Friday, February 17, 2012

Android Emulator - Pentesting - Encountered Errors

The "INSTALL_FAILED_MISSING_SHARED_LIBRARY" is a very common problem which is encountered normally in day to day operations. This error is legitimately thrown by the android emulator when a new application is forced to install for testing purposes.

This error is an outcome of inappropriate selection of Android API or Google API. The application might require either of the API's. If your Android Virtual Device (AVD) is build to use one of it , you are going to face this problem.

For example: let's have a look at this emulator

and now we want to install, anti toolkit on it which results in following error

The next step, we tried this -

The result is as expected

Always provide appropriate partition size for AVD to avoid any stringency while testing.

Sunday, February 05, 2012

Hacking Cradle Point Routers - Obscurity at the Peak

Cradle-point wireless routers are used heavily for setting small networks. However, Cradle-point uses interesting MAC specific authentication credentials which are unique for every router because of the MAC address uniqueness. In general, Cradle-point opts this behavior in order to provide more entropy in the authentication scheme rather depending on default password mechanism, which most of the LAN/WLAN router uses.

Cradle-point uses last six characters of MAC address for authentication by default. Well, in general it seems interesting because it looks like things are more secure. However, this is not appropriate from security point of view. For administrative logins and user authentication for the first time, a login page is displayed that looks for internet access password.

The question is; How to get the password for unmanaged routers? Well, it is in MAC address. However, the obscure part is, once you are inside a WLAN , you are already having an IP address. It means Address Resolution Protocol (ARP) is the key that maps the network layer address (IP) to the link layer(Ethernet/MAC). The login page looks like as follows

The designers made a mistake in setting this type of layout because in order to get the administrative webpage, the client has to connect to the network if it is active. Right!. Yes it is. Once a user activates the wireless connection it gets connected to the same WLAN which has a gateway address of (default for Cradle-point routers). It is hilarious but it is trivial to subvert the stuff to get the password. Now, the hacker is in the network, so we can get possible ARP entry which resolute the IP address to the MAC address (simply ping the gateway) for the router.

As per the documentation, the password has to be 071640. Let’s try

So ..........

Configure your devices in a secure manner.