Re: Any not annoying help welcome

[Christopher Dreher <Christopher.Dreher () cirosec de>]

Hey

I don't know what exactly you mirrored but I can say there is none application specific traffic inside your pcap dumps.
A good way to start is to have a look at Mallory (https://intrepidusgroup.com/insight/mallory/) if you don't know what
communication protocol the app makes use of.

Best regards cd

Von: Full-Disclosure [mailto:full-disclosure-bounces () lists grok org uk] Im Auftrag von ICSS Security
Gesendet: Mittwoch, 4. Dezember 2013 13:22
An: adam; full-disclosure () lists grok org uk
Betreff: Re: [Full-disclosure] Any not annoying help welcome

Hi, thanks for replying back...

The APK Android app is "MEO GO!" from PT Comunicações. I always have bad luck trying to crack there apps. Back to the 
subject, It's an on-demand app to watch tv, rent movies and tv shows but there is a feature there that i really want to 
add to my hacking kit.

When i try to login, in the app there's a feature called "MEO GO! Mobile" which only requires user to enter there 
mobile number. It connects via 3G or Wifi and it's able to determine if the number you enter matches the simcard mobile 
number.

I WANT THAT QUERY FEATURE

1) If the number is incorrect, it says "The number you entered doesn't match your simcard number. Please try again" (in 
portuguese)

2) If the number is correct, it loads up the service.

In the attachment i include the Wireshark packets for anyone. If it's breakable then you should be able to find my 
number there.

I will go test the code and wait for any reply. If no response i will walk away because sometimes things are impossible 
until certain point...

________________________________
From: iarethebest () gmail com<mailto:iarethebest () gmail com>
Date: Wed, 4 Dec 2013 04:16:56 -0600
Subject: Re: [Full-disclosure] Any not annoying help welcome
To: ctrlaltdelete () outlook pt<mailto:ctrlaltdelete () outlook pt>
CC: full-disclosure () lists grok org uk<mailto:full-disclosure () lists grok org uk>
If you want anyone to help you with your specific problem, then you need to provide specifics to your problem. Can you 
post some (or all) of what you're trying to decode? If not, can you provide more information on what you're seeing? 
What character set? What length? Is any of it human-readable?

On Tue, Dec 3, 2013 at 3:06 PM, ICSS Security <ctrlaltdelete () outlook pt<mailto:ctrlaltdelete () outlook pt>> wrote:
Making a turn here, let's see what turns out!

I know that using Wireshark we can capture traffic in/out of the routers interfaces.
I don't want to dig up the routers concept because face it i already know how it works and so do you.

I have only a few questions to ask.

1) The traffic on any device is monitored, correct? So, android devices too.
2) I have monitor an apk aplication and saved the packets with a succefull login and an unsuccefull login.
3) I know what the magic number to look for but, i'm unable to go further decoding the authentification method.

Can anyone give me a hand here or should i go elsewere?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/