KasperskyLab/TinyCheck

GitHub

github.com

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases7

Frequency2 weeks 5 days

Last Release almost 5 years ago

Stars3.08K

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-36199 ↗	Jan 26, 2021Tuesday, 26 January 2021, 18:15	9.8 CRITICAL	7.5 HIGH
TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command injection due to insufficient checks of input parameters in several places.
CVE-2020-36200 ↗	Jan 26, 2021Tuesday, 26 January 2021, 18:15	6.5 MEDIUM	4 MEDIUM
TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated attacker to send an HTTP GET request to the crafted URLs.
CVE-2020-35929 ↗	Jan 19, 2021Tuesday, 19 January 2021, 17:15	9.8 CRITICAL	5 MEDIUM
In TinyCheck before commits 9fd360d and ea53de8, the installation script of the tool contained hard-coded credentials to the backend part of the tool. This information could be used by an attacker for unauthorized access to remote data.