Hak5 – Extreme Android and Google Auth Hacking with Kos, 1205.2



Kos of kos.io joins us to demonstrate his lethal Android hacking toolkit – P2P-ADB. Taking advantage of USB Debug Mode, Root, and some crafty hacks Kos’ toolkit enables the bypassing of lock screens, making system changes and even “backing up” Android profiles, all from one phone to another. Kos goes on to perform an Auth token cloning attack, enabling an attacker to gain access to a victims Google account, change the password, or even setup a one-time-password for themselves if…

40 Comments

  1. that's I'm gluing my charge port- so what if wireless charging is slower than koala eating ecosystems off a plate?

  2. adb is not in your $PATH……. HOW TO SOLVE IT PLZZZ HELP

  3. what wold happend if a devise is connected thrue a charge only cable(the 2 data wires shorted) in to the otg port ?? will it short out the host device?

  4. I love how the interviewer keeps interrupting the hacker before he can answer half of the question, lol. 

  5. i think they have more pride than you do in that they DONT wear make up cause they couldnt care less what people like you think

  6. @5:20 Darren
    1. Go into Settings and delete the current user (assuming everything is already synced).
    2. Do not "Sync in and sync" when prompted.
    3. Sign into google.com with two factor.
    4. At the top of the site, click on "OK,sync".
    5. Rejoice and remove the app-specific passwords you have been using up until now.
    6. Thank me later. 🙂

  7. Yep…because the most important thing is how you look. I mean, everyone who is seriously into computers/software/hardware HAS to look good. Take a look around any C.S. department, DEFCON, Black Hat, etc and find the person with the best 'appearance;' He/She probably knows the most cool stuff…

    Enough sarcasm?

  8. lmfao
    they are hackers 🙂
    they do not do makeups because this is an show for normal people and normal hackers
    So fuck of i agree that shannon looks unprofessional but things you learn here are cool
    If you learn a thing from a douch bag
    Respect Him

  9. does anyone know how to run this on eclipse? Ive been researching for days, Im a noob.

  10. Yes. However, bruting those passwords on your own phone is out of scope on of p2p-adb. I have plans to write a module to pull those pieces of data.

    I've also always had to restart the phone (or kill system_server/zygote) to get the sqlite database security changes to take effect. I will look into that more. I'd prefer to have some command line, to avoid leaving any footprint.

  11. Thanks for the coupon. Their version of the samsung galaxy s2 doesnt have nfc so I had to get an nfc sd card that only had 1 gig. Anyone know of others with more space?

  12. Somebody should tell Kos that if you get root access you could just disable the lockscreen with the sqlite3 binary and press the power button twice to get into the other phone without having to use workarounds. You can also get the lockscreen password salt. If you use these methods (im)properly, you could get what looks like legitimate access to their phone and they would never know.

    There are guides online for doing this.

  13. iOS = Less Freedom, More Security
    Android = More Freedom, Less Security

  14. I really like this video and as a plus it gives me new ideas on how to beef up security measures while still maintaining easy accessibility and usage.

Leave a Reply

Your email address will not be published. Required fields are marked *