blog.thecobraden.com
The Cobra Den Blog: Is Facebook Really Reading your Text Messages?
http://blog.thecobraden.com/2014/02/is-facebook-really-reading-your-text.html
The Cobra Den Blog. The Cobra Den (Site). Monday, February 3, 2014. Is Facebook Really Reading your Text Messages? But of course in the midst of all the NSA and related news, everyone put their tinfoil hats on and is a bit skeptical on the whole deal. I do think it's fine to question things like this, but there does need to be some closure on the whole thing. I decided to take a look at the Facebook mobile app and see whats really going on. So with that, let's get started! What does this mean? These acti...
blog.thecobraden.com
The Cobra Den Blog: Hooking SQLCipher with Xposed
http://blog.thecobraden.com/2015/05/hooking-sqlcipher-with-xposed.html
The Cobra Den Blog. The Cobra Den (Site). Friday, May 29, 2015. Hooking SQLCipher with Xposed. Recently, a coworker of mine approached me regarding an Android application that was using the SQLCipher. Library. For those unfamiliar with SQLCipher, it provides " transparent, secure 256-bit AES encryption. Wrote a blog post. A little over a year ago that describes how the SQLCipher library works, and how it is possible to obtain database encryption keys using the CydiaSubstrate. Worked fine. What gives?
blog.thecobraden.com
The Cobra Den Blog: An Introduction to CobraDroid 1.0
http://blog.thecobraden.com/2013/07/an-introduction-to-cobradroid-10.html
The Cobra Den Blog. The Cobra Den (Site). Monday, July 29, 2013. An Introduction to CobraDroid 1.0. I'm finally happy to say that the beta for my ongoing project called "CobraDroid" is fully released! The project was actually released back in March on my website. But the source was just pushed to GitHub. Recently. I wanted to talk a little about what CobraDroid is, what it can do for analysts, and what you can expect in the upcoming months. What Can CobraDroid 1.0 Beta Do? Full Bash shell Busybox. Hopefu...
blog.thecobraden.com
The Cobra Den Blog: October 2012
http://blog.thecobraden.com/2012_10_01_archive.html
The Cobra Den Blog. The Cobra Den (Site). Thursday, October 4, 2012. Building a Better Emulator - Part 1. I prefer using the Android emulator to a real phone for some application assessments for many reasons. Unfortunately, not all apps run properly on the emulator. This series of posts will focus on modifications we can make to our emulators to allow more control and flexibility during application assessments. This first post will focus on controlling device identifiers and numbers. We have two options ...
blog.thecobraden.com
The Cobra Den Blog: February 2014
http://blog.thecobraden.com/2014_02_01_archive.html
The Cobra Den Blog. The Cobra Den (Site). Monday, February 3, 2014. Is Facebook Really Reading your Text Messages? But of course in the midst of all the NSA and related news, everyone put their tinfoil hats on and is a bit skeptical on the whole deal. I do think it's fine to question things like this, but there does need to be some closure on the whole thing. I decided to take a look at the Facebook mobile app and see whats really going on. So with that, let's get started! What does this mean? These acti...
blog.thecobraden.com
The Cobra Den Blog: April 2012
http://blog.thecobraden.com/2012_04_01_archive.html
The Cobra Den Blog. The Cobra Den (Site). Thursday, April 19, 2012. Words with Friends - Revisited. A few months ago, I showed some people how trivial it was to modify the Words with Friends Free. I tried to demonstrate the weakness a few weeks ago, but was surprised when I noticed some differences as I was reversing the app. Apparently, Zynga. Wasn’t too fond of people doing this, so they decided to “fix” the weakness. The version of the app I’m focusing on is 4.83. This helps protect what the app is ac...
blog.thecobraden.com
The Cobra Den Blog: Fixing Resource Identifiers in Disassembled Apps
http://blog.thecobraden.com/2013/04/fixing-resource-identifiers-in.html
The Cobra Den Blog. The Cobra Den (Site). Monday, April 15, 2013. Fixing Resource Identifiers in Disassembled Apps. If you have ever attempted to reverse an Android application, you've probably noticed that resource identifiers (think "R" values) show up as cryptic constants in disassembled smali code. This can be frustrating when attempting to reverse and understand the application's flow. A rather contrived example of this issue is demonstrated below. What does the value 0x7f03 mean? Since "public....
blog.thecobraden.com
The Cobra Den Blog: May 2015
http://blog.thecobraden.com/2015_05_01_archive.html
The Cobra Den Blog. The Cobra Den (Site). Friday, May 29, 2015. Hooking SQLCipher with Xposed. Recently, a coworker of mine approached me regarding an Android application that was using the SQLCipher. Library. For those unfamiliar with SQLCipher, it provides " transparent, secure 256-bit AES encryption. Wrote a blog post. A little over a year ago that describes how the SQLCipher library works, and how it is possible to obtain database encryption keys using the CydiaSubstrate. Worked fine. What gives?
blog.thecobraden.com
The Cobra Den Blog: June 2012
http://blog.thecobraden.com/2012_06_01_archive.html
The Cobra Den Blog. The Cobra Den (Site). Monday, June 18, 2012. Making Persistent Changes to an Android Emulator. Adding or modifying system binaries in the /system/bin. Adding entries to the /system/etc/hosts. File for redirection for specific domains. Changing settings in the /system/build.prop. File such as the device manufacture and phone model (for apps that refuse to run on certain devices). Adding entries to the android cert file at /system/etc/security/cacerts.bks. Specifically, it creates:.
blog.thecobraden.com
The Cobra Den Blog: Making Persistent Changes to an Android Emulator
http://blog.thecobraden.com/2012/06/making-persistent-changes-to-android.html
The Cobra Den Blog. The Cobra Den (Site). Monday, June 18, 2012. Making Persistent Changes to an Android Emulator. Adding or modifying system binaries in the /system/bin. Adding entries to the /system/etc/hosts. File for redirection for specific domains. Changing settings in the /system/build.prop. File such as the device manufacture and phone model (for apps that refuse to run on certain devices). Adding entries to the android cert file at /system/etc/security/cacerts.bks. Specifically, it creates:.
SOCIAL ENGAGEMENT