Critical Thinking – Bug Bounty Podcast
Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.
Follow us on Twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on Twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Joel’s Alternative to UberTooth One:
https://www.amazon.com/Bluetooth-UD100-G03-Exchangeable-Bluesoleil-Microsoft/dp/B0161B5ATM
D3monDev’s Burp VPS Plug-in:
https://github.com/d3mondev/burp-vps-proxy
FireProx:
https://github.com/ustayready/fireprox
Joel’s Universal SSL De-pinning Frida Script:
https://gist.github.com/teknogeek/4dc35fb3801bd7f13e5f0da5b784c725
Command-line Fuzzy Finder:
https://github.com/junegunn/fzf
Justin’s two article recommendations for using Frida:
Copy screen of physical device:
Flipper:
BetterCap BLE Module:
https://www.bettercap.org/modules/ble/
Timestamps:
(00:00:00) Intro
(00:00:55) Hacker Chats
(00:03:27) Podcast Content Commentary
(00:04:09) SSRF Rebinding Error Confession
(00:06:02) Flipper Zero
(00:07:58) Bettercap BLE
(00:09:36) Sena USB Bluetooth Adapter
(00:12:41) Burp VPS Proxy Plugin
(00:13:55) Fireprox
(00:15:40) Dynamic Mobile Hacking
(00:17:40) Dynamic Analysis Overview
(00:18:18) Emulator Talk
(00:24:29) Joel’s APK Analysis Flow
(00:26:30) Cert Pinning
(00:32:17) Joel’s SSL Cert Pinning Script
(00:35:29) Hands-on look at Frida
(00:50:11) Frida on Non-rooted Devices
(00:58:22) Tracing Errors to Overwritable Functions
(01:00:39) Native Libraries
(01:09:18) GenyMobile Screen Mirroring Tool
(01:11:50) Justin’s Report of the Day and Custom SSL Pinning
(01:18:15) Joel’s First Ever Bug, Jailbreak Detection Bypass