Tuesday 25 October 2011

Ios5 Passcode Bypass Exposes Secrets

A recently disclosed bug in ios5 allows an attacker to bypass the passcode to the device and use whatever application was in the foreground at the time it was locked.

The first place I'm aware of carrying this story is BringYourOwnIt.com:


I tried this at home and sure enough it works. I believe this bug is really derived from things not being executed in the right order, your application should be backgrounded before the device sleeps and then brought back to the foreground when it wakes.

This is a problem that goes a little further than discussed in the BringYourOwnIt.com article because it also affects apps that have a 'privacy' mode - the app never gets the instruction to background which means it doesn't clear the history, purge or even wipe the screen.

I tested this with the Mercury Browser; I started the app and enabled privacy mode from the on screen window. Now if Mrs Hyakuhei comes home while I'm "shopping for her super-secret anniversary present" I just close the cover of the ipad and she'll never know. Unless she's read this post. In which case she could open the cover, hold down the power button, close the cover once the power-off screen is displayed, re-open and hit cancel - Now she can see all those presents that I was trying to keep secret.

So, all you ipad wielding secret santas - you have been warned.
at No comments:

Tuesday 12 July 2011

Brute Forcing Usernames

Most companies create usernames for staff based on some combination of firstname-lastname.

This script will print out all combinations of each name longer than 4 characters. A little social engineering of your target should be enough to get you firstname/lastname pairs that you're interested in.

The script is deliberately short, easy enough to add number styles, dots or special characters depending on what your use is.

#!/usr/bin/python

first = 'steffan'
last  = 'jones'

firstPem = []
firstLen = len(first)
for x in range(1,firstLen+1):
        firstPem.append(first[0:x])

lastPem = []
lastLen = len(last)
for x in range(1,lastLen+1):
        lastPem.append(last[0:x])

for f in firstPem:
        for l in lastPem:
                if(len(l+f)>3):
                        print f+l
                        print l+f
at No comments:

Wednesday 2 March 2011

Gnome Slideshow Wallpaper Script

Gnome can give you a slideshow wallpaper where it changes wallpapers every n seconds. To do this it uses an XML file that describes how it should iterate through the images.

I've knocked together a very rough script to generate these 'background-1.xml' files. Just put the script in a directory with some jpg images and run it - simple.

The script could be a lot better and tidier, I don't write python. Feel free to post cleaner versions in the comments.

#Generate XML file based on local jpg files

#User Variables - change these if you're feeling brave

transition_time = 5
display_time = 300
random_order = True

#------End of User Variables-------#

import os
import random


file_name = "background-1.xml"
cwd = os.getcwd()

try:
    os.remove(file_name)
except:
    pass

f = open(file_name, 'w')
f.write('<background>\n')

dirList = os.listdir(".")
imgList = []
staticList = []

if random_order:
    random.shuffle(dirList)

for fname in dirList:
    if fname[-4:] == ".jpg":
        ffname = "%s/%s" % (cwd,fname)
        imgList.append(ffname)
        staticList.append("<static>\n\t<duration>%.1f</duration>\n\t<file>%s</file>\n</static>\n" % 
            (display_time, ffname))


endIdx = imgList.__len__()-1
for idx in range(0, endIdx+1):
    #If we're at the end of the list, transition back to the first.
    transIdx = idx+1 if idx!= endIdx else 0 
    f.write(staticList[idx])
    f.write("<transition>\n\t<duration>%.1f</duration>\n\t<from>%s</from>\n\t<to>%s</to>\n</transition>\n" % 
        (transition_time, imgList[idx], imgList[transIdx]))

f.write('</background>')
at No comments:
Subscribe to: Posts (Atom)