Vulnerable Android app ES File Explorer | Man in the middle attack ( MITM) | ESET Mobile Security
Vložit
- čas přidán 15. 01. 2019
- ES File Explorer File Manager app is vulnerable to Man-In-The-Middle (MitM) attack - CVE-2019-8345.
This Vulnerable Android application has over 100 Million installs on Google Play store. ESET Mobile Security. ES File Explorer Security Risk.
Scenario:
Attacker has to be connected to the same network as the victim (Starbucks, coffee shop, public wifi...) to intercept victim's traffic.
App uses instead of secured HTTPS protocol HTTP that could be controlled by adversary if on same local network.
This vulnerability was found after @fs0c131y published Open Port Vulnerability in the same app. You can watch it here: • ES File Explorer Open ...
For more Android Security info Subscribe & Follow me on Twitter: / lukasstefanko
Now I do understand
You were the reason of removing it from the play store
So basically you're doing a MiTM attack on your home network? It's not a vuln in es file explorer at all mate
How to get install freely zanti.?
Pls make videos on streameable/yt
6,025 people have visited Evil.com after watching this video XD
Does this affect all versions of es explorer? I am using a very old version 3.2.5
Yes. All version until v4.1.9.7.4 are affected.
Which software did you use for mitm
I used zANTI app. It is really easy to setup and convenient to use if you have 2 Android devices.
The victim device needa be rooted!!
Actually not, victim's device don't have to be rooted. MITM works on not rooted mobile devices or PC's on local network.
I exp a MITM attack where they intercepted my pay on Uber. And I have been continually followed. What is the best thing I can use for this wannabe kidnapper.
Which Software you have used in this Video. From where I can download it. Can you give me a link?
I used zANTI app. You can download it from here www.zimperium.com/zanti-mobile-penetration-testing.
Thanks
@@mobilehacker How to install ZanT
Brother in android version you used zanti app
How to setup zanti?
Can u make a vedio on zanti . Its crashing in my rooted android i gave it all permission
please make a video How I can hide my identity during hacking
what the best alternative ??
Mixplorer from XDA
Face reveal