How I turned my phone into a hacking machine

There are probably hundreds (if not thousands) of tutorials on this, but since I wanted a portable, non rooted, disposable hacking device which has the ability to take calls (a.k.a a cellphone/smartphone), I decided to mod an android based device. I have done this earlier (probably 5 years back) by installing arch on my android phone on a separate partition and booting it. This can be done today as well but since I do not want to root my cellphone, and do not want to use proot/LibSDL, I decided to see what can be done in a non rooted environment.

Intended audience for this piece - anyone having a bit hands experience on linux. Consider this as my personal cliffnotes in case I have to do it again. Let me even include an age old Disclaimer (taken from XDA aeons ago):

I am not responsible for bricked devices, dead SD cards, thermonuclear war, or you getting fired because the alarm app failed. Please do some research before running commands. YOU are choosing to make these modifications, and if you point your finger at me for messing up your device, I will laugh at you.

My iPhone recently went kaput during a fated trip to Jubail, KSA, and I zeroed on an inexpensive, capable device (Motorola G4 Play for around ~120 USD) for which I won't feel bad in case it gets lost or breaks into a million pieces.

Well, the device specs are average, the phone feels rugged and the battery can be taken out by simply removing the cover (which is EXTREMELY important for me). It comes with Android 6.0 and probably will never get updated to Android 7.0 (owing to Lenovo's shitty firmware update cadence), but once I disabled a lot of applications, the phone feels quick and is a joy to use.

First things first -
Disabled : Chrome, Cloud Print, Device Help, Drive, File Manager, FM Radio, Google Japanese/Korean/Pinyin/Zhuyin Input, Google Play Movies, Google Play Music, Google Hangouts, Messenger, Photos, other motorola bloatware.

Doublecheck device administrators. I would have removed a lot more software but then, I will also be using this phone for making calls and for light personal use as well.

Installed : Firefox (with Ublock), ESFile Explorer, Termux, Hacker's Keyboard, Textra (for SMS), Quickpic, OpenVPN, SMS Backup+, FastHub (or Github), Fing (quick GUI based network discovery), Flud (Torrents), Google Authenticator, AndFTP, drozer agent, Packet Capture (Application specific packet capture), TOR and Phonograph (lightweight music application).

Once the device's innards are replaced with a bit more capable/lightweight software, I launched Termux which is probably the most important terminal emulator written for android. From its website

"Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically; Additional packages are available using the APT package manager. "

Onwards we go.

• I started by updating Termux and its inherent environment - apt update && apt upgrade
• Installed python2, python3, nmap, openssh, git, python-pip,htop through relevant apt commands.
• Installed metasploit through https://github.com/Auxilus/Auxilus.github.io/blob/master/metasploit.sh (turns out this script has been stolen by a lot of folks, like this guy over here, and this one for youtube likes).
• Installed scapy.
• Generated OpenSSH keys, configured OpenSSH to run into server mode so that I can login into my cellphone if required. Make sure you check the username with whoami before generating keys. Putty aficionados may want to convert id_rsa keys using puttygen before loading it.

• Configured OpenVPN application to connect to my remote server. Added TOR support.
• Authenticated Fasthub Application with my Github account through a personal access token.
• Tested everything.
• Generated a list of packages for later use by running the following command "dpkg --get-selections | cut -f1 > bkup_pack.txt". 
• Took tar backup of current Termux installation for later use, I admit it is a quick and dirty hack but it works. Yes, I tested it.

cd /data/data/com.termux/files
tar -cvzf /sdcard/Download/termux.tgz --owner=0 --group=0 home usr

For more adventurous souls, you can go ahead with a rootfs option - https://github.com/xeffyr/Termux-RootFS. A simple tutorial for this would be here, however during my experiments, I found it to be buggy and some applications do not work properly. Since I value stability and security over everything, I promptly reverted back to my old fs.

Does everything works? Hell yeah.

To do : 

1. Something about postgre stability, the sucker generally has connection issues.
2. Improve documentation
3. Harden device (CIS/STIG)

Wardriving at Delhi Updated –The OPEN, WEP & WPA faces of Delhi

I got an overwhelming response to my Wardriving at Delhi project and have got a lot of emails regarding the same. I am so thrilled that so many people want to contribute to the project. Inspired by your feedback, I am here by producing here an update to my mapping project. This time I went Via Saket to Gurgaon and as usual I got a lot of access points which were OPEN with no security, WEP secured vulnerable access points & WPA/WPA PSK2 secured points.
 
As usual, I used -

• Kismet
• Moocherhunter
• Aircrack
• G-MON & WiGLE

The target is to make a map of Delhi with all the access points  to analyse in layman terms -

1. The security awareness of people and organizations
2. The devices they are using
3. The security mechanisms they are using.
4. Wifi range analysis of individual device.

Well, in all you can find the data from below links -

• Hotspot details / BSSID (See if you are on the list) =))
• Google Maps KML Data (See it in Google Maps)

If you are interested in contributing to the data, please contact me at admin<at>theprohack.com . You can also read how to Hack Wifi using Backtrack , How to detect if someone is using your WiFi  or how to detect WiFi hotspots . If you are having an Android, you can also read about how to use your Android for Wardriving.

Happy Wardriving.

Why Android rocks and why I like android ...

Buying an Android was one of the most amazing decisions I ever made, buying and HTC android (a333, 2.2.1 modded to 2.3.4) was even better,with fantastic support by the community and the HTC hacking commmunity at the pinnacle of eveything else (though I tend to remember the original nokia/symbian hackers who dct flashed-patched-disassembled their devices to connect their patchcodes to overwrite and override the flash protection and enter into debug modes of even the most trivial handsets...always makes me nostalagic.Infinity box anyone ?)

Well..onto my android, how life has changed since I moved over it -

• Always connected to social networking services and Email.
• Phone call logs/SMS dumped into my gmail account for quick reference.
• gesture based replys to anyone (for eg and inverted "U" will input "goodnight tc :) " to those late night sms and conversations which you want to end since the next morning you have to catch up for office..sigh..)
• Calender sync in realtime , call logs sync to calender and make an entry for subsequent calls , duration and name (if available) with autorecord and dumping recording to gmail if necessary. No more life threatning calls.
• Exploring the endless possiblities of application porting over the inherent Linux kernel.
• Old school games using emulators. I can now play Contra:hardcorps all the time any where ..or even can listen to chiptunes of castlevania/super c. Although i am looking forward to Mame emulation (tiger arcade works super slow..) over android but CPU is a bottleneck as of now. Need to get a new android soon :|
• Wifu and wardriving while i am on bus..here is a sample packet capture -

BSSID;LAT;LON;SSID;Crypt;Beacon Interval;Connection Mode;Channel;RXL;Date;Time
00:08:5C:EF:08:F0;28.56602;77.22951;Adiva;WpaPsk;-93;Infra;11;-92;2011/03/17;18:52:01
00:08:9F:81:8F:C4;28.56944;77.20531;Car0baR;WPA2;-96;Infra;6;-95;2011/03/17;18:58:30
00:0F:61:F2:D1:40;28.56866;77.21955;OZone WiFi;Open;-97;Infra;1;-95;2011/03/17;18:54:16
00:0F:61:F2:D1:4F;28.56866;77.21955;Aircel_OZone WiFi;Open;-95;Infra;1;-93;2011/03/17;18:54:16
00:14:78:EB:20:E4;28.56936;77.20624;Plutos Network;Wep;-86;Infra;6;-85;2011/03/17;18:58:05
00:17:9A:09:D1:79;28.56813;77.22440;WebunivM;Wep;-93;Infra;6;-91;2011/03/17;18:53:05
00:18:02:87:02:8F;28.56845;77.22306;RT2561_6;Wep;-94;Infra;6;-93;2011/03/17;18:53:18
00:18:02:92:A2:73;28.56955;77.20365;mtnlbb;Wep;-90;Infra;6;-89;2011/03/17;19:00:21
00:18:EB:01:4D:02;28.55103;77.24771;ICON EROS;Open;-94;Infra;1;-91;2011/03/17;18:40:44

• tcpdump/shark/nmap..need i say more ? (PS: you can always install shark over your GF's phone :P)
• Samba server :)
• Penetration testing using the nessus client and reading reports over it when I am on bus.
• Connected to like minded geeks ( who like to be pesked for technicalities ) even when I am on DTC and getting bored by the ongoing travels (i am looking at you : prateek singla, rahul sasi, prashant uniyal, chin tu/faku chand,raghu sharma and those who know I cant mention their names here :P )
• Taking remote control of remote computers and network devices using vnc/rfb (wrote bit.che for my college project, interested may see a demo at my college). Hell , if all else fails, you can always move with android vnc and team viewer.
• ssh to a machine having metasploit.
• 24x7 connectivity using openvpn...or vidalia..lemme summarise it in one image
• Overclocking :) although its a matter of only installing setcpu, but then, who doesnt likes the power it brings to slower devices.
• ninjamorph
• and much much much more (including 2 way authentication using timed key generation)

I am androidified .. Are you ?

How to Sync Facebook Calendar on Google Calendar & Android

One of the things that have been pesking me since the time I moved on to Android Cyanogenmod 7 was that I was not able to sync Facebook Calendar with Google Calendar or Outlook. Also since I was unable to sync Facebook Calender with Google Calendar hence the I was not able to sync Facebook birthdays on Android . That make me thinking and I got some nifty methods to do the same.

Method 1 (Sync Facebook Birthdays on Google)

Install Ebobirthday application on Android

Open it and click on

menu – > Import – > Facebook

and let it connect to it.

Once connected enter your username and password, and allow it to access data. The it will start importing birthdays. Once done, click on

menu –> settings

and then choose calendar which you want to update.

then go to

menu –> export –> update calendar

and then it will connect and will update your google calendar :)

Once done, sync your Android and Google. Alternatively you can sync outlook calendar with Google

 

 

Congrats..you have synced Facebook calendar with Google and Outlook !

I will discussing the method 2 on my next post :)

Android 2.33 Exploit Android 3.0 & Unrevoked 3.33 may launch soon

Sebastian Krahmer the famed “rage against the cage” exploit dev has released the latest version of exploit that exploits Android 2.3.3 Gingerbread and may also  exploit Android 3.0 Honeycomb and may also exploit Android 2.2 Froyo. As the official post claims -

Free your phone, once again. Successfully tested on Gingerbread (2.3.3) but might also run on Froyo and Honeycomb. If it fails there, some offsets and indexes need to be adjusted which is left to the reader.
NOTE: You use it at your own risk! I am not responsible for any failure or damage. Make sure to read the README file carefully! Download it here. If you successfully run it anywhere, please make a comment with exact device model/firmware running.
 
[Update] I replaced the tarball with a new version to fixsome glitches while parsing vold.fstab. Should now also work on the GalaxyS. Thx to Chainfire.

You can download the exploit here .Or you can visit the blog here 
The best part ? Since the exploit is released, we can expect Unrevoked team to release Unrevoked 3.33 soon :)
In the mean time, you can read how to root HTC Wildfire 2.2.1

HTC wildfire 2.2.1 root to HTC wildfire Android 2.3 | Install Android 2.3 on HTC Wildfire | How to root Htc Wildfire 2.2.1

Sometime ago I got an HTC Wildfire and was having loads of fun using it, but every time I wanted to do anything more  "creative" i was stopped by the binded nature of phone, hence i decided to root it (jailbreak it apple fellas) and get complete control over my device. Here, I am covering step by step guide to root HTC wildfire 2.2.1 and install Android 2.3 on HTC Wildfire.

To do the rooting you must have your Wildfire with S-OFF, HBOOT 1.02.0002 and Android 2.2.1 . You can check it by booting into HBOOT (power on your phone by holding the VOLUME DOWN + POWER button) .This method is strictly for the 2.2.1 owners. How you can turn the S-OFF is your headache, you can try the alpharev (ask the team if they can get you a 2.0 test version... :P) or you can wait for Unrevoked 3.33 or you can straight off go to market and hunt for XTC clip. Either way, try it and don't attempt to anything before you get S-OFF. Actually the notorious S-ON flag is the cause rooting wildfire is such a pain in the a**.
I used to have this

and I converted it into this :)

or this =)

Anyways, here is how you can root HTC wildfire 2.2.1 and get htc wildfire Android 2.3

What you need ?

• HTC wildfire with S-OFF , HBOOT 1.01.0002 , OS Froyo 2.2.1
• USB Drivers (Download)
• RUU Rom 2.1 / RUU_Buzz_HTC_WWE_1.14.405.2_R_Radio_13.45.55.24_3.35.15.31_release_130814_signed (Download)
• Unrevoked 3.2 Test version (Download)
• Cyanogenmod 7 (Download) and Google Apps (Download)
• Time and Patience & last but not the least,
• Balls of Steel

    Disclaimer

    I am not responsible if your phone gets bricked, by following the process you are voiding your warranty and significant damage may be caused to your device.
    Its all for educational purposes only, if you are dumb enough to screw somewhere then I will be the one who will be laughing at you.
    Software are unpredictable in nature, one may/may not act as predicted especially in case of rooting (personal experience). Hence my friend, tread carefully.
    in short,

I AM NOT RESPONSIBLE FOR YOUR STUPIDITY.

Step 1 - Installing the USB drivers

Download USB drivers and extract them on desktop. Turn off your wildfire and boot into HBOOT by holding the VOLUME DOWN + POWER button. Connect your phone to your PC and it will show "drivers installing" or similar there for Android device. When prompted , install the drivers by going to device manager and browsing to the folder where you extracted the drivers. Once installed, disconnect and reboot your phone normally.

Now you need to install the Android bootloader interface. Connect it to your HTC wildfire to the PC and it will ask for drivers again, now go to device manager, click on unknown device,

click on update driver -> install from specific location -> No i will choose to install -> choose Android phone and click on adb interface -> click next -> when asked to install click on continue anyway, just install them.

Once done you will see your phone recognized as "Android bootloader interface". Now disconnect your phone and go into

settings -> applications - > development - > enable USB Debugging.

Congratulations, the first step is complete.

Step 2 - Downgrading from Android 2.2.1 Froyo to Android 2.1 Eclair

Download the RUU rom which is an original stock rom. Plug your phone into the PC and set it to "Charge through USB". Double click RUU rom .exe. Follow the on screen instructions and then let it install. Your phone will reboot into stock HTC 2.1 :) This will be the last time you will be seeing it though.

The HBOOT version will be now 0.80.0002 (check it by powering on your phone by holding the VOLUME DOWN + POWER button)  Once done disconnect your phone.

Step 3 - Gaining root using UnrEVOked , get clockworkmod and set your phone free :)

Download the test version of unrevoked. Let me repeat, DO NOT USE UNREVOKED 3.32 as it will lead to CID errors or to be precise this error

"validation error backup cid is missing"

This may be caused as the 3.32 doesnot support HBOOT 0.82.0002. Hence You need specific test version of Unrevoked 3.2 to do the job. Download it, save it on desktop, and run it. Now connect your phone and the rooting will start. Once donw, you will have Clockworkmod recovery installed on your phone. Reboot your phone now (using the VOLUME UP/DOWN key for navigation and clicking using TRACKBALL, the POWER button takes you back in menus). Once rebooted, you will see the superuserapp in your phone and congratulations, your phone is successfully rooted :)

Step 4 - Installing Cyanogenmod 7 or Android Gingerbread 2.3.3

Download the Cyanogenmod 7 with google apps and save it on desktop, connect your phone as USB diskdrive and transfer both zip files on SD card. Once done, reboot your phone into ClockworkMod Recovery (booting by holding the VOLUME DOWN + POWER button and clicking on recovery)

Once the device boots into the ClockworkMod Recovery, use the side VOLUME buttons to move around, and either the POWER button or the TRACKBALL to select.

• Select the option to Wipe data/factory reset.
• Then select the option to Wipe cache partition.
• Select Install zip from sdcard.
• Select Choose zip from sdcard.
• choose update-cm-7.0.0-buzz-signed.zip & Let it install.
• Once done, Select Install zip from sdcard.
• Select Choose zip from sdcard, choose gapps-gb-20110307-signed.zip
• Once the installation has finished, to get back to the main menu by clicking the POWER button and select the Reboot system now option.

Congrats..The HTC Wildfire should now boot into CyanogenMod.

Enjoy Android 2.3.3 :)

Special thanks to 3xeno 

greetz fly to Singla | Parul | Nilesh | Satwik Bhai | Broken Angel | Rahul Bhai

HTC wildfire review | 5 must have Wildfire applications | Complete guide to HTC wildfire

A week before I bought HTC wildfire which is an entry level android smartphone. It sports quite a punch when compared to its competition and has a lot of features to keep you busy. I am doing an honest review so that you can make a choice when it comes to the end.

HTC wildfire is dubbed as the love child of Nexus one and HTC desire or Mini Desire. In some terms, it seems to be true. Its the successor to HTC tattoo and its a worthy one. The finishing is impeccable and much more professional so is the design as compared to tattoo. The phone is sturdily build however the screen is smudge prone. The phone has ARM6 528 Mhz processor on board with 384 MB ram. Its good for light weight gaming but is unable to render 3d games and play high def videos. The phone lags in its default HTC sense UI hence you are recommended to use some professional UI launchers like Go Launcher EX, Launcherpro and ADW. Bet the lag is attributed to CPU. Make sure your applications are compatible to them as my HTC music player crashed a lot more when I installed Launcher pro. Wildfire shines in the connectivity department.

Everything is tightly integrated with social networking in mind. You can add contact, link it to facebook profile, email, twitter..and the best thing it supports real time status updates when someone calls you. Nice touch. Internet is smooth, however, again, the default browser is slow as compared to Opera Mini and skyfire browsers. The touch is nice, when compared to Samsung offerings and LG optimus one, the touch is much better and much responsive. The Wifi-GPS-Bluetooth bundle is good and I tested Google latitude over it which gave me quite accurate results. I do have problems with keypad, but then, i installed swype and the problem was gone. Camera is a 5 MP with flash and can take good-outdoor-bad-indoor pics, there is no protective cover but over all the flash and smile detection makes the day. The accelerometer is a bit slow when it comes to rotation but again, i will attribute it to the slow cpu. Overall, its a nice phone for an android starter and offers the best bang for your buck.

The phone has Froyo 2.2.1 and is unable to be rooted at the moment. Hence I am unable to provide you how it can be optimized when rooted and how it performs as a rooted toy. I am waiting for the next Unevoked/superoneclickroot update so that i can finally squeeze the juice out of my phone.

I do tested some penetration testing applications on it and you can read my post regarding them here.

Pros

• Better touch
• 384 MB ram
• 5 MP camera with flash
• Excellent connectivity,A must have for social-networking enthusiastic
• Overall a Good bundle

Cons

• Pricier as compared to the competition
• low res screen
• Could have had a much better cpu

 

An average android phone is incomplete without applications, I recommend these apps as a must have -

• Launcher Pro – If you want to make your UI super smooth, this is the way to go.
• GO SMS – the best sms application, even better than chomp sms.
• SWYPE – tired of cramped keypad ? Try swype and all your worries will be gone.
• Opera Mini – the best cellphone bnrowser out there, if you want flash support, you can go with Dolphin and Skyfire though.
• Bar Code scanner – A must have for every android phone. Get anyone from android app market.

 

My recco – buy it if you are tight on budget, its better than its counterparts if you are not into gaming and watching videos on your cellphones.

Free Recharge Any Mobile Hack – Applicable on All networks :)

Yep..I perfectly know why you are here..You wish to recharge your phone for free, probably just for funs sake or just cuz you are dying to talk with your girlfriend but don't have balance for it..or you are just here to do it for educational purposes, which is a pretty lame excuse but I can digest that. Anyways..here we go..

What you need ?

• Email ID
• Cellphone
• A registered number & sim
• Patience

How to Do it ?

open your email account by entering your username & password, & drop an email to your telecom service provider -

Dear Sir/Madam/Whatever

I would like to bring to your attention that I have been trying to learn how to recharge my cellphone account for free by searching on the internet but in vain. I am very hopeful that I would be able to find an authentic way to top up my account for free one day.

I have this funny feeling that you organization is a silly company who will allow me do unlimited top ups on my account.

Anyhow, I am a good guy and would resort to extreme ways,rather I humbly request you to provide me the recharge code of atleast 5000 INR.

Thanks for your cooperation.

Regards

Your biggest Fan :)

9XXXXXXXXX

That was easy…isn't it ?

 Just Kidding folks..I was having some harmless fun at your expense.

How actually you can Recharge your cellphone / top up for free ?

Open Notepad & type

I am fooling around with this article thats making a fool of me :)

WTF ?

Still reading ? Ah well..Sorry once again guys..Actually, what I was thinking that upto this point, any self respecting noob might have closed the browser window and moved on to a different page.

I wrote this article as I was inspired by the fake recharge/top up code calculator programs scattered all over the internet. Especially this one in which a hex editor is provided to the unassuming audience in order to increase blog SEO.Great..now on to the actual topic, you CAN have free calls, unlimited SMS & every other facility for your cellphone. You need to have (Cheap method) -

• Asterisk SwitchVOX
• SIP connection (Session Initiation Protocol)
• Knowledge of Linux + Servers
• Lots of time

OR

You can have

• Lots of Money
• MINSAT (Mobile Intelligent Network Service Administration Tool)
• Internet connection
• Lots of knowledge + time (again!!)

Due to some constant bullying by legal guys, I cant really publish the full method to go with recharges, but atleast I can give cues :D

The Intelligent will find the way..

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.Source

Free 90 + minutes of call anywhere in the world

Folks..recently I stumbled across this website that allows you to make 90+ minutes of free calls anywhere in the world. I have tested it and its working,the catch  is that it allows only one sim per user registration (quite obvious). Guess the outbreak of SIP based connections,easy availability of switchvox and cheap leased line connections have made everyone going to setup their own calling gateways. The one provided below is a better one as compared to others as the setup is easy and calling minutes are quite enough :) If you want to try them out, just read on..

Go to Betterconferencing and Sign up there.

Once you have signed up, you will get a call. Please note down the pin number.

Once you have got the pin number and authenticated your mobile number, you can login at Betterconferencing and start using their service.

Enjoy :)

 

Like This post ?  You can buy me a Beer :)

Posted by XERO. ALL RIGHTS RESERVED.