Showing posts from May, 2013

SL4A Python Script - Built Simple Python Listener to Allow Remote Execution on Droid

I built this python script to take remote commands and execute them locally on the droid as if I had terminal access.  It establishes a connection on port 21000 on the droid.  Then you can connect using netcat or other clients.  Then I added the functionality (since the 1st terminal emulator would not allow cat of files) to view the contents of files.  With this I discovered the insecure storage of files on the sdcard that other researchers have also recognized.

import android
import os

from socket import *

droid = android.Android()


tcpSrvSocket = socket(AF_INET, SOCK_STREAM)

while True:
    tcpClientSocket, addr = tcpSrvSocket.accept()
    print 'Connected from:', addr

    while True:
        data = tcpClientSocket.recv(BUFSIZE)
        if not data:
        if "cat" in data:
            # Remove the 'cat ' in the data
            fileName = data[4:]

SL4A Python Script - Delete SMS Messages from Phone based on Keyword

I developed this script to run on my droid to remove the SMS messages that are sent to me from the python script that logs into Twitter using OAUTH and sends me a text through an email account.

This was to assist in keeping my text messages cleaned out.

import android

droid = android.Android()

msgids = droid.smsGetMessages(False).result
for message in msgids:
    if "14100" in message['address']:
        #print message['_id']

The script also has the capability to speak the messages prior to deleting them.

Great Book: Violent Python by TJ O'Conner - Geo Location Script Adapted

# -*- coding: utf-8 -*-

# Script was adapted from Violent Python by TJ O'Conner

import dpkt
import socket
import pygeoip
import optparse
# Geodatabase from Maxmind
gi = pygeoip.GeoIP('geo.dat')

def retKML(description, ip):
    rec = gi.record_by_name(ip)
        longitude = rec['longitude']
        latitude = rec['latitude']
        kml = (
               ) %(description, longitude, latitude)
        return kml
        return ''

def main():
        # logfile.log contains 2 columns consisting of the label and the IP Address
        f = open('logfile.log', 'r')
        kmlPoints = ''
        count = 1
        for line in …

Powershell Script to Fix Unquoted Path Vulnerability

# This script is designed to fix an unquoted path vulnerability that could be detected as a vulnerability
# Designed for Powershell

$Username = 'username'
$Password = 'password'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass

# Resolve the IP Address to a Hostname
$hostName = [System.Net.DNS]::GetHostbyAddress("IP Address").HostName

# Created to change the unquoted path for "A Service"
$info = Invoke-Command -ComputerName $hostName -ScriptBlock {
    (Get-ItemProperty "hklm:\SYSTEM\CurrentControlSet\Services\Service Name" -Name ImagePath).ImagePath
} -credential $Cred

if ($info -eq 'Z:\Path Name')
    Write-Host "Service does not contain quotes adding them for Service"
    Invoke-Command -ComputerName $hostName -ScriptBlock {
        Set-ItemProperty "hklm:\SYSTEM\CurrentControlSet\Services\Service Name" -Name ImagePath -…