The latest Hakin9 Magazine is out! This issue is all about Android security and features my article on using Kali NetHunter and Responder together for getting quick user credentials.
In my article I explain how you could recover network credentials from a Windows network using the Android based Kali NetHunter and Responder (an LLMNR, NBT-NS & MDNS poisoner). I also show how you can “pass the hash” with credentials obtained and gain remote shell access to an unsecured or improperly secured Windows Server.
Other Articles in this Issue Include:
Mobile Penetration Testing Tutorial
by Olivia Orr
The objective of this tutorial is to learn the most common vulnerabilities in mobile applications using an app intentionally designed to be insecure. This tutorial will be based on the Windows platform, but you can use other systems if you wish.
Quick Android Review Kit (QARK) – A comrade for Android security analysis
by Vinayak Joshi and Venkatesh Sivakumar (Pranav Venkat)
QARK stands for Quick Android Review Kit. A quirky companion to get the hidden potential vulnerabilities of any Android applications. It is an open community tool designed to assist mobile application security pentesters to leverage its capabilities to reverse engineer mobile applications and conduct static analysis on the hidden vulnerabilities that can potentially create critical breaches. This article will explain how to use it.
Peeping Inside Android Applications: Reverse Engineering with Androguard
by Ajit Kumar
Reverse engineering is one of the ways to find out what’s inside of any Android applications; it also helps developers to learn, test and debug their and applications as well as applications written by others. Reverse engineering is a complex and cumbersome task, so tools like Androguard make this task automated and hence ease the job of reverse engineers. This tutorial provides a brief introduction of Androguard, explains various tools available inside Androguard and provides some examples of basic reverse engineering with Androguard.
And much more, check it out!