Feb 29, 2012

Android Forensics Study of Password and Pattern Lock Protection

If you want to see all detail, please go to the Source.

What is Password Lock?
So, while the Pattern Lock is a number, Password Lock can contain characters, numbers, and special marks. Unlike patterns passwords can be a real problem for the attacker as the number of variants grows tremendously. Of course, this is true if you want to brute force Password lock just like the Pattern. Well, definitely you have something more effective to do. But we’ll speak about it a bit later. The password lock file is located in /data/system folder and named pc.key. Android OS uses exactly the same method to store the password. Once the user sets the password, device hashes it with SHA-1 and saves result into the file. When the user enters the password to unlock, the smartphone compares its SHA-1 hash with stored one and decides whether to give access or not.
How to access gesture.key and pc.key files?
There is no direct access to these files by default, since they are in /data/system folder. There are still ways to grab them:
  1. Use ADB interface and have root rights to access full file system. In other words the device must be already rooted and have USB Debugging mode ON. Too strict conditions! Not many devices will allow the attacker to restore the pattern in this case.
  2. Use a special recovery boot loader to start device with access to these files. This way has much more chances to be used to access the lock files. Once you get a physical access to the file system you can easily grab the files.
Source: http://articles.forensicfocus.com/2011/11/18/android-forensics-study-of-password-and-pattern-lock-protection/

If you like my blog, Please Donate Me

Feb 27, 2012

DDoS Tool List From Anonymous

DDoSim (Linux) - Download => http://tinyurl.com/4xe3vjk
Loris - Download => http://ha.ckers.org/slowloris/
Apachekiller - Download => http://pastebin.com/9y9Atijn save as "whatever.pl" <-- More Infohttp://thehackernews.com/2011/08/killapache-ddos-tool-half-of-internet.html
perl for windows => http://www.activestate.com/activeperl/downloads
pyloris => http://sourceforge.net/projects/pyloris/ | instructions => http://pastebin.com/MTyHYXJe
hping  => http://www.hping.org/download.php | Instructions =>
Qslowloris(Windows) = > http://www.megaupload.com/?d=3DV6R4ZL
Tor's Hammer => http://packetstormsecurity.org/files/98831/Tors-Hammer-Slow-POST-Denial-Of-Service-Testing-Tool.htmlpwnt softwarez.

If you like my blog, Please Donate Me