How to Fix “ShellExecute failed (2): Is this command correct?” on Notepad++

Problem:

When you click right-click->Edit with Notepad ++ and get the error “ShellExecute failed (2): Is this command correct?” as seen below:

Notepad++ Extension- Error ShellExecute

 

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Software, Technology, Windows | Tagged , , , | 20 Comments

Pangu 8.0-8.1.x Untether Update

Pangu 8.0-8.1.x Untether Update

Previously we blogged about Pangu releasing an update making the jailbreak more stable on iOS8 (Full article here)

Once again, we have another exciting update from the Pangu team regarding a new release (Version 0.3)

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Apple, Cydia, Jailbreak | Tagged , , , , | Leave a comment

iOS 8.1 Jailbreak Update: Passcode boot loop fixed

Changes in Cydia 1.1.15

Previously we blogged about how the jailbreak is becoming more stable on iOS8 (Full article here)

Today we have more good news and there is another exciting update regarding the iOS 8.1 jailbreak as the Cydia installer has been updated to fix a bunch of issues most importantly the Passcode and Touch ID problems causing a boot loop.

The screenshot below shows the complete list of changes:

Changes in Cydia 1.1.15

 

Changes in Cydia 1.1.15

iOS 8 Passcode Compatibility

Cydia no longer causes your device to lock up while booting on iOS 8 when you use a passcode. We recommend you use a passcode for security. (Under Settings, go to “Touch ID & Passcode”, and “Turn Passcode On”.)

If you have installed unsupported stashing modifications, you may want to restore and jailbreak again, instead of directly installing this update (those modifications are unsupported).

Multitasking Support on iOS 8

Cydia now backgrounds almost like a regular application (but only on iOS 8). This has been a major architectural change: please alert us to any issues.

This allows you to switch back/forth between Cydia and other applications (such as Safari, or the Google two-factor authentication app) without losing your package selection state.

New Window and Hijack Blocking

One of the biggest complaints about Cydia in the last year has been a new kind of ad seen on some repositories: a sudden redirect to the App Store.

Cydia now blocks “popups” and asks the user before opening the App Store.

Partial iPhone 6 Plus Support

Cydia supports rotation on the iPhone 6 Plus and has a new @3x icon and tabbar. Cydia renders at the native resolution on both the 6 and 6 Plus.

Videos Work Again (on iOS 7.1-8.1)

Cydia on iOS 7.1 had an issue where playing video would cause the device to “lock up”. This bug has finally been fixed! The new iOS 8 video issue (a YouTube error message) is also fixed.

Localization Works Now on iOS 8

Users of Cydia 1.1.13 (only available via a manual installation process) may have noticed Cydia only displayed in English :(. This has been fixed! Yay!

Queue Status is “Less Incorrect”

Sometimes Cydia would not have packages queued but claim it did, or would have packages queued and claim it did not; this happens less ;P.

Known Issues Specific to iOS 8

When installing packages that put icons on SpringBoard, the icons may not appear. Rebooting might make them appear. This is because our “uicache” tool, which refreshes icons, has not yet been updated for iOS 8.

We are working on this, and a fix will come later as part of the UIKit Tools package as soon as we can manage.

Feel free to share your thoughts in the comment section below.

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Apple, Cydia, Jailbreak | Tagged , , , , | 2 Comments

iOS 8 Jailbreak one step closer to full stability

This will be a short post merely highlighting the latest updates to Cydia Substrate and Pangu Release which is GREAT news for those who took the leap and updated and have jailbroken their devices on iOS 8.

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Apple, Cydia, iPad, Jailbreak | Tagged , , , , , | 4 Comments

How to Fix “The certificate is not trusted because the issuer certificate is unknown” error message

This article describes why the The certificate is not trusted because the issuer certificate is unknown error message may appear when trying to visit secure (https) websites in Firefox.

For example https://code.google.com/p/end-to-end/

In the URL above, the domain is “google.com” and “end-to-end” is a sub-site. The problem shows as the following:

This Connection is Untrusted

In the screenshot above, the site name that could not be verified was code.google.com as the syntax of the error is:

(site name) uses an invalid security certificate. 
The certificate is not trusted because the 
issuer certificate is unknown. (Error code: sec_error_unknown_issuer)

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Uncategorized | 22 Comments

Protected: Using the latest bash vulnerability ShellShock to get shell access

This content is password protected. To view it please enter your password below:

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Uncategorized | Enter your password to view comments.

How to Fix “The installation source for this product is not available. Verify that the source exists and that you can access it.” error message

Problem:

If you encountered the error when trying to install/uninstall an application, you may be facing a corruption in the registry where the keys missing or partially missing.

The installation source for this product is not available. Verify that the source exists and that you can access it.”

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Software, Windows | Tagged , , , , , , | 2 Comments

Kaspersky Security Center displays “Not scanned for a long time”

Kaspersky Security Center is a great tool to manage several PCs from a server where you can manage, monitor, scan for viruses, update, etc… from one control panel installed on the server. However, recently I have hit the problem below even though I scanned the workstations several times.

Kaspersky Security Center

After endless head banging and googling, I was able to find a solution which we will explore in this post. Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Security, Software, Technology, Windows | Tagged , , , , | Leave a comment

Decrypting IOS app to access Class Information

The purpose of this post is to shed some light on the process of accessing the inner details of the source code of an IOS app, any third-party libraries it uses, and how it was designed.

You are probably asking yourself what could be gained from doing so and the answer may differ from one person to another, whether it is pure admiration of a cool app, checking if an app has any malicious or sketchy code that would warrant concern to the user, etc.

For the purpose of this tutorial, I will be using

To begin, we need the following:

  • A Jailbroken idevice
  • Cydia packages
    1. BigBoss Recommended Tools (From BigBoss Repo)
    2. classdumpz (From cydia.radare.org repo)
    3. Core Utilities
    4. GNU Debugger (From cydia.radare.org repo)
    5. OpenSSH
    6. OpenSSL
  • An FTP client on Windows or Mac OS X

If you do not have a jailbroken device, you will need to do so by visiting idownloadblog at the following link

Once you have jailbroken your device, head on to Cydia and install the packages included above, I faced several issues with the decrypting applications in IOS 7 due to some incompatibilities between IOS 7 and the debugging tools in the BigBoss repository which is why I included GNU Debugger from cydia.radare.org even though a version exists in BigBoss.

For example: The GNU Debugger installed with “BigBoss Recommended Tools” is at this moment 1518-12, however, the compatible version that works with IOS 7 is 1708.

Now let’s start decrypting the application:

The first step is to find the application of interest, usually it could be found in /Application but as you can see in the screenshot below, MaaS360 is nowhere to be found:

 ls /Applications 

List Applications

So we will use the find command to locate the app in question:

 find / -name "Gmail*" 

Figure 2 Find ApplicationsNote: A more complex command but more accurate method of finding the application is:

 find / -type d -iname "Gmail*.app" 

Aha we found the directory, under /private/var/mobile/Applications/CAF8206F-8348-4AB4-B167-2FE77D15DDBB/GmailHybrid.app

For those wondering, the “CAF8206F-8348-4AB4-B167-2FE77D15DDBB” is the GUID for the MaaS360 application which is short for “Globally Unique Identifier”, a unique 128-bit number to represent that application.

We would then go into the directory and find what architectures are in the binary and whether the application uses “PIE” (Position Independent Executables) which means the app’s code, data, and stack memory addresses are changing every time you run the app using randomization. This provides an additional layer of security/protection as it makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably and the decryption of these applications difficult as well.

 otool -arch all -Vh GmailHybrid

Figure 3 Find architecturesLuckily the application was only built for one architecture (ARM), otherwise you would need to find and decrypt the architecture that matches the device you are running it on (Possibly a blog post for another day)

It does however show me that the application was packaged using PIE which will affect change how we get the base address later in this article.

Next we will display the status of the application’s encryption

 cd /private/var/mobile/Applications/CAF8206F-8348-4AB4-B167-2FE77D15DDBB/GmailHybrid.app
otool -l GmailHybrid | grep crypt

Figure 4: Show EncryptionThe cryptoff shows that the first byte of encrypted data is 16384 bytes into the file (0x4000 in hexadecimal)

The cryptsize shows 13828096 bytes is the size of the file that is encrypted after the offset defined by the cryptoff

The cryptid shows that the application is indeed encrypted (1 is encrypted, 0 is unencrypted).

If we try to access the class information now, we wouldn’t get much

Figure 5 Encrypted Class Info

Now we will need to determine the base address which we will do by running the application and seeing where it gets loaded into the memory

 # Look for running processes that have GmailHybrid in their name
ps -ax | grep GmailHybrid

This showed that MaaS360 is running under process id 336

336 ??         0:07.74 /var/mobile/Applications/CAF8206F-8348-4AB4-B167-2FE77D15DDBB/GmailHybrid.app/GmailHybrid
478 ttys003    0:00.01 grep GmailHybrid

# Load the process with process id 336 into the debugger tool
gdb -p 336

Figure 5 Get Base AddressNow we will need to find the base address by running “info sharedlibrary” but the output is rather large and will scroll off the screen so we will first set the pager to 20 lines

(gdb) set height 20
(gdb) info sharedlibrary

Figure 6 Get Base Address Part 2So how we know that the base address is 0xb000 (45056), we would then calculate the start and end section of the memory that has the unencrypted version of the application. Remember we had found the cryptoff to be 16384 and cryptsize to be 13828096.

Start address = base address + cryptoff = 45056+16384=61440

End Address =base address + cryptoff + cryptize = 45056+16384+13828096= 13889536

Now we need to dump that memory section:

(gdb) dump memory decrypted.bin 61440 13889536

Congrats, now you have a decrypted version of the application stored in that decrypted.bin file. Since we are done with the application, we can safely kill it and then quit the debugger

Figure 8 Kill ApplicationIt is now a good idea to take a backup of your application file in case something went wrong, you can do so by opening up your favorite ftp client application and browsing the application directory then copying it locally on your PC.

The next step would be to overwrite the decrypted version over the encrypted one inside the application file.

Again remember the cryptoff is 16384 which means we will need to skip those number of bytes when writing back to the application

 dd seek=16384 bs=1 conv=notrunc if=./decrypted.bin of=./GmailHybrid 

If all goes well, you should be able to still use otool on the application, however, the cryptid is still 1 because the application still thinks it is encrypted.

To solve this problem, we will use the ftp client to copy the modified application to your desktop and load it in a hex editor, for the purpose of this part I used “Hex Workshop”.

We will then look for the following hexadecimal value “010000000C00000034” which should be right before “/usr/lib/libresolv.9.dylib” shown in the figures below:

Once found, we will replace the 01 with 00 and try rerunning the otool command

Figure 9 Show Unencrypted

 otool -l GmailHybrid | grep crypt 

Now if we try to access the class information now, we will see a HUGE difference:

Figure 10 Show Class Infomation

Now you can explore the class information of your application to find possible security exploits that you can use to your advantage.

If you have any problems, questions, or concerns please leave a comment below.

Sources:

Decrypting apps on iOS 6 – Part 1: single architecture

Reversing iOS Applications (Part 1)

Dumping Class Information for Encrypted iOS Applications

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Apple, iPad, Jailbreak, Security | Tagged , , , , , , , , , , | 23 Comments

The Downside Of a Fragmented Filesystem or Partition

Having a fragmented filesystem or partition is never good news for your system and may be undetected and uncured for day, weeks, or months resulting in loss of productivity since your computer is operating at a less than 100% efficiency. In this article we take a closer look at fragmentation and a few tips to resolve them.

Continue reading

Found this post useful?

Subscribe to our RSS feed, follow us on Twitter or help us grow by sharing our content using the buttons below

Posted in Linux, Technology, Windows | Tagged , , , | Leave a comment