Detect Spywares On Your Mobile Device Without Big Efforts #Part 2
Spywares links a connection to between the client (victim) and the provider (attacker). When a spyware reach your device, it suddenly boosts networking traffic to up and opening a port via IP host.
If a victim focus especially in IP and its ports; it becomes with huge benefits.
Lets begin to how to detect that:
Journey On The Store
Navigate to: Store or Browser -> ApkMirror website -> Terminal Emulator app
https://www.apkmirror.com/apk/jack-palevich/terminal-emulator/#variants
or
http://play.google.com/store/apps/details?id=jackpal.androidterm
Don't forget to scan downloaded file via Virustotal website.
After installing that app;
Navigate to: Store or Browser -> ApkMirror website -> BusyBox app
Refer to that BusyBox app, gain root permission and let's install it in /system/xbin section
Crime Scene Investigation
After done these process, open the Terminal Emulator app and let's see what can we do;
press:
command via that app and let's see the sample output:
Especially on the same lines of between the *Established, *Listening or *Connected tabs, you need to look around the *Foreign address.
If you see any suspicious foreign address or not sure about possibilities of any spywares;
Navigate to: Browser -> https://ipinfo.io Web Site
and press that to be examined address into search bar:
Spywares links a connection to between the client (victim) and the provider (attacker). When a spyware reach your device, it suddenly boosts networking traffic to up and opening a port via IP host.
If a victim focus especially in IP and its ports; it becomes with huge benefits.
Lets begin to how to detect that:
Journey On The Store
Navigate to: Store or Browser -> ApkMirror website -> Terminal Emulator app
https://www.apkmirror.com/apk/jack-palevich/terminal-emulator/#variants
or
http://play.google.com/store/apps/details?id=jackpal.androidterm
Don't forget to scan downloaded file via Virustotal website.
After installing that app;
Navigate to: Store or Browser -> ApkMirror website -> BusyBox app
Refer to that BusyBox app, gain root permission and let's install it in /system/xbin section
Crime Scene Investigation
After done these process, open the Terminal Emulator app and let's see what can we do;
press:
Kod:
netstat -l
command via that app and let's see the sample output:
Especially on the same lines of between the *Established, *Listening or *Connected tabs, you need to look around the *Foreign address.
If you see any suspicious foreign address or not sure about possibilities of any spywares;
Navigate to: Browser -> https://ipinfo.io Web Site
and press that to be examined address into search bar: