Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Android  

Metasploit Framework Valentines Update

Valentines day is just around the corner! What could be a nicer gift for your sweetie than a bundle of new Metasploit Framework updates? The community has been as busy as ever delivering a sweet crop of sexy exploits, bug fixes, and interesting new features.…

Weekly Metasploit Wrapup

Welcome back to the Metasploit Weekly Wrapup! It's been a while since the last one, so quite a bit has happened in that time including 75 Pull Requests. Stageless mettle The rewrite of meterpreter for POSIX systems, mettle, now supports a stageless mode. You can…

Pokemon Go, Security, and Obsolescence

Pokemon Go started it. The crusty old house cell phone, which we had years ago ported from a genuine AT&T land line to a T-Mobile account, suddenly caught the attention of my middle son. "Hey Dad, can I use that phone to…

Using the National Vunerability Database to Reveal Vulnerability Trends Over Time

This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical leader with over ten years of experience in vulnerability management, digital forensics, e-Crime investigations and teaching. Currently he is a senior vulnerability manager at Kimberly-Clark and an adjunct faculty at Texas A&…

Weekly Metasploit Wrapup

A little entropy goes a long way Meterpreter can communicate via straight TCP or over HTTP(S), but whatever the transport, the protocol is pretty much the same. It uses what is called a TLV protocol, for Type-Length-Value. In truth, meterpreter actually does it in…

The Haves And Have-Nots in Device Security

Today's story about the ongoing issues law enforcement is running into with Apple's encrypted-by-default design illustrates a major difference between the iPhone and the Android security models. Encryption by default on older Apple devices makes it impossible for anyone without the password to decrypt the…

Disclosure: Android Chrome Address Bar Spoofing (R7-2015-07)

Android Chrome Address Bar Spoofing (R7-2015-07)SummaryDue to a problem in handling 204 "No Content" responses combined with a window.open event, an attacker can cause the stock Chrome browser on Android to render HTML pages in a misleading context. This effect was confirmed on…

Weekly Metasploit Wrapup: UXSS, Towelroot, and Sayonara to Ruby 1.9!

Metasploit 4.11.1 Released! Hi all! I'm happy to announce that Metasploit 4.11.1, the latest dot version of Metasploit Community, Express, and Pro has been released. You can fetch the updates using the usual methods -- in the UI, with msfupdate, or…

R7-2015-02: Google Play Store X-Frame-Options (XFO) Gaps Enable Android Remote Code Execution (RCE)

Vulnerability Summary Due to a lack of complete coverage for X-Frame-Options (XFO) support on Google's Play Store web application domain, a malicious user can leverage either a Cross-Site Scripting (XSS) vulnerability in a particular area of the Google Play Store web application, or a Universal…

Weekly Metasploit Wrapup: Android Android Malkovich Android

Hi folks! Sorry about the delay on this week's blog post. I've been responding to a few concerns about this week's Android revelations about the no-patch policy from Google with regard to nearly a billion in-use Android handsets, and incidentally, caught a face cold that's…

12 Days of HaXmas: A year of Metasploit Android exploits

This post is the ninth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. It has been a busy year for Android exploitation here at…

Weekly Metasploit Wrapup: Exploiting Mobile Security Software

Exploiting Security Software: Android EditionIt's hard not to sound gleeful when you've exploited security software. After all, this is software by and for Our People, people who are nominally In The Know about security. Security software is special, in that it's not merely supposed to…

Metasploit Weekly Wrapup: Another Android Universal XSS

Click and Get Owned on Android... AgainThis week, we landed another Metasploit exploit for another Android WebView vulnerability; this time, it's a problem that occurs when replacing the "data" attribute of a given HTML object with a JavaScript URL scheme. Like the last Android security…

Ahoy! It's the Metasploit Weekly Wrapup: More on Android UXSS and refreshing JSObfu

First things first -- today is International Talk Like a Pirate Day, which is great for me, given my office decor. Arrr! So grab a flagon of grog, and read on, ye landlubbers! Updates to the Android Universal XSS bug (CVE-2014-6041) This has been a…

Android browser privacy bug explained [VIDEO]: Whiteboard Wednesday

todb's post earlier this week about the flaw in Android's Open Source Platform browser has been getting a lot of attention this week, and for good reason: By the numbers, Android 4.2 and earlier builds have the vulnerable browser in question, and about 75%…