SlideShare ist ein Scribd-Unternehmen logo
1 von 16
Downloaden Sie, um offline zu lesen
HackingHacking
MobileMobile
Novizul Evendi
FO Techno-OS & T'Lab
Outline
● Introduce
● Bluetooth Hacking
● Internet Conection Hacking
● Remote Hacking
● Backtrak On Phone Hacking
Introduce
Bluetooth Hacking
Hacking Bluetooh enabled mobile
phones and beyond
– Wire replacement technology
– Low power
– Short range 10m - 100m
– 2.4 GHz
– 1 Mb/s data rate
Bluetooth Hacking
Architecture
– Hardware layer
● Radio, Baseband and Link Manager
● Access through Host Controller
Interface
– Hardware abstraction
– Standards for USB and UART
– Host protocol stack
● L2CAP, RFCOMM, BNEP, AVDTP etc.
– Profile implementations
● Serial Port, Dialup, PAN, HID
etc.
Bluetooth Hacking
Bluetooth Protocol Stack
Bluetooth Hacking
– Trivial OBEX PUSH channel attack
● obexapp (FreeBSD)
● PULL known objects instead of PUSH
● No authentication
– IrMC (Specifications for Ir Mobile
Communications)
● Infrared Data Association
– e.g. telecom/pb.vcf
– Ericsson R520m, T39m, T68
– Sony Ericsson T68i, T610, Z1010
– Nokia 6310, 6310i, 8910, 8910i
Bluetooth Hacking
– Early adopters abuse 'Name'
field to send message
– Now more commonly send
'Business Card' with message
via OBEX
– 'Toothing' - Casual sexual
liasons
Bluetooth Hacking
HelloMoto
– Requires entry in 'Device
History'
– OBEX PUSH to create entry
– Connect RFCOMM to Handsfree or
Headset
● No Authentication required
● Full AT command set access
– Motorola V80, V5xx, V6xx and
E398
Bluetooth Hacking
Blooover is performing the BlueBug attack
● Reading phonebooks
● Writing phonebook entries
● Reading/decoding SMS stored on the
device (buggy..)
● Setting Call forward (predef.
Number) +49 1337 7001
● Initiating phone call (predef.
Number) 0800 2848283
– Not working well on Nokia
phones :( but on some T610
Bluetooth Hacking
– How come!?
● Various Manufacturers poorly
implemented the Bluetooth
security mechanisms
● Unpublished services on RFCOMM
channels
– Not announced via SDP
– Connecting to unpublished HS service
without pairing!
● Nokia has quite a lot of models
(6310, 6310i, 8910,8910i,...)
● Sony Ericsson T86i, T610, ...
● Motorola has similar problems (see
HeloMoto)
Internet Conection Hacking
● Bluetooth Dialup (wvdial etc.)
● PAN Sharing internet
● Bluetooth/cable to Wifi ad hoc
● Tethering
● Etc
Remote Hacking
● Remote PC (anyremote, etc)
– Get Desktop
– Control PC
– Etc
● Remote Server
(java, sisx, etc)
– Putty
– FloydSSH
– MidpSSH
– etc
On Phone Hacking
● Gitbrew has been able to install
Backtrack 5 on a rooted Android
phone
● By using Debdroid, users run Linux
distros built for ARM devices.
:Visit Me at
. . .www tlab co id
. - .www techno os net
End
:Contact Me at
@ . .karuwak tlab co id
= .Ym Novizul karuwak
Powerd by T'Lab
Technology Open Source Laboratory
Live Demo!!

Weitere ähnliche Inhalte

Was ist angesagt?

T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500
T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500
T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500Trimatrik Multimedia
 
Internet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewInternet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewSwapnil Deshmukh
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet ReportAhmed Mater
 
St5819 vc specification-www.ttbvs.com
St5819 vc specification-www.ttbvs.comSt5819 vc specification-www.ttbvs.com
St5819 vc specification-www.ttbvs.comTTBVS
 
Security in today's World
Security in today's WorldSecurity in today's World
Security in today's WorldMarian Marinov
 

Was ist angesagt? (8)

Wireless security
Wireless securityWireless security
Wireless security
 
T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500
T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500
T 7800 series ip pa sytem amplifier t-7860 t-78120 t-78240 t-78350 t-78500
 
Encryption
EncryptionEncryption
Encryption
 
Internet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewInternet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes preview
 
Hijacking bluetooth headsets
Hijacking bluetooth headsetsHijacking bluetooth headsets
Hijacking bluetooth headsets
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
 
St5819 vc specification-www.ttbvs.com
St5819 vc specification-www.ttbvs.comSt5819 vc specification-www.ttbvs.com
St5819 vc specification-www.ttbvs.com
 
Security in today's World
Security in today's WorldSecurity in today's World
Security in today's World
 

Andere mochten auch

Mobile Growth Hacking w/ Branch Metrics
Mobile Growth Hacking w/ Branch MetricsMobile Growth Hacking w/ Branch Metrics
Mobile Growth Hacking w/ Branch MetricsWei-Ling Anny Hsu
 
Wireless Hacking Fast Track
Wireless Hacking Fast TrackWireless Hacking Fast Track
Wireless Hacking Fast TrackNovizul Evendi
 
Outline course Backtrak Pentest
Outline course Backtrak PentestOutline course Backtrak Pentest
Outline course Backtrak PentestNovizul Evendi
 
Information System Security
Information System SecurityInformation System Security
Information System SecurityNovizul Evendi
 
Hacking Is Not Always a Crime
Hacking Is Not Always a CrimeHacking Is Not Always a Crime
Hacking Is Not Always a CrimeNovizul Evendi
 
Modul praktikum hardware dan software
Modul praktikum hardware dan softwareModul praktikum hardware dan software
Modul praktikum hardware dan softwarejoko2016
 
Modul teknisi komputer kursus
Modul teknisi komputer kursusModul teknisi komputer kursus
Modul teknisi komputer kursusalpi sahrin
 
Cehv8 - Module 16: Hacking Mobile Platforms
Cehv8 - Module 16: Hacking Mobile PlatformsCehv8 - Module 16: Hacking Mobile Platforms
Cehv8 - Module 16: Hacking Mobile PlatformsVuz Dở Hơi
 
Growth Hacking Mobile App
Growth Hacking Mobile AppGrowth Hacking Mobile App
Growth Hacking Mobile AppEmpatika
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareAmmar WK
 
10 Growth Hacks for Mobile Apps
10 Growth Hacks for Mobile Apps10 Growth Hacks for Mobile Apps
10 Growth Hacks for Mobile AppsWhalla Labs
 

Andere mochten auch (19)

Mobile Growth Hacking w/ Branch Metrics
Mobile Growth Hacking w/ Branch MetricsMobile Growth Hacking w/ Branch Metrics
Mobile Growth Hacking w/ Branch Metrics
 
Wireless Hacking Fast Track
Wireless Hacking Fast TrackWireless Hacking Fast Track
Wireless Hacking Fast Track
 
E-commerce
E-commerceE-commerce
E-commerce
 
Outline course Backtrak Pentest
Outline course Backtrak PentestOutline course Backtrak Pentest
Outline course Backtrak Pentest
 
T'Lab
T'LabT'Lab
T'Lab
 
Dialog Technoprener
Dialog Technoprener Dialog Technoprener
Dialog Technoprener
 
Small servers
Small serversSmall servers
Small servers
 
Information System Security
Information System SecurityInformation System Security
Information System Security
 
Hacking Is Not Always a Crime
Hacking Is Not Always a CrimeHacking Is Not Always a Crime
Hacking Is Not Always a Crime
 
Modul praktikum hardware dan software
Modul praktikum hardware dan softwareModul praktikum hardware dan software
Modul praktikum hardware dan software
 
Modul teknisi komputer kursus
Modul teknisi komputer kursusModul teknisi komputer kursus
Modul teknisi komputer kursus
 
Virtualisasi Hacking
Virtualisasi HackingVirtualisasi Hacking
Virtualisasi Hacking
 
Cehv8 - Module 16: Hacking Mobile Platforms
Cehv8 - Module 16: Hacking Mobile PlatformsCehv8 - Module 16: Hacking Mobile Platforms
Cehv8 - Module 16: Hacking Mobile Platforms
 
Growth Hacking Mobile App
Growth Hacking Mobile AppGrowth Hacking Mobile App
Growth Hacking Mobile App
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
10 Growth Hacks for Mobile Apps
10 Growth Hacks for Mobile Apps10 Growth Hacks for Mobile Apps
10 Growth Hacks for Mobile Apps
 
Mobile Hacking
Mobile HackingMobile Hacking
Mobile Hacking
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 

Ähnlich wie Hacking Backtrak Mobile

Hack.lu 2006 - All your Bluetooth is belong to us
Hack.lu 2006 - All your Bluetooth is belong to usHack.lu 2006 - All your Bluetooth is belong to us
Hack.lu 2006 - All your Bluetooth is belong to usThierry Zoller
 
Bluetooth Technology
Bluetooth TechnologyBluetooth Technology
Bluetooth TechnologyVishal Arora
 
Bluetooth Aplication
Bluetooth AplicationBluetooth Aplication
Bluetooth AplicationEr Bhaduri
 
Mastering your home network - Do It Yourself
Mastering your home network - Do It YourselfMastering your home network - Do It Yourself
Mastering your home network - Do It Yourselfjulien pauli
 
WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017Juan De Bravo
 
2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different thingsVOIP2DAY
 
23c3 Bluetooth hacking revisited
23c3 Bluetooth hacking revisited23c3 Bluetooth hacking revisited
23c3 Bluetooth hacking revisitedThierry Zoller
 
Attack presentation
Attack presentationAttack presentation
Attack presentationFrikha Nour
 
Bluetooth technology
Bluetooth technologyBluetooth technology
Bluetooth technologyRohit Roy
 
Cisco ip phone 8800 series datasheet
Cisco ip phone 8800 series datasheetCisco ip phone 8800 series datasheet
Cisco ip phone 8800 series datasheetAmy Huang
 

Ähnlich wie Hacking Backtrak Mobile (20)

Bluetooth1
Bluetooth1Bluetooth1
Bluetooth1
 
Hack.lu 2006 - All your Bluetooth is belong to us
Hack.lu 2006 - All your Bluetooth is belong to usHack.lu 2006 - All your Bluetooth is belong to us
Hack.lu 2006 - All your Bluetooth is belong to us
 
IoT transport protocols
IoT transport protocolsIoT transport protocols
IoT transport protocols
 
IoT transport protocols
IoT transport protocolsIoT transport protocols
IoT transport protocols
 
Bluejacking ppt.pptx
Bluejacking ppt.pptxBluejacking ppt.pptx
Bluejacking ppt.pptx
 
Bluetooth
BluetoothBluetooth
Bluetooth
 
Bluejacking ppt
Bluejacking pptBluejacking ppt
Bluejacking ppt
 
Bluetooth Technology
Bluetooth TechnologyBluetooth Technology
Bluetooth Technology
 
Bluetooth Aplication
Bluetooth AplicationBluetooth Aplication
Bluetooth Aplication
 
Mastering your home network - Do It Yourself
Mastering your home network - Do It YourselfMastering your home network - Do It Yourself
Mastering your home network - Do It Yourself
 
WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017
 
2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things
 
Bluetooth.ppt
Bluetooth.pptBluetooth.ppt
Bluetooth.ppt
 
23c3 Bluetooth hacking revisited
23c3 Bluetooth hacking revisited23c3 Bluetooth hacking revisited
23c3 Bluetooth hacking revisited
 
R1x g17 bluetooth i
R1x g17 bluetooth iR1x g17 bluetooth i
R1x g17 bluetooth i
 
Attack presentation
Attack presentationAttack presentation
Attack presentation
 
Bluetooth technology
Bluetooth technologyBluetooth technology
Bluetooth technology
 
Cisco ip phone 8800 series datasheet
Cisco ip phone 8800 series datasheetCisco ip phone 8800 series datasheet
Cisco ip phone 8800 series datasheet
 
BLUETOOTH.ppt
BLUETOOTH.pptBLUETOOTH.ppt
BLUETOOTH.ppt
 
Bluetooth
BluetoothBluetooth
Bluetooth
 

Kürzlich hochgeladen

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 

Kürzlich hochgeladen (20)

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 

Hacking Backtrak Mobile

  • 2. Outline ● Introduce ● Bluetooth Hacking ● Internet Conection Hacking ● Remote Hacking ● Backtrak On Phone Hacking
  • 4. Bluetooth Hacking Hacking Bluetooh enabled mobile phones and beyond – Wire replacement technology – Low power – Short range 10m - 100m – 2.4 GHz – 1 Mb/s data rate
  • 5. Bluetooth Hacking Architecture – Hardware layer ● Radio, Baseband and Link Manager ● Access through Host Controller Interface – Hardware abstraction – Standards for USB and UART – Host protocol stack ● L2CAP, RFCOMM, BNEP, AVDTP etc. – Profile implementations ● Serial Port, Dialup, PAN, HID etc.
  • 7. Bluetooth Hacking – Trivial OBEX PUSH channel attack ● obexapp (FreeBSD) ● PULL known objects instead of PUSH ● No authentication – IrMC (Specifications for Ir Mobile Communications) ● Infrared Data Association – e.g. telecom/pb.vcf – Ericsson R520m, T39m, T68 – Sony Ericsson T68i, T610, Z1010 – Nokia 6310, 6310i, 8910, 8910i
  • 8. Bluetooth Hacking – Early adopters abuse 'Name' field to send message – Now more commonly send 'Business Card' with message via OBEX – 'Toothing' - Casual sexual liasons
  • 9. Bluetooth Hacking HelloMoto – Requires entry in 'Device History' – OBEX PUSH to create entry – Connect RFCOMM to Handsfree or Headset ● No Authentication required ● Full AT command set access – Motorola V80, V5xx, V6xx and E398
  • 10. Bluetooth Hacking Blooover is performing the BlueBug attack ● Reading phonebooks ● Writing phonebook entries ● Reading/decoding SMS stored on the device (buggy..) ● Setting Call forward (predef. Number) +49 1337 7001 ● Initiating phone call (predef. Number) 0800 2848283 – Not working well on Nokia phones :( but on some T610
  • 11. Bluetooth Hacking – How come!? ● Various Manufacturers poorly implemented the Bluetooth security mechanisms ● Unpublished services on RFCOMM channels – Not announced via SDP – Connecting to unpublished HS service without pairing! ● Nokia has quite a lot of models (6310, 6310i, 8910,8910i,...) ● Sony Ericsson T86i, T610, ... ● Motorola has similar problems (see HeloMoto)
  • 12. Internet Conection Hacking ● Bluetooth Dialup (wvdial etc.) ● PAN Sharing internet ● Bluetooth/cable to Wifi ad hoc ● Tethering ● Etc
  • 13. Remote Hacking ● Remote PC (anyremote, etc) – Get Desktop – Control PC – Etc ● Remote Server (java, sisx, etc) – Putty – FloydSSH – MidpSSH – etc
  • 14. On Phone Hacking ● Gitbrew has been able to install Backtrack 5 on a rooted Android phone ● By using Debdroid, users run Linux distros built for ARM devices.
  • 15. :Visit Me at . . .www tlab co id . - .www techno os net End :Contact Me at @ . .karuwak tlab co id = .Ym Novizul karuwak Powerd by T'Lab Technology Open Source Laboratory