Mobile Hacker
@mobilehacker.bsky.social
CVE-2025-10184 is permission bypass that affects multiple OnePlus devices running OxygenOS 12–15 (NOT FIXED) with PoC
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
www.rapid7.com/blog/post/cv...
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
www.rapid7.com/blog/post/cv...
September 25, 2025 at 12:55 PM
CVE-2025-10184 is permission bypass that affects multiple OnePlus devices running OxygenOS 12–15 (NOT FIXED) with PoC
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
www.rapid7.com/blog/post/cv...
This vulnerability allows any application installed on the device to read SMS/MMS without permission, user interaction, or consent.
www.rapid7.com/blog/post/cv...
Deobfuscating Android Apps with Androidmeda LLM: A Smarter Way to Read Obfuscated Code
✅As a bonus, example of deobfuscating Crocodilus Malware
www.mobile-hacker.com/2025/07/22/d...
✅As a bonus, example of deobfuscating Crocodilus Malware
www.mobile-hacker.com/2025/07/22/d...
Deobfuscating Android Apps with Androidmeda: A Smarter Way to Read Obfuscated Code
I came across a new tool—Androidmeda—that caught my attention. It attempts to deobfuscate decompiled Android code using a large language model (LLMs). I decided to give it a try, and to my surprise, t...
www.mobile-hacker.com
July 23, 2025 at 8:14 AM
Deobfuscating Android Apps with Androidmeda LLM: A Smarter Way to Read Obfuscated Code
✅As a bonus, example of deobfuscating Crocodilus Malware
www.mobile-hacker.com/2025/07/22/d...
✅As a bonus, example of deobfuscating Crocodilus Malware
www.mobile-hacker.com/2025/07/22/d...
How To Turn Old Android Smartphone into Travel Router With NAS
www.mobile-hacker.com/2025/07/21/h...
www.mobile-hacker.com/2025/07/21/h...
How To Turn Old Android Smartphone into Travel Router With NAS Mobile Hacker
It’s not perfect, but it works—a clever DIY project that blends portability, privacy, and practicality.
www.mobile-hacker.com
July 21, 2025 at 8:39 AM
How To Turn Old Android Smartphone into Travel Router With NAS
www.mobile-hacker.com/2025/07/21/h...
www.mobile-hacker.com/2025/07/21/h...
Keyboard Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
www.mobile-hacker.com/2025/07/17/r...
www.mobile-hacker.com/2025/07/17/r...
Remote Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
On June 13, 2025 was disclosed vulnerability in the iOS version of the Air Keyboard app that exposes users to remote input injection over Wi-Fi. The flaw, documented in CXSecurity Report, allows an at...
www.mobile-hacker.com
July 17, 2025 at 7:41 AM
Keyboard Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
www.mobile-hacker.com/2025/07/17/r...
www.mobile-hacker.com/2025/07/17/r...
The first version of Bitchat Android app was published yesterday
It is open-source, private, secure messaging app without needing the internet, that relies on Bluetooth mesh network
www.mobile-hacker.com/2025/07/10/o...
It is open-source, private, secure messaging app without needing the internet, that relies on Bluetooth mesh network
www.mobile-hacker.com/2025/07/10/o...
Offline, Encrypted, and Private Messaging using new Bitchat Bluetooth App
Bitchat app is designed for private, secure communication without needing the internet. Instead, it uses a Bluetooth mesh network, meaning your messages travel directly between nearby phones — no serv...
www.mobile-hacker.com
July 10, 2025 at 9:56 AM
The first version of Bitchat Android app was published yesterday
It is open-source, private, secure messaging app without needing the internet, that relies on Bluetooth mesh network
www.mobile-hacker.com/2025/07/10/o...
It is open-source, private, secure messaging app without needing the internet, that relies on Bluetooth mesh network
www.mobile-hacker.com/2025/07/10/o...
How to Install Gemini CLI on Android using Termux
www.mobile-hacker.com/2025/07/09/h...
www.mobile-hacker.com/2025/07/09/h...
July 9, 2025 at 7:31 AM
How to Install Gemini CLI on Android using Termux
www.mobile-hacker.com/2025/07/09/h...
www.mobile-hacker.com/2025/07/09/h...
Vibe Hacking with Nmap using Android
www.mobile-hacker.com/2025/07/07/v...
www.mobile-hacker.com/2025/07/07/v...
July 7, 2025 at 8:57 AM
Vibe Hacking with Nmap using Android
www.mobile-hacker.com/2025/07/07/v...
www.mobile-hacker.com/2025/07/07/v...
FileFix – New Alternative to ClickFix Attack
www.mobile-hacker.com/2025/06/24/i...
www.mobile-hacker.com/2025/06/24/i...
Introducing FileFix – A New Alternative to ClickFix Attacks
A new browser attack vectors just dropped, and it’s called FileFix — an alternative to the well-known ClickFix attack. This method, discovered and shared by mrd0x, shows how attackers can to execute c...
www.mobile-hacker.com
June 24, 2025 at 2:53 PM
FileFix – New Alternative to ClickFix Attack
www.mobile-hacker.com/2025/06/24/i...
www.mobile-hacker.com/2025/06/24/i...
How to use ADB & fastboot in Termux without root
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
www.mobile-hacker.com/2025/06/16/h...
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
www.mobile-hacker.com/2025/06/16/h...
How to Run ADB and Fastboot on a Non-Rooted Android Smartphone Using Termux
Thanks to Termux and the clever termux-adb project, you can run ADB and Fastboot directly from your phone — no computer needed. This guide breaks down how to install it, how it works, and practical us...
www.mobile-hacker.com
June 16, 2025 at 7:33 AM
How to use ADB & fastboot in Termux without root
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
www.mobile-hacker.com/2025/06/16/h...
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
www.mobile-hacker.com/2025/06/16/h...
Stryker - Android pentesting app with premium access now free until 2050!
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
www.mobile-hacker.com/2025/06/12/s...
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
www.mobile-hacker.com/2025/06/12/s...
Stryker App Goes Free: The Ultimate Mobile Pentesting Toolkit
Stryker is a powerful mobile app that transforms your Android device into a pentesting workspace. Designed to help you test networks and devices for common vulnerabilities without requiring specialize...
www.mobile-hacker.com
June 12, 2025 at 9:45 AM
Stryker - Android pentesting app with premium access now free until 2050!
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
www.mobile-hacker.com/2025/06/12/s...
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
www.mobile-hacker.com/2025/06/12/s...
Locating Smartphones Using Seeker: How a Simple Link Can Reveal Your Smartphone’s Location
www.mobile-hacker.com/2025/06/10/s...
www.mobile-hacker.com/2025/06/10/s...
Seeker: How a Simple Link Can Reveal Your Smartphone’s Location
What if someone could pinpoint your smartphone's location and gather detailed device information without you ever installing a malicious app? This is precisely what the Seeker tool is designed to demo...
www.mobile-hacker.com
June 10, 2025 at 11:28 PM
Locating Smartphones Using Seeker: How a Simple Link Can Reveal Your Smartphone’s Location
www.mobile-hacker.com/2025/06/10/s...
www.mobile-hacker.com/2025/06/10/s...
Transform Your Old Smartphone into a Pocket Cyberdeck with Kali NetHunter
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
www.mobile-hacker.com/2025/06/06/t...
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
www.mobile-hacker.com/2025/06/06/t...
Transform Your Old Smartphone into a Pocket Cyberdeck with Kali NetHunter
This setup serves as a convenient alternative to carrying a full-sized laptop or struggling with a smartphone’s virtual keyboard for complex technical tasks. It offers comfortable typing and an effici...
www.mobile-hacker.com
June 6, 2025 at 6:48 AM
Transform Your Old Smartphone into a Pocket Cyberdeck with Kali NetHunter
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
www.mobile-hacker.com/2025/06/06/t...
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
www.mobile-hacker.com/2025/06/06/t...
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
👉 Smartphone espionage doesn’t need expensive exploits. Cheap tools like SpyMax with targeted phishing a social engineering can breach even military targets - no 0-days required
www.mobile-hacker.com/2025/06/05/a...
👉 Smartphone espionage doesn’t need expensive exploits. Cheap tools like SpyMax with targeted phishing a social engineering can breach even military targets - no 0-days required
www.mobile-hacker.com/2025/06/05/a...
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
This case demonstrates that effective smartphone espionage doesn't always require expensive zero-day exploits or the development of sophisticated, custom and undetected spyware. Instead, attackers can...
www.mobile-hacker.com
June 5, 2025 at 8:10 AM
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
👉 Smartphone espionage doesn’t need expensive exploits. Cheap tools like SpyMax with targeted phishing a social engineering can breach even military targets - no 0-days required
www.mobile-hacker.com/2025/06/05/a...
👉 Smartphone espionage doesn’t need expensive exploits. Cheap tools like SpyMax with targeted phishing a social engineering can breach even military targets - no 0-days required
www.mobile-hacker.com/2025/06/05/a...
Vulnerabilities Found in Preinstalled apps on Android Smartphones
3rd party app installed on a device could misuse vulnerabilities to:
✅perform factory reset of device
✅exfiltrate PIN code
✅inject an arbitrary intent with system-level privileges
www.mobile-hacker.com/2025/06/02/s...
3rd party app installed on a device could misuse vulnerabilities to:
✅perform factory reset of device
✅exfiltrate PIN code
✅inject an arbitrary intent with system-level privileges
www.mobile-hacker.com/2025/06/02/s...
Security Issues Found in preinstalled apps on Android Smartphones
Security researchers have uncovered several critical vulnerabilities in applications preloaded on Ulefone and Krüger&Matz Android smartphones. These flaws, reported by CERT Polska, expose users to sig...
www.mobile-hacker.com
June 2, 2025 at 9:37 AM
Vulnerabilities Found in Preinstalled apps on Android Smartphones
3rd party app installed on a device could misuse vulnerabilities to:
✅perform factory reset of device
✅exfiltrate PIN code
✅inject an arbitrary intent with system-level privileges
www.mobile-hacker.com/2025/06/02/s...
3rd party app installed on a device could misuse vulnerabilities to:
✅perform factory reset of device
✅exfiltrate PIN code
✅inject an arbitrary intent with system-level privileges
www.mobile-hacker.com/2025/06/02/s...
I was playing around with new and smaller HackRF PortaPack H4M.
In a summary blog, you can find what's new with H4M, how to flash it, copy necessary data, and a couple of use-cases.
www.mobile-hacker.com/2025/05/19/h...
In a summary blog, you can find what's new with H4M, how to flash it, copy necessary data, and a couple of use-cases.
www.mobile-hacker.com/2025/05/19/h...
HackRF PortaPack H4M with Mayhem Firmware – A Powerful Handheld SDR Toolkit
In the Q4 of 2024, a new SDR (Software Defined Radio) was released: the HackRF PortaPack H4M, shipping with the Mayhem firmware. Whether you’re a hobbyist, hacker, ham radio enthusiast, or security re...
www.mobile-hacker.com
May 19, 2025 at 1:09 PM
I was playing around with new and smaller HackRF PortaPack H4M.
In a summary blog, you can find what's new with H4M, how to flash it, copy necessary data, and a couple of use-cases.
www.mobile-hacker.com/2025/05/19/h...
In a summary blog, you can find what's new with H4M, how to flash it, copy necessary data, and a couple of use-cases.
www.mobile-hacker.com/2025/05/19/h...
Feberis Pro: I have tested a new 4-in-1 Expansion Board for Flipper Zero
www.mobile-hacker.com/2025/03/31/f...
www.mobile-hacker.com/2025/03/31/f...
Feberis Pro: The Ultimate 4-in-1 Expansion Board for Flipper Zero
In a previous blog post, I introduced Feberis, a versatile expansion board that enhanced the capabilities of the Flipper Zero by offering additional communication protocols. Now, I am excited to dive ...
www.mobile-hacker.com
March 31, 2025 at 11:37 AM
Feberis Pro: I have tested a new 4-in-1 Expansion Board for Flipper Zero
www.mobile-hacker.com/2025/03/31/f...
www.mobile-hacker.com/2025/03/31/f...
EvilLoader: Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android.
The exploit has been sold on underground forum since January 2025.
✅Don't install external players if requested by received corrupted video file on Telegram.
www.mobile-hacker.com/2025/03/05/e...
The exploit has been sold on underground forum since January 2025.
✅Don't install external players if requested by received corrupted video file on Telegram.
www.mobile-hacker.com/2025/03/05/e...
EvilLoader: Unpatched Telegram for Android Vulnerability Disclosed
A newly disclosed in Telegram for Android, dubbed EvilLoader, allows attackers to disguise malicious APKs as video files, potentially leading to unauthorized malware installations on users' devices.
www.mobile-hacker.com
March 5, 2025 at 8:41 AM
EvilLoader: Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android.
The exploit has been sold on underground forum since January 2025.
✅Don't install external players if requested by received corrupted video file on Telegram.
www.mobile-hacker.com/2025/03/05/e...
The exploit has been sold on underground forum since January 2025.
✅Don't install external players if requested by received corrupted video file on Telegram.
www.mobile-hacker.com/2025/03/05/e...
How to build portable Kali box with Raspberry Pi and Touchscreen
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
www.mobile-hacker.com/2025/02/26/b...
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
www.mobile-hacker.com/2025/02/26/b...
Building a Portable Kali Box with Raspberry Pi and Touchscreen
In this guide, I will walk you through the process of setting up a Raspberry Pi with a 3.5-inch touchscreen running Kali Linux. This compact yet powerful setup is perfect for on-the-go penetration tes...
www.mobile-hacker.com
February 26, 2025 at 10:51 AM
How to build portable Kali box with Raspberry Pi and Touchscreen
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
www.mobile-hacker.com/2025/02/26/b...
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
www.mobile-hacker.com/2025/02/26/b...
60-pages guide on how to use Bettercap on Android
www.mobile-hacker.com/2025/02/21/b...
www.mobile-hacker.com/2025/02/21/b...
Bettercap on Android: A Portable Network Security Toolkit
This setup is not only lightweight and portable but also ensures that a pentester can operate in plain sight, appearing as just another person on their phone. In this guide, we'll show you how to inst...
www.mobile-hacker.com
February 21, 2025 at 9:43 AM
60-pages guide on how to use Bettercap on Android
www.mobile-hacker.com/2025/02/21/b...
www.mobile-hacker.com/2025/02/21/b...
Evil Crow RF: A Portable Radio Frequency Device compatible with Flipper Zero Sub-GHz file format
www.mobile-hacker.com/2025/02/11/e...
www.mobile-hacker.com/2025/02/11/e...
Evil Crow RF: A Portable Radio Frequency Device
This tool expands your smartphone’s capabilities, allowing you to dive into RF analysis, penetration testing, and signal manipulation—bringing mobile hacking to a whole new level.
www.mobile-hacker.com
February 11, 2025 at 7:39 AM
Evil Crow RF: A Portable Radio Frequency Device compatible with Flipper Zero Sub-GHz file format
www.mobile-hacker.com/2025/02/11/e...
www.mobile-hacker.com/2025/02/11/e...
USB Army Knife: Close Access Pentest Tool
It is capable of remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
www.mobile-hacker.com/2025/01/24/u...
It is capable of remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
www.mobile-hacker.com/2025/01/24/u...
USB Army Knife: The Ultimate Close Access Penetest Tool
Whether you want to transform into a USB Ethernet adapter and capture network traffic, create custom user interface for your attacks, or use covert storage devices, the USB Army Knife has you covered.
www.mobile-hacker.com
January 24, 2025 at 9:24 AM
USB Army Knife: Close Access Pentest Tool
It is capable of remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
www.mobile-hacker.com/2025/01/24/u...
It is capable of remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
www.mobile-hacker.com/2025/01/24/u...
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
www.mobile-hacker.com/2025/01/09/b...
www.mobile-hacker.com/2025/01/09/b...
January 9, 2025 at 8:43 AM
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
www.mobile-hacker.com/2025/01/09/b...
www.mobile-hacker.com/2025/01/09/b...
Explore #Marauder firmware on Cheap Yellow Display with all of its features 👇
www.mobile-hacker.com/2024/12/23/e...
www.mobile-hacker.com/2024/12/23/e...
January 3, 2025 at 11:51 AM
Explore #Marauder firmware on Cheap Yellow Display with all of its features 👇
www.mobile-hacker.com/2024/12/23/e...
www.mobile-hacker.com/2024/12/23/e...
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
www.mobile-hacker.com/2024/12/29/r...
www.mobile-hacker.com/2024/12/29/r...
December 29, 2024 at 2:06 PM
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
www.mobile-hacker.com/2024/12/29/r...
www.mobile-hacker.com/2024/12/29/r...
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
www.mobile-hacker.com/2024/12/23/e...
www.mobile-hacker.com/2024/12/23/e...
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
In this blog, I will focus on the most popular offensive security projects such as Marauder, Bruce and Ghost ESP to get most of this device and compare them in the end.
www.mobile-hacker.com
December 24, 2024 at 8:33 AM
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
www.mobile-hacker.com/2024/12/23/e...
www.mobile-hacker.com/2024/12/23/e...