*** Google Play install is no longer supported by Google. The official site provides apk file download for installation. Make sure you enabled the "Unknown sources" at "Settings" -- "Security" before the install. ***
Recently, there are some famous vulnerabilities on Android devices from Android 4.x to 5.x as well as 6.x. Since not all the vendors of Android device will release the fixes, you can inspect your devices to see if they are vulnerable or not. If they are vulnerable, you can use it with care or change to other devices which have been fixed the vulnerabilities.
VTS for Android is an open source project which can scan for the following current vulnerabilities :
ZipBug9950697
Zip Bug 8219321 / Master keys
Zip Bug 9695860
Jar Bug 13678484 / Android FakeID
CVE 2013-6282 / put/get_user
CVE_2011_1149 / PSNueter / Ashmem Exploit
CVE_2014_3153 / Futex bug / Towelroot
CVE 2014-3847 / WeakSauce
StumpRoot
Stagefright bugs
x509 Serialization bug
PingPong root - CVE-2015-3636
Stagefright - CVE-2015-6602
Samsung Remote Code Execution as System
CVE-2015-6608
CVE-2015-7414
CVE-2015-1528
CVE-2015-6616
By the way, we should also beware of the adware too. Some adware can auto-root your Android devices and they are almost impossible to remove. For details, please refer to this article.
That's all! See you.
Open Source is a great idea and it has changed the world!
Open Source forever ....
While you do not know attack, how can you know about defense? (未知攻,焉知防?)
Do BAD things .... for the RIGHT reasons -- OWASP ZAP
It is easier to port a shell than a shell script. -- Larry Wall
Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris. -- Larry Wall
为天地立心, 为生民立命, 为往圣继绝学, 为万世开太平。 -- 王炜
Tuesday, November 10, 2015
HOWTO : Audit Your Home Router
Recently, a lot of home routers have been compromised. However, vendors of home router will not disclose if the vulnerabilities have been fixed or not. If you are Android users and using wifi at home, you can audit your home router easily with RouterCheck which can be downloaded at Google Play.
This apps will check the router if the default username and password are in force or not. It will also check if your router has the known vulnerabilities or not.
It will not change any setting of your router but it has some information for you to improve the security of your router.
That's all! See you.
This apps will check the router if the default username and password are in force or not. It will also check if your router has the known vulnerabilities or not.
It will not change any setting of your router but it has some information for you to improve the security of your router.
That's all! See you.
Labels:
Android,
Google Play,
RouterCheck
Subscribe to:
Posts (Atom)