InfoSec Links July 28, 2014

Here's How Easy It Could Be for Hackers to Control Your Hotel Room - Kim Zetter - Wired

The attack surface for hotels will increase as more electronic amenities are added to rooms. Security should be kept in mind from both the hotel side and the guest side.

How Thieves Can Hack and Disable Your Home Alarm System - Kim Zetter - Wired

It looks like some home security companies have some work to do in the security arena. Codes are being transmitted in a way that allows someone with the right equipment to capture your home alarm system code and they don’t necessarily need to be standing in front of your house. I like the idea of rotating numbers similar to what you get with two-factor authentication.

The App I Used to Break Into My Neighbor's Home - Andy Greenberg - Wired

This is scary. And even more scary is the fact that the company who designed an app to make keys with a picture seems to downplay some of the concerns surrounding that technique.

This post first appeared on Exploring Information Security.

How to capture traffic from a mobile app

when I switched to the iPhone 5s several weeks ago, I knew I wanted to keep my old Android phone to play around with for infosec purposes. A couple weeks I finally got an opportunity to do exactly that. We had an app that we needed to find out where information input into the app was being sent. The original idea was simple: setup a wireless network for just the device to connect to and wireshark the traffic. I had another idea though: run some sort of PCAP capture app from the device to collect the outgoing traffic.

The Method

  1. Download WiFinspect from Google Play

  2. Root the phone

  3. Run the capture

  4. Export the capture from the phone

Download WiFinspect from Google Play

There are several apps out there that do PCAP capture as well as other “security” type of functions. I decided on WiFinspect because the app is part of a dissertation at the University of Birmingham. The app requires root access to run the PCAP capture and a few other functions. To do that you have to root the Android device. Which is essentially the same thing as jailbreaking an iPhone.

Root the phone

I’m not going to go through the whole process step-by-step because I found a video that does a great job of that. These are the instructions for a HTC 3D Evo, if you have another phone a simple Google search should get you your own instructions:

Run the capture

Open WiFinspect. Next click ‘Network Sniffer’ then Start Sniffing. At this point you can close the app and go to the application and start poking around in it.

Once you’re done go back to the WiFinspect and select ‘Stop Sniffing.’

 

Retrieve the capture

I was using my old HTC 3D Evo, so all I had to do was simply plug the device up to my computer and select the option to use it as a disk drive. I then opened Windows Explorer and navigated to the Removable Disk drive that appeared under Computer. In there the WiFinspect app had created a folder ‘Wi-Fi Probe’ and in there was the PCAP I needed to analyze. Just drag and drop that PCAP onto the computer you’ll be using Wireshark.

This post first appeared on Exploring Information Security.