Whatsapp stores its messages and contact list in plain-text-sqlite database

Last night I was doing some app-forensics on my android device where I was investigating internal files for Whatsapp application 'com.whatsapp'. First I checked shared_preferences directory which I found interesting somehow, next I have checked databases directory where my shock exists !

My Android Metasploit Payload with Meterpreter Android Extension for Metasploit

My Android Metasploit Payload with Meterpreter Android Extension for Metasploit https://vimeo.com/77632331

Cairo Security Camp 2013

Post by Anwar Mohamed.

[C Tutorial] Course Content

Hello Guys,
I have setup the course content for the new C programming language tutorial. I thought that it will help you to  put your hands on my plan for you for the next weeks. Good luck

Link to Course Content PDF

Coming Soon

Something big is coming soon !

Packetyzer: A step towards future

Long time I didn't write on the blog, but I am back with my latest and first paper on Packetyzer, my first packet analysis C++ library. 

https://github.com/AnwarMohamed/Packetyzer

Abstract

Packetyzer is a high level library for C++ designed to make easier the forging and decoding of network packets. It has the ability to decode packets of most common network protocols, capture them and send them on the wire. This capability allows construction of tools that can probe, scan or attack networks.

It enables the creation of networking tools in a few lines. A packet is described by its where Fields of each layer have useful default values that you can overload. It has the ability to analyze pcap files or captured packets using Wireshark.

Packetyzer has the ability to capture packets, analyze them and send them over the wire. It analyzes the packets and the connection streams ... from the Ethernet header to the Application layer protocols. Packetyzer is in the form of Dynamic Link Library (DLL) that will help to be included in many tools and projects.

Windows Buffer Overflow Explained - Part 2

Welcome back, in part 1 we talked about the definition of the buffer overflows and how they can occur, also we talked about memory and its relations to buffer overflow. In this part we are continuing our series talking about Registers and Shellcodes.

Registers 

Processors contain memory known as registers. These registers are very small and are used for very fast processing. Registers can be thought of as variables for assembly. Registers are classified according to the functions they perform. High level registers can be categorised in four sections

• General purpose 
• Segment 
• Control 
• Other 

Registers EAX, EBX, ECX, EDX, ESI and EDI are used for general purpose variables such as mathematical operations and hold  data for an operation. These are 32 bit registers on a 32 bit processor. The 16 bit registers for EAX, EBX, ECX and EDX are known as AX, BX, CX and DX. Finally 8 bit registers are known as AL, BL, CL and DL which are the low order bits. High order bits are known as AH, BH, CH and DH. These 16 and 8 bit  registers exist for backwards compatibility and are very useful when producing smaller shellcode. The "E" means extended to address the full 32-bit registers.