1 control de versiones - amazon s3 … · 7 análisis ssl heartbleed cve-2014-0160 no vulnerable...
TRANSCRIPT
........................................................................................... 2
......................................................................................................... 5
................................................................................................................ 6
......................................................................................................... 6
.................................................................................................................. 7
................................................................................ 8
............................ 8
..................... 9
..................... 10
.......................................................................................................... 10
......................................................................................................... 10
................................................................................... 10
........................................................................... 11
....................................................................................................................... 11
....................................................................................................... 12
.................................................................. 12
.......................................................................................................... 14
...................................................................................... 15
................................................ 15
......................................................................................................... 16
........................................................................................................ 16
....................................................................................... 16
..................................................................................................... 17
.......................................................................................................... 17
.......................................................................................................... 17
....................................................................................... 17
............................................................................ 17
............................................................................................ 18
............................................................................ 22
.......................................................................................................... 22
................................................................................................................ 23
192.168.254.155 50.22.89.18 TLS v1.2 Sitio web khipu
192.168.254.155 23.14.70.224 TLS v1.2 Sitio web Santander
192.168.254.155 200.29.162.187 TLS v1.2 Sitio web Banco Estado
192.168.254.155 200.14.130.2 TLS v1.2 Sitio web Banco Chile
IOS
Origen Destino Tipo de Tráfico Descripción
192.168.254.112 50.22.89.18 TLS v1.2 Sitio web khipu
192.168.254.112 23.14.70.224 TLS v1.2 Sitio web Santander
192.168.254.112 170.233.152.16 TLS v1.2 Sitio web Banco Es-
tado
192.168.254.112 200.14.130.2 TLS v1.2 Sitio web Banco Chile
7 Análisis SSL
Heartbleed CVE-2014-0160 No vulnerable
CCS CVE-2014-0224 No vulnerable
Secure Renegotiation CVE-2009-3555 No vulnerable
Secure Client-Initiated
Renegotiation CVE-2011-1473 No vulnerable
CRIME CVE-2012-4929 No vulnerable
BREACH CVE-2013-3587 No vulnerable
POODLE CVE-2014-3566 No vulnerable
TLS_FALLBACK_SCSV RFC 7507 No vulnerable
SWEET32 CVE-2016-2183 No vulnerable
FREAK CVE-2015-0204 No vulnerable
DROWN CVE-2016-0703 No vulnerable
LOGJAM CVE-2015-4000 No vulnerable
BEAST CVE-2011-3389
LUCKY13 CVE-2013-0169
8 Ethical Hacking Mobile
Desempaquetado
Decompilación
Análisis de integridad
Análisis de metadatos
Análisis de strings
Búsqueda con expresiones regulares
Análisis en VirusTotal (malware)
SHA256 3389e93d42d229276738a6eca184770b19b4904f289bda2a1c0178e6d09
2fcba
Tamaño 5.32 MB
Tipo Android
URLs Interesantes 5
IPs encontradas 0
Emails encontrados 0
1. https://khipu.com/payment/simplified/
2. https://khipu.com/payment/show/
3. https://khipu.com/payment/end/
4. https://khipu.com/cerebro/
5. https://khipu.com/app/2.0/automaton
SHA256 bf7f1360f92dc9f5f6c4b845fa4bcc240754410638b4acb92ca4161
82b132949
Tamaño 13.91 MB
Tipo iPhone
URLs Interesantes 0
IPs encontradas 0
Emails encontrados 0
Ad-Aware
Ad-Aware
AegisLab
AegisLab
AhnLab-V3
AhnLab-V3
Alibaba
Alibaba
ALYac
ALYac
Antiy-AVL
Antiy-AVL
Arcabit
Arcabit
Avast
Avast
AVG
AVG
Avira
Avira
AVware
AVware
Baidu
Baidu
BitDefender
BitDefender
Bkav
Bkav
CAT-QuickHeal
CAT-QuickHeal
ClamAV
ClamAV
CMC
CMC
Comodo
Comodo
Cyren
Cyren N/A
DrWeb
DrWeb
Emsisoft
Emsisoft
eScan
eScan
ESET-NOD32
ESET-NOD32 N/A
F-Prot
F-Prot
F-Secure
F-Secure
Fortinet
Fortinet
GData
GData
Ikarus
Ikarus
Jiangmin
Jiangmin
K7AntiVirus N/A K7AntiVirus N/A
K7GW
K7GW
Kaspersky
Kaspersky
Kingsoft
Kingsoft
Malwarebytes
Malwarebytes
MAX
MAX
McAfee
McAfee
McAfee-GW-Edition
McAfee-GW-Edition
Microsoft
Microsoft
NANO-Antivirus
NANO-Antivirus
nProtect
nProtect
Panda
Panda
Qihoo-360
Qihoo-360
Rising
Sophos AV
Sophos AV N/A SUPERAntiSpyware N/A
SUPERAntiSpyware
Symantec
Symantec
Tencent
Symantec Mobile Insight
TheHacker
Tencent N/A VBA32 N/A
TheHacker
VIPRE
TrendMicro
ViRobot
TrendMicro-HouseCall
Webroot
Trustlook
WhiteArmor
VBA32
Yandex
VIPRE
Zillya
ViRobot
ZoneAlarm
Webroot
Zoner
WhiteArmor
Yandex
Zillya
ZoneAlarm
Zoner
9 Vulnerabilidades declaradas
10 Anexos
android_septiembre.cap fdcb60b2053b0f4a194e48cb1bfb93cd
ios_septiembre.cap 552251c591b798113dec187cdb2b2689