Toggle sidebar

Hacking Can you a9lh an o3ds xl with a phone?

  • Thread starter Thread starter Zyteus
  • Start date Start date
  • Views Views 3,453
  • Replies Replies 43
Joom said:
Do you have any samples of actual malware installed by it? Because I'm finding incredibly mixed reports from earlier last year about it creating a folder related to a Chinese ROM, but no actual proof of malware. There's reports of it aggressively pushing shovelware, but no actual malware.

Edit: Yeah, it just used aggressive advertising at one point (it might still), but it never installed actual malware. I'm also not seeing any reports that it's still doing this kind of advertising either.
Click to expand...
its not the app but the ads. and getting a capture on it would be hard to do.
 
MarioMasta64 said:
its not the app but the ads. and getting a capture on it would be hard to do.
Click to expand...
What do you mean by "getting a capture"? I'm asking for a malicious APK that either it or the ads downloaded and installed without user consent. I haven't found anything on Google about this. All I've found are lockscreen advertising reports, a folder being created with benign files inside, and the app itself pushing shovelware.

MarioMasta64 said:
https://play.google.com/store/apps/details?id=com.utorrent.client
Click to expand...
Ew, no. Flud is the best Android torrent client.
 
Joom said:
What do you mean by "getting a capture"? I'm asking for a malicious APK that either it or the ads downloaded and installed without user consent. I haven't found anything on Google about this. All I've found are lockscreen advertising reports, a folder being created with benign files inside, and the app itself pushing shovelware.


Ew, no. Flud is the best Android torrent client.
Click to expand...
a cature because no malformed apk is actually installed as es file explorer has all permissions to the phone, im guessing you dont know much about security?
amd ive never heard of flud before.

--------------------- MERGED ---------------------------

Joom said:
What do you mean by "getting a capture"? I'm asking for a malicious APK that either it or the ads downloaded and installed without user consent. I haven't found anything on Google about this. All I've found are lockscreen advertising reports, a folder being created with benign files inside, and the app itself pushing shovelware.


Ew, no. Flud is the best Android torrent client.
Click to expand...
if the app was malformed or downloaded malformed apks and installed them then it wouldnt pass he tests done before it goes up on the playstore, which is why they often infect the phone using services provided by es file explorer, most commonly access to other apps such as gapps where a users details can be taken

--------------------- MERGED ---------------------------

Joom said:
What do you mean by "getting a capture"? I'm asking for a malicious APK that either it or the ads downloaded and installed without user consent. I haven't found anything on Google about this. All I've found are lockscreen advertising reports, a folder being created with benign files inside, and the app itself pushing shovelware.


Ew, no. Flud is the best Android torrent client.
Click to expand...
ive tested this by having a clean phone and using only es file explorer for awhile not even the web browser eventually the details for the google accounts got changed to @bb (a chinese mail server)

--------------------- MERGED ---------------------------

Joom said:
What do you mean by "getting a capture"? I'm asking for a malicious APK that either it or the ads downloaded and installed without user consent. I haven't found anything on Google about this. All I've found are lockscreen advertising reports, a folder being created with benign files inside, and the app itself pushing shovelware.


Ew, no. Flud is the best Android torrent client.
Click to expand...
i would at least reccomend not using the phone as a 2fa and changing youre password commonly if you wish to use it.
 
MarioMasta64 said:
a cature because no malformed apk is actually installed as es file explorer has all permissions to the phone, im guessing you dont know much about security?
amd ive never heard of flud before.
Click to expand...
I'm a CISSP certified contract IS auditor. Security pays my mortgage. So yes, I do know quite a bit about this. No, ES does not have complete access to the device, even with root (the way it invokes root is even piss poor). Malware for Android is delivered as an APK. Raw CVEs aren't, but these are coupled with something like Dendroid APKs or other malware for privilege escalation purposes. They leverage something like stagefright and install a malicious APK silently. This is why I asked for a sample of a malicious APK that was delivered through one of these advertisements.
 
Last edited by Joom,
Joom said:
I'm a CISSP certified contract IS auditor. Security pays my mortgage. So yes, I do know quite a bit about this. No, ES does not have complete access to the device, even with root (the way it invokes root is even piss poor). Malware for Android is delivered as an APK. Raw CVEs aren't, but these are coupled with something like Dendroid APKs or other malware for privilege escalation purposes. This is why I asked for a sample of a malicious APK that was delivered through one of these advertisements.
Click to expand...
i never said it had full access, and i dont have full control over a physical device so i cant capture it. but ive tried it over and over with the same result. it only happens with es installed (which is why i dont reccomend it). and fancy maybe you could teach me some things sometimes. ^-^ one of the things im going to college for is I.T. so most of what i know is on the computer side of things.

--------------------- MERGED ---------------------------

Joom said:
I'm a CISSP certified contract IS auditor. Security pays my mortgage. So yes, I do know quite a bit about this. No, ES does not have complete access to the device, even with root (the way it invokes root is even piss poor). Malware for Android is delivered as an APK. Raw CVEs aren't, but these are coupled with something like Dendroid APKs or other malware for privilege escalation purposes. They leverage something like stagefright and install a malicious APK silently. This is why I asked for a sample of a malicious APK that was delivered through one of these advertisements.
Click to expand...
oh i did say all .3. well i didnt mean literally perhaps i should watch my wording.
 
Thank you, everybody, for the replies! For some reason, I'm not getting notifications so I didn't see any response till I checked it.
 
MarioMasta64 said:
es file explorer has malware ._. many others have confirmed it. i think its the ads that are infected.\
Click to expand...
False, false, and more false. Although I have the Pro version because I support devs who make good apps, I've never had any infected ads on my phone. I scan weekly.
 
Jayro said:
False, false, and more false. Although I have the Pro version because I support devs who make good apps, I've never had any infected ads on my phone. I scan weekly.
Click to expand...
pro version removes ads though .-. also i dont get much money. then how would you explain it only happening with es file explorer?
 
MarioMasta64 said:
i never said it had full access, and i dont have full control over a physical device so i cant capture it. but ive tried it over and over with the same result. it only happens with es installed (which is why i dont reccomend it). and fancy maybe you could teach me some things sometimes. ^-^ one of the things im going to college for is I.T. so most of what i know is on the computer side of things.

--------------------- MERGED ---------------------------


oh i did say all .3. well i didnt mean literally perhaps i should watch my wording.
Click to expand...
Was this phone that this happened to absolutely brand new and stock, or had it been factory restored after doing so much to it? Some malware is persistent across formats and require that the actual partition table be flushed and recreated. Any way, we got a bit off-topic here. If you wanna talk in PM I don't mind. I'm more than happy to share what I know.
 
I don't think it would be hard to do really.. Im going to try to test this theory.. I believe it's possible because all you need is to download stuff and put it in your SD card. With a phone it's should be possible all needing is really a file explorer like ES file explorer and a slot on the phone.

Besides injection..
 
Last edited by Awesomeslayerg,

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Homebrew  [Progress update] LCE Minecraft 3ds

Gaming  any good rpgs on 3ds?