastrear Celular Por el Numero 1-5m Phone Tracker By Number Couple Vow Real Time GPS Tracker Ilocatemobile Family Locator (GPS) Free Cell Tracker Rastreador de Novia 100-500k Phone Tracker Free Phone Tracker Pro Rastreador de Celular Avanzado Rastreador de Novia 50-100k Localiser un Portable avec son Numero Handy Orten per Handynr 10-50k Track My Family 1k 10

  11. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Sideloading-Malware § Responsible Disclosure Process § Summary 11

  12. How does it work? – Very simple TEXT pull push Tracking Provider Observer Monitored Person (back-end/cloud) 12

  13. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Sideloading-Malware § Responsible Disclosure Process § Summary 13

  14. Enable Premium Features 14

  15. Enable Premium Features boolean removeAd = SharedPref.getBoolean("l_ads", false) if(removeAd) { this.setVisibility(View.GONE); } else { ... } 15

  16. Enable Premium Features boolean removeAd = SharedPref.getBoolean("l_ads", false) if(removeAd) { this.setVisibility(View.GONE); } else { ... } /data/data/com.bettertomorrowapps.spyyourlovefree/ shared_prefs/loveMonitoring.xml <boolean name="l_location_full" value="false" /> <boolean name="l_fb_full" value=" false " /> <boolean name="l_loc" value=" false " /> <boolean name="l_sms" value=" false " /> <boolean name="l_ads" value=" false " /> <boolean name="l_sms_full" value=" false " /> <boolean name="l_call" value=" false " /> <boolean name="l_fb" value=" false " /> 16

  17. SharedPreferences Backup/Restore § Rooted device: § copy loveMonitoring.xml from app folder to pc § modify file, set false to true § copy back and overwrite orig. file with modified file § Unrooted device: convert * adb backup adb tool modify file adb restore *https://github.com/nelenkov/android-backup-extractor 17

  18. Enable Premium Features /data/data/com.bettertomorrowapps.spyyourlovefree/ shared_prefs/loveMonitoring.xml <boolean name="l_location_full" value="false" /> <boolean name="l_fb_full" value=" false " /> <boolean name="l_loc" value=" false " /> <boolean name="l_sms" value=" false " /> <boolean name="l_ads" value=" false " /> <boolean name="l_sms_full" value=" false " /> <boolean name="l_call" value=" false " /> <boolean name="l_fb" value=" false " /> 18

  19. Enable Premium Features /data/data/com.bettertomorrowapps.spyyourlovefree/ shared_prefs/loveMonitoring.xml <boolean name="l_location_full" value="false" /> <boolean name="l_fb_full" value=" false " /> <boolean name="l_loc" value=" false " /> <boolean name="l_sms" value=" false " /> <boolean name="l_ads" value=" false " /> <boolean name="l_sms_full" value=" false " /> <boolean name="l_call" value=" false " /> <boolean name="l_fb" value=" false " /> 19

  20. Enable Premium Features 1. Give me all text messages Observer 20

  21. Enable Premium Features 1. Give me all text messages 2. Ok: msg1, msg2, msg3, … Observer 21

  22. Enable Premium Features 3. Client “Authorization” Check if(getBoolean(“l_sms_full”) == false) { String[] msgs = getAllMsgs(); … singleMsg = msgs[i]. substring(0, 50); } else { //return complete text messages } 1. Give me all text messages 2. Ok: msg1, msg2, msg3, … Observer 22

  23. Enable Premium Features 3. Client “Authorization” Check if(getBoolean(“l_sms_full”) == false) { String[] msgs = getAllMsgs(); … singleMsg = msgs[i]. substring(0, 50); } else { //return complete text messages } 1. Give me all text messages 2. Ok: msg1, msg2, msg3, … Observer 23

  24. Do not use SharedPreferences for payment or license checks!! 24

  25. Agenda § Motivation § Background Information § Client-Side Authorization § Client-Side and Communication Vulnerabilities § Server-Side Vulnerabilities § Sideloading-Malware § Responsible Disclosure Process § Summary 25

  26. Mitm + Bad Crypto + Obfuscation ?? 26

  27. Mitm + Bad Crypto + Obfuscation ?? user@example.com secure123 27

  28. Mitm + Bad Crypto + Obfuscation http ://s9.***********.com/login/?aaa... GET /login/?aaa=Bi9srqo&nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 28

  29. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 user@example.com secure123 29

  30. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com secure123 30

  31. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 31

  32. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 32

  33. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 33

  34. Mitm + Bad Crypto + Obfuscation GET /login/? aaa=Bi9srqo& 1. nch=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& tnd=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? ssp=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& 2. eml=4hBWVqJg4D& mix=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A HTTP/1.1 user@example.com GET /login/? secure123 psw=-ZI-WQe& 3. amr=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& rma=CFF1CxQoaQcoLWoRaQ%3D%3D%0A HTTP/1.1 GET /login/? aaa=ZTZrO& 4. mag=DzttDRMbYQcAPmUfAGQZHDxOJRMbclZeKQ%3D%3D%0A& df=CFF1CxQoaQcoLWoRaQ%3D%3D%0A& data=5JFJzgYW_ HTTP/1.1 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NEWSLETTER Christ in the Young August 2020 Jubilarians Brother Matuhew Feheney Brother

NEWSLETTER Christ in the Young August 2020 Jubilarians Brother Matuhew Feheney Brother

Forming NEWSLETTER Christ in the Young August 2020 Jubilarians Brother Matuhew Feheney Brother Benildus Fenton Brother de Lellis OSullivan Brother Bede Minehane Platjnum Platjnum Platjnum Diamond Blessed Edmund Rice Prayer During

113 views • 8 slides
Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook we all have secrets and these secrets matter to us thats what makes them secrets software should keep our secrets some secrets are awful

1k views • 75 slides
Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

NAHPXXJI6KNA Book ^ Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to describe. It typically does not price an excessive amount of. It is extremely difficult to leave it before

260 views • 3 slides
Brother Kills Brother The Greek Civil War 1946-1949 and the American Intervention: a Greek Drama

Brother Kills Brother The Greek Civil War 1946-1949 and the American Intervention: a Greek Drama

Brother Kills Brother The Greek Civil War 1946-1949 and the American Intervention: a Greek Drama without Deus ex Machina Dr. Chrysanthi Koutsiviti October 2017 4 th of August 1936 October 1940 April 1941 German Occupation 13,936 Greek

826 views • 64 slides
Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

XUECRQXNRXVS Book Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an remarkable book which i have ever go through. It can be writter in simple terms and not difficult to

343 views • 3 slides
The World is Watching Your Department Who Will Tell Your Story, You or Them? Presented by

The World is Watching Your Department Who Will Tell Your Story, You or Them? Presented by

The World is Watching Your Department Who Will Tell Your Story, You or Them? Presented by Jeff Hammerstein and Mike Legeros on July 17, 2014 South Atlantic Fire Rescue Expo - Raleigh, NC Presentation Description The World is Watching Your

845 views • 69 slides
Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a Successful Business The Essential Tools Incredible Offer!!! Todays Agenda Just for attending you get Copy of the Presentation Link to the

698 views • 56 slides
Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

NHHOGOEDX28F PDF Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically the greatest pdf i have got go through right up until now. It normally fails to cost excessive. Once you

397 views • 3 slides
WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

10/22/2020 WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the CACFP system . You have until 8pm TONIGHT to do so to receive credit for this training. If anyone is watching with you, please type the

789 views • 35 slides
Playing hard exploration games by watching YouTube Yusuf Aytar, Tobias Pfaff, David Budden, Tom

Playing hard exploration games by watching YouTube Yusuf Aytar, Tobias Pfaff, David Budden, Tom

Playing hard exploration games by watching YouTube Yusuf Aytar, Tobias Pfaff, David Budden, Tom Le Paine, Ziyu Wang, Nando de Freitas Learning by watching YouTube People learn many tasks by watching online videos Despite huge gaps in visual

922 views • 22 slides
WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the CACFP system . You have until 8pm TONIGHT to do so to receive credit for this training. If anyone is watching with you, please type the name in the

1.47k views • 105 slides
Day 2 Mistakes are Beautiful Things (Believe in Yourself!) Video 1 * As you are watching *

Day 2 Mistakes are Beautiful Things (Believe in Yourself!) Video 1 * As you are watching *

Week of Inspirational Math Day 2 Mistakes are Beautiful Things (Believe in Yourself!) Video 1 * As you are watching * What really strikes you? * What are some of the big ideas being presented? Video 2 * As you are watching * What

322 views • 7 slides
WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the

WELCOME!! Everyone watching this presentation MUST be registered in the Training Calendar in the CACFP system . You have until 8pm TONIGHT to do so to receive credit for this training. If anyone is watching with you, please type their name(s)

2.05k views • 187 slides
1 Secrets to Successful Retreat Planning Your Questions/Goals What are some of your best camp

1 Secrets to Successful Retreat Planning Your Questions/Goals What are some of your best camp

Welcome Secrets to Successful Retreat Planning Secrets to Successful Retreat Planning Be still and know that I am God Psalm 46:10 Secrets to Successful Retreat Planning Welcome Introduction (Leave w/everything you need to create your

465 views • 12 slides
Watching Systems in Complete Bipartite Graphs C. Hernando M. Mora I. M. Pelayo Depts.

Watching Systems in Complete Bipartite Graphs C. Hernando M. Mora I. M. Pelayo Depts.

Introduction Watching systems and watching number Complete bipartite graphs Summary Watching Systems in Complete Bipartite Graphs C. Hernando M. Mora I. M. Pelayo Depts. Matemtica Aplicada I, II, III Universitat Politcnica de Catalunya

468 views • 42 slides
The secrets of WFM Call Centre Helper conference 2 nd April 2019 John Casey Ccplanning

The secrets of WFM Call Centre Helper conference 2 nd April 2019 John Casey Ccplanning

The secrets of WFM Call Centre Helper conference 2 nd April 2019 John Casey Ccplanning John.Casey@ccplanning.net The secrets of WFM Making Resource Planning real The secrets of WFM Top Tip The secrets of WFM Principles of WFM These

467 views • 21 slides
Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the

Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the

Grid Authentication and Authorisation Issues kos Frohner at CERN Overview Setting the scene: requirements Old style authorisation: DN based gridmap-files Overview of the EDG components VO user management: VOMS

384 views • 21 slides
Knocking Down the Big Door Breaking Authentication and Segregation of Production and

Knocking Down the Big Door Breaking Authentication and Segregation of Production and

Knocking Down the Big Door Breaking Authentication and Segregation of Production and Non-Production Environments Nahuel Grisola Cinta Infinita, Founder / CEO @cintainfinita Buenos Aires, 27 de Abril 2018 nahuel@cintainfinita.com.ar

961 views • 83 slides
Authentication, Authorisation and Accounting(AAA) Framework (RFC 2904) Vedavyas Duggirala

Authentication, Authorisation and Accounting(AAA) Framework (RFC 2904) Vedavyas Duggirala

Authentication, Authorisation and Accounting(AAA) Framework (RFC 2904) Vedavyas Duggirala (vyas@vt.edu) CS 6204, Spring 2005 1 Background Not a standard. Establishes requirements for Authentication, Authorization &amp; Accounting(AAA)

617 views • 19 slides
International Student Employment &amp; Degree Level Changes Topics to Cover &gt; Background on

International Student Employment &amp; Degree Level Changes Topics to Cover &gt; Background on

International Student Employment &amp; Degree Level Changes Topics to Cover &gt; Background on International Student Services (ISS) &gt; Newcomers Intro to International Student Employment Background on CPT &amp; OPT Recent OPT Changes

870 views • 54 slides
Work Authorization Documents Work Authorization Document Control Account Information Control

Work Authorization Documents Work Authorization Document Control Account Information Control

Work Authorization Documents https://cametoolbox.fnal.gov/Project/WADReports?ProjectName=HL-L... Work Authorization Documents Work Authorization Document Control Account Information Control Account Manager: 10629N Nobrega, Fred Control

56 views • 5 slides
Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

5/24/2017 Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity of our software and systems 12B. Authentication millions of lines of code, thousands of developers rich and powerful protocols

533 views • 14 slides
INDIGO DataCloud INDIGO AAI An overview and status update RIA-653549 Andrea

INDIGO DataCloud INDIGO AAI An overview and status update RIA-653549 Andrea

INDIGO DataCloud INDIGO AAI An overview and status update RIA-653549 Andrea Ceccanti (INFN) on behalf of the INDIGO AAI Task Force indigo-aai-tf@lists.indigo-datacloud.org INDIGO Datacloud An H2020 project approved

641 views • 53 slides
Service Coordination Training: Participant-Directed Services Hosted by Tuesday, August 21 st 2018

Service Coordination Training: Participant-Directed Services Hosted by Tuesday, August 21 st 2018

Service Coordination Training: Participant-Directed Services Hosted by Tuesday, August 21 st 2018 1 This training is presented to you by PPL in collaboration with the CHC Managed Care Organizations and the Office of Long Term Living The

682 views • 52 slides

More recommend