Your SlideShare is downloading. ×
Hacking Backtrak Mobile
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Hacking Backtrak Mobile

1,344
views

Published on

at UII

at UII

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,344
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
63
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. HackingHacking MobileMobile Novizul Evendi FO Techno-OS & T'Lab
  • 2. Outline ● Introduce ● Bluetooth Hacking ● Internet Conection Hacking ● Remote Hacking ● Backtrak On Phone Hacking
  • 3. Introduce
  • 4. Bluetooth Hacking Hacking Bluetooh enabled mobile phones and beyond – Wire replacement technology – Low power – Short range 10m - 100m – 2.4 GHz – 1 Mb/s data rate
  • 5. Bluetooth Hacking Architecture – Hardware layer ● Radio, Baseband and Link Manager ● Access through Host Controller Interface – Hardware abstraction – Standards for USB and UART – Host protocol stack ● L2CAP, RFCOMM, BNEP, AVDTP etc. – Profile implementations ● Serial Port, Dialup, PAN, HID etc.
  • 6. Bluetooth Hacking Bluetooth Protocol Stack
  • 7. Bluetooth Hacking – Trivial OBEX PUSH channel attack ● obexapp (FreeBSD) ● PULL known objects instead of PUSH ● No authentication – IrMC (Specifications for Ir Mobile Communications) ● Infrared Data Association – e.g. telecom/pb.vcf – Ericsson R520m, T39m, T68 – Sony Ericsson T68i, T610, Z1010 – Nokia 6310, 6310i, 8910, 8910i
  • 8. Bluetooth Hacking – Early adopters abuse 'Name' field to send message – Now more commonly send 'Business Card' with message via OBEX – 'Toothing' - Casual sexual liasons
  • 9. Bluetooth Hacking HelloMoto – Requires entry in 'Device History' – OBEX PUSH to create entry – Connect RFCOMM to Handsfree or Headset ● No Authentication required ● Full AT command set access – Motorola V80, V5xx, V6xx and E398
  • 10. Bluetooth Hacking Blooover is performing the BlueBug attack ● Reading phonebooks ● Writing phonebook entries ● Reading/decoding SMS stored on the device (buggy..) ● Setting Call forward (predef. Number) +49 1337 7001 ● Initiating phone call (predef. Number) 0800 2848283 – Not working well on Nokia phones :( but on some T610
  • 11. Bluetooth Hacking – How come!? ● Various Manufacturers poorly implemented the Bluetooth security mechanisms ● Unpublished services on RFCOMM channels – Not announced via SDP – Connecting to unpublished HS service without pairing! ● Nokia has quite a lot of models (6310, 6310i, 8910,8910i,...) ● Sony Ericsson T86i, T610, ... ● Motorola has similar problems (see HeloMoto)
  • 12. Internet Conection Hacking ● Bluetooth Dialup (wvdial etc.) ● PAN Sharing internet ● Bluetooth/cable to Wifi ad hoc ● Tethering ● Etc
  • 13. Remote Hacking ● Remote PC (anyremote, etc) – Get Desktop – Control PC – Etc ● Remote Server (java, sisx, etc) – Putty – FloydSSH – MidpSSH – etc
  • 14. On Phone Hacking ● Gitbrew has been able to install Backtrack 5 on a rooted Android phone ● By using Debdroid, users run Linux distros built for ARM devices.
  • 15. :Visit Me at . . .www tlab co id . - .www techno os net End :Contact Me at @ . .karuwak tlab co id = .Ym Novizul karuwak Powerd by T'Lab Technology Open Source Laboratory
  • 16. Live Demo!!