Fatbob

Androrat

Androrat is an appropriately named remote access tool (or RAT) for Android. In case you're unfamiliar, RATs provide backdoor functionality to an operator, giving access to your system and private data. Androrat recently fell into the spotlight thanks to this Webroot blog post that highlights a user-friendly Android trojan maker. According to the post, Androrat is the default malicious package provided with this software.

Androrat was the project of four university students from France. According to their README, it was completed in one month. It has since been removed from the Github account on which it was hosted, and for privacy reasons these students will not be named here.

A law enforcement agency provided us with a zip file that appears to be a dump of the Github repository. It contained two compiled debug versions of the Androrat APK, the source code for these, and some class files. Additionally, it contained all of the source code for the server as well as its dependencies.

Building

To get the server running, I was able to simply drop all of the source files into an Eclipse project, add the dependencies, and fix up one import that didn't agree with my system. I was pleasantly surprised at how easy this was to get working.

Running

To test that everything was working I ran the server from Eclipse and simply loaded up the debug APK. The debug APK conveniently allows the user to set the server's IP and port. Here we can see the debug apk and the server program:

Functionality

Androrat covers the breadth of Android malware features. From the README:

    ### All the available functionalities are
    * Get contacts (and all theirs informations)
    * Get call logs
    * Get all messages
    * Location by GPS/Network
    * Monitoring received messages in live
    * Monitoring phone state in live (call received, call sent, call missed..)
    * Take a picture from the camera
    * Stream sound from microphone (or other sources..)
    * Streaming video (for activity based client only)
    * Do a toast
    * Send a text message
    * Give call
    * Open an URL in the default browser
    * Do vibrate the phone



After setting up a contact list, a few fake conversations, and a call log I went to test these out. A few of the functions gave errors, but most worked. As well, a few were not compatible with the Android emulator (for example, vibrate).

Communication

In the file inout/Protocol.java the request and response codes are listed. For requests the base number is 100, then a value ranging from 0 to 23 is added to it for the code. This is wrapped with the target channel (multiplexed) and arguments in CommandPacket. Then it is wrapped with other meta info in TransportPacket. The resulting packet data size for requests hovers around 21 bytes.

The APK gives an acknowledgment to requests received. The response message is packed into a custom packet via the following function call sequence (format: ClassName.function):
 
   ProcessCommand.process
-> Client.sendInformation 
-> Connection.sendData 
-> Mux.send 
-> TransportPacket.build

This packet includes the acknowledgement data, total length, data length, the channel (multiplexed), as well as a short and bool for following the packet sequence.

The response codes have a base of 200 and add a value ranging from 0 to 15 to that base. Data being sent is generally built into an array or hash table, then the response is written using ObjectOutputStream.writeObject() and placed into a custom packet. The packet includes the type that was packed. For example, when dumping an SMS to the server, the object type java.util.ArrayList will be included in the packet to indicate what has been written. The fields used in these structures prior to packing are very verbose. As an example, PhoneNumber, SimOperator, and IMEI are used when dumping device information to the server.

The information is sent over TCP with this custom protocol. The default server port is 9999, however, this is configurable.

Conclusion

Since the source code was public, this project provides a significant starting point for new Android malware authors. However, it does not contain any root exploits, it does not attempt to obfuscate the code or communication, and it has not been refined to a point that I would call reliable.

---

MalarkyRam

---

You won't find Happy Gilmore's swing in a manual on golf fundamentals. But then, Gilmore was never one to follow someone else's rules, written or otherwise

The golfing roustabout Adam Sandler brought to life in the eponymous 1996 flick Happy Gilmore was just reincarnated in most excellent fashion by golfers on the European Tour

Watch Phil Mickelson, Paul Lawrie and others at the Scottish Open do their best re-creations of Gilmore's legendary running tee-off in the video above. The clip has become an understandable hit with sports fans online, picking up more than half a million views since hitting the web on Friday Read more...

More about Golf, Entertainment, Videos, and Sports

Monday marks the 30th anniversary of the original Nintendo Entertainment System. It was launched in Japan on July 15, 1983, as the Famicom, and changed the way we played for years to come.

That simple 8-bit console held some of the greatest games of our childhoods, and was the place many popular Nintendo franchises, such as the Super Mario Bros. games, got their start.

Although the Nintendo didn't come to America and Europe until 1985, that hasn't stopped Twitter users from surrounding the #NESMemories hashtag. The tag was started by user Christopher Arnold Sunday night. Read more...

More about Entertainment and Gaming

Thanks Mike (from Spain)

 

It's not really hard to find subtitles online for your digital movie collection, but you can save a couple of steps with the VLSub extension for VLC media player.

Read more...

Lasers are bad for your eyes, so it shouldn't be a surprise they're bad for cameras too. This clip shows exactly how trivial it is for a laser to pop inside a $20,000 piece of equipment and totally scramble its brains.

The camera in question here is a Red EPIC—a bit more expensive than the Canon 5D we saw get taken out a while back. The cam was just minding its own business, filming the Electric Daisy Carnival 2013 in Chicago when it came face-to-face with a laser array. And laser beats sensor.

Fortunately the busted sensor should be replaceable at a cost less than the camera's full $20,000, but it's still a multi-thousand dollar screw-up, and apparently two cameras there got hit. So be careful where you point, well, everything; the damage doesn't look quite awesome enough to justify that cost. [Reddit]

(YouTube link)

Gertie Cleary of Elmsdale, Nova Scotia, saw a raven perched on her fence with porcupine quills stuck in its face. The overly-friendly juvenile raven had a run-in with a porcupine, then made a better choice to let the woman get close. Cleary, wisely wearing loves, did what she had to do.

The bird, clearly in pain, waited for Cleary to get each one of the quills out. Cleary says she didn’t think twice about helping the animal in distress.

“It reminded me of a child with a splinter and when you pull a splinter out, they holler and screech and pull their hand away,” says Cleary.

Once the quills were out, Cleary carried the bird to her daughter’s house, where she fed him dog food and water.

She let the raven, named Wilfred by the Cleary family, outside the next day, and he hung around for a while before flying off. Let's just hope the bird learned his lesson about porcupines. Link  -via Arbroath

An anonymous reader writes "Ben Kruidbos, the IT director for the Florida State Attorney's Office who'd spoken up when important cellphone evidence he'd extracted from Trayvon Martin's cellphone was withheld by the state from the defense, was fired by messenger at 7:30 PM Friday, after closing arguments in the Zimmerman case. He was told that he could not be 'trusted to set foot in this office,' and that he was being fired for incompetence. Kruidbos had received a merit pay raise earlier this year. The firing letter also blames him for consulting a lawyer, an obvious sign of evil."

Read more of this story at Slashdot.

What do you think is going on here? The most logical explanation is that a time traveler has created a paradox by returning to our present from five different points in time. I would guess that five versions of the person are inside the house watching Back to the Future. Redditor jraevis posted this picture of the shenanigans in his neighborhood. If you go see the full-size picture, you'll see the sign says "DeLorean Parking Only." Link

You get only one crayon, but it's the only one you'll need. Mark McCall and Richard Dorey, who are designers in the UK, made a coloring book that brings in the darkness. You can view sample pages at the link.

Link -via Hi-Fructose Magazine

 

via

 

via

 

I want to fucking puke. Good to know blacks can still be still be murdered with impunity.http://www.usatoday.com/story/news/nation/2013/07/13/george-zimmerman-found-not-guilty/2514163/

Thanks Mike (from Spain)

 

 

Thanks Mike (from Spain)

 

(813): So I'm about to drive his drunk ass home and he spits on my car. Before I can say, "Dude, what the fuck?!", he puts his finger to my lips and goes "shhh, its in the past.".

1846, Hannah and Mary Townsend of the Philadelphia Female Anti-Slavery Society wrote a primer for the English alphabet. Staunch abolitionists, they made it very clear to children what the continuation of slavery in the United States meant. Click on "Continue reading" to view more pages from it.

Link -via Kuriositas

Images: Mississippi Department of Archives and History

Worn-out breakup lines are tried-and-true treasures: "It's not you it's me," "I really need to focus on my work," and "I'm just not ready for a serious relationship." But now that we're in the 21st century, it's probably time for some digital jargon to make its way into matters of the heart.

In this Sunday comic, we learn how to end things with that not-so-perfect someone in a way that's tailor made for the tech generation

Comic written by Larry Lambert; illustrated by Jerry King. Read more...

More about Comic, Dating, Comics, Humor, and Watercooler

Portland, Oregon-based photographer and artist Mako Miyamoto (aka “neon werewolf“) has taken a wonderful series of photos that follow a group of Wookiees in real-life situations. You can view more photos from this collection on his personal website, Facebook and Behance. Prints are available to purchase online at Imagekind.

photos via neon werewolf

via TieFighters, Ian Brooks

(YouTube link)

Jemima the goat has a nice dinner at the table, with utensils, red wine, and a tasty newspaper. -via Daily Picks and Flicks