H a c k in g

M

o b ile

P la t f o r m

s

M o d u le 16
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

H ack in g M o b ile P...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Security N ew s

CEH

...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

In total, NetQin detec...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

M od u le O b jectiv e...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Copyright © b y E C - ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Mobile Threat Report Q...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

21
01

21
01

21
01

2...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

CEH

T erm in ology
S ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

M ob ile Attack Vector...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Data Tampering:
© Modi...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

M ob ile P latform V u...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

e

Jailbreaking and Rooting

e

Mobile Application Vulnerabi...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Security Issues Arisin...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Call logs/photo/videos...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

T hreats of M obile M ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

FIGURE 16.4: Threats o...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

App Sandboxing I s s u...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Other
User Data

N o A...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

c EH

M odu .le Flow

...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

This section introduce...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

CEH

Android OS
Androi...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Q

Exam 312-50 Certified Ethical Hacker

Rich development en...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android OS A rchitectu...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

J<PPLI CATION
Home

Ph...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android core library i...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

A n d ro id D e v ic e...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Complex password
requi...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

I

S M o 2:0977]
App/D...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

CEH

Android R ooting
...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

© Wi-Fi and Bluetooth ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

R ooting Android P hon...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Li
©

Exam 312-50 Certified Ethical Hacker

—
USB connection...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

R ooting Android P hon...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

6

Exam 312-50 Certified Ethical Hacker

Linux: Open a termi...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android R ooting Tools...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

AH□ ‫ י‬B

Exam 312-50 Certified Ethical Hacker

gfflj® 1:5*...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Session Hijacking Usin...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

A

User

A

Internet

...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

^

rid I

©

2:02 PM

...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android-based Sniffer:...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

m

L _ J

u

Fitter se...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

A n d ro id T ro ja n ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

S B D ® 10:53 am I

Ca...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: Ginger...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

GingerBreak

|PS Ginge...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: AcnetS...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

IM

Exam 312-50 Certified Ethical Hacker

C aw itt

Cawitt o...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: Frogon...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

m

@My Games

Do you w...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: KabSta...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

6 S4 AM

6:54 A M

r r...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: Premiu...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Content: kutkut clsamg...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: DroidL...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Send
Text Messages

Bo...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Trojan: FakeTo...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Permissions

Permissio...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

1

■
C o pyrigh t © b ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Google Apps Device Pol...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

©
Device administered ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

‫נ‬

R em ote W ipe Se...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Mobile settings
P fB »...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Security Tool:...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

*SS

T

< 2: 0
30
0

S...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Vulnerability
...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android Penetration Te...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

‫ יי‬t 9 t *
IDHQ.3

v...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

Android D evice Tracki...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

FIGURE 16.31: Find My ...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

your knowledge, the ne...
Ethical Hacking and Countermeasures
Hacking Mobile Platforms

Exam 312-50 Certified Ethical Hacker

iHound is an Android d...
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Ce hv8 module 16 hacking mobile platforms
Upcoming SlideShare
Loading in...5
×

Ce hv8 module 16 hacking mobile platforms

1,875

Published on

Published in: Technology, Business
1 Comment
1 Like
Statistics
Notes
  • free download here link 100% working:https://app.box.com/s/olzwnk240vfm2ir8yfdw
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
1,875
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
362
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Ce hv8 module 16 hacking mobile platforms"

  1. 1. H a c k in g M o b ile P la t f o r m s M o d u le 16
  2. 2. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker H ack in g M o b ile P latform s M o d u le 16 Engineered by Hackers. Presented by Professionals. CEH Q E t h ic a l H a c k in g a n d C o u n te r m e a s u r e s v 8 M o d u le 16: H a c k in g M o b ile P la t f o r m s E x a m 312-50 Module 16 Page 2393 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  3. 3. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Security N ew s CEH M obile M a lw a re C a s e s N e a rly Triple in F irst H alf of 2012, S a y s N etQ in July 31,2012 09:40 A M ET In Ju ne, 3.7 m illion phones w o rld w id e becam e infected w ith m alw are, Beijing researcher finds. M obile m alware is rising fast, infecting nearly 13 million phones in the world during the year first half of 2012, up 177% from the same period a year ago, according to Beijing-based security vendor NetQin. I n a report detailing the world's mobile security, the com pany detected a m ajor spike in m alw arecases in June, with about 3.7 m illion phones becoming infected, a historic high. This came as the security vendor found 5,582 malware programs designed for Android during the month, another unprecedented num ber for the period. During this year's first half, NetQin found that most of the detected m alw are, at 78%, targeted sm artphones running Android, with much of the remainder designed for handsets running Nokia's Symbian OS. This is a reversal from the same period a year ago, when 6 0 % of the detected mobile m alw are w as designed for Symbian phones. http://www.com puterworld.com Copyrigh t © b y E&Cauaci. A ll Rights R eserve d. R eproduction is Strictly Prohibited. Security News ■ m m at M o b ile M a lw a r e C a s e s N e a r ly T r ip le in F ir s t H a lf o f 2012, S a y s N e t Q in Source: http://www.cornputerworld.com In June, 3.7 million phones worldwide became infected with malware, Beijing researcher finds. Mobile malware is rising fast, infecting nearly 13 million phones in the world during the year first half of 2012, up 177% from the same period a year ago, according to Beijing-based security vendor NetQin. In a report detailing the world's mobile security, the company detected a major spike in malware cases in June, with about 3.7 million phones becoming infected, a historic high. This came as the security vendor found 5,582 malware programs designed for Android during the month, another unprecedented number for the period. During this year's first half, NetQin found that most of the detected malware, at 78%, targeted smartphones running Android, with much of the remainder designed for handsets running Nokia's Symbian OS. This is a reversal from the same period a year ago, when 60% of the detected mobile malware was designed for Symbian phones. Module 16 Page 2394 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  4. 4. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker In total, NetQin detected 17,676 mobile malware programs during 2012's first half, up 42% from the previous six months in 2011. About a quarter of the detected malware came from China, which led among the world's countries, while 17% came from Russia, and 16.5% from the U.S. In China, malware is mainly spread through forums, ROM updates, and third-party app stores, according to NetQin. So-called "remote control" Trojan malware that sends spam ads infected almost 4.7 million phones in China. NetQin also detected almost 3.9 million phones in China being infected with money-stealing malware that sends out text messages to trigger fee-based mobile services. The high number of infections would likely translate into the malware's creators netting $616,533 each day. The surge in mobile malware has occurred at the same time that China has become the world's largest smartphone market by shipments. Android smartphone sales lead with a 68% market share, according to research firm Canalys. The country's Guangdong and Jiangsu provinces, along with Beijing, were ranked as the three highest areas in China for mobile malware. Copyright © 1994 -2012 Computerworld Inc By Michael Kan http://www.c0mputerw0rld.c0m/s/article/92298Q2/M0bile m alware cases nearly triple in first half of 2012 says NetQin Module 16 Page 2395 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  5. 5. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker M od u le O b jectiv es r-j j — Mobile Attack Vectors CEH J Mobile Platform Vulnerabilities and Risks Guidelines for Securing Windows OS Devices J Blackberry Attack Vectors j Android OS Architecture J Guidelines for Securing BlackBerry j Android Vulnerabilities j Android Trojans J j Securing Android Devices J j Jailbreaking iOS j Guidelines for Securing iOS Devices J Mobile Protection Tools j Windows Phone 8 Architecture J Mobile Pen Testing Devices Mobile Device Management (M DM ) General Guidelines for Mobile Platform Security U [ Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. M odule Objectives The main objective of this module is to educate you about the potential threats of mobile platforms and how to use the mobile devices securely. This module makes you familiarize with: 9 Mobile Attack Vectors 9 9 Mobile Platform and Risks 9 9 Android OS Architecture 9 Blackberry Attack Vectors 9 Android Vulnerabilities 9 Guidelines for Securing BlackBerry Devices 9 Android Trojans 9 Mobile Device Management (MDM) 9 Securing Android Devices 9 9 Jailbreaking iOS 9 Guidelines Devices Module 16 Page 2396 for Vulnerabilities Securing iOS Windows Phone 8 Architecture Guidelines Devices General Security for Securing Guidelines for 9 Mobile OS Platform Mobile Protection Tools 9 Windows Mobile Pen Testing Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  6. 6. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Copyright © b y E C - C o u id . A ll Rights R e s e r v e d Rep rodu ction is S tric tly Prohibited. Ml M odule Flow For better understanding, this module is divided into various sections and each section deals with a different topic that is related to hacking mobile platforms. The first section deals with mobile platform attack vectors. Mobile Platform Attack Vectors || ^ ' 1‫׳‬ Hacking BlackBerry Hacking Android iOS Mobile Device Management Hacking iOS Mobile Security Guidelines and Tools Hacking Windows Phone OS ^ Mobile Pen Testing This section introduces you to the various mobile attack vectors and the associated vulnerabilities and risks. This section also highlights the security issues arising from app stores. Module 16 Page 2397 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  7. 7. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Mobile Threat Report Q2 2012 • Symbian • M obile Threat by Type Q2 2012 Android • M obile Threat Report Q2 2012 C EH Pocket PC (5 ) J2M E 21 01 21 01 21 01 21 01 21 02 21 02 T rojan h t t p : / / www.f-secure.com M onitoring R is k w a r e A p p lica tio n Tool A d w a re http://www.hotforsecurity.com Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. M obile Threat Report Q2 2012 Source: http://www.f-secure.com In the report, malware attacks on Android phones continue to dominate the other mobile platforms. The most attacks were found in the third quarter of 2011. And in 2012, Q2 came in at 40%. Module 16 Page 2398 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  8. 8. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker 21 01 21 01 21 01 21 01 21 02 21 02 FIGURE 16.1: Mobile Threat Report Q2 2012 Note: The threat statistics used in the mobile threat report Q2 2012 are made up of families and variants instead of unique files. M obile Threat by Type Q 2 2012 Source: http://www.hotforsecuritv.com Attacks on mobile phones were mostly due to the Trojans, which according to the Mobile Threat by Type Q2 2012. is about 80%. From the graph or report it is clear the major threat associated with mobile platforms is Trojan when compared to other threats such as monitoring tools, riskware, application vulnerabilities, and adware. M o b ile T h re a t by T y p e Q2 2012 T r o ja n M o n ito r in g R is k w a r e A p p lic a tio n A d w a re Tool F IG U R E 16.2: M o b ile Threat by Type Q2 2012 Module 16 Page 2399 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  9. 9. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker CEH T erm in ology S to c k ROM It is the default ROM (operatingsystem ) of an Android device supplied by the manufacturer CyanogenM od It is a modified device ROM w ith o u tth e restrictions imposed by device’s original ROM Bricking the Mobile Device A lteringthe device OS using rooting or jailbreaking in a way that causes the mobile device to become unusable or inoperable Bring Your Own Device (BYOD) Bring your own device (BYOD) is a business policy that allows employees to bring their personal mobile devices to their work place Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. Term inology The following is the basic terminology associated with mobile platform hacking: © Stock ROM: It is the default ROM (operating system) of an android device supplied by the manufacturer © CyanogenMod: It is a modified device ROM without the restrictions imposed by device's original ROM © Bricking the Mobile Device: Altering the device OSes using rooting or jailbreaking in a way that causes the mobile device to become unusable or inoperable © Bring Your Own Device (BYOD): Bring your own device (BYOD) is a business policy that allows employees to bring their personal mobile devices to their work place Module 16 Page 2400 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  10. 10. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker M ob ile Attack Vectors ,d ata s t r e a k Extracted Print screen tand rootkit and and ematt screen scrap’‫® ״‬ * USB^eV a n d '°ss A P P lic a tio n 0 b ck p f a u o copvto m °drficati0 n 0s n ° dificatic ‫׳‬ o $ r/1 Wp ti0 v«ca n V)napPr0 ° o Copyright © by E & C tlia c fl. All Rights Reserved. Reproduction is Strictly Prohibited. M obile A ttack V ectors Similar to traditional computer systems, most modern mobile devices are also prone to attacks. Mobile devices have many potential attack vectors using which the attacker tries to gain unauthorized access to the mobile devices and the data stored in or transferred by the device. These mobile attack vectors allow attackers to exploit the vulnerabilities present in operating systems or applications used by the mobile device. The attacker can also exploit the human factor. The various mobile attack vectors include: Malware: 9 Virus and rootkit 9 Application modification 9 OS modification Data Exfiltration: 9 Data leaves organization and email 9 Print screen and screen scraping 9 Copy to USB key and loss of backup Module 16 Page 2401 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  11. 11. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Data Tampering: © Modification by another application © Undetected tamper attempts © Jail-broken device Data Loss: © Application vulnerabilities © Unapproved physical access © Loss of device Module 16 Page 2402 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  12. 12. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker M ob ile P latform V u ln erab ilities and R isk s M o b ile Application App Stores 1 Privacy Issues (G eolocation) M o b ile M a lw a re 2 7 Vulnerabilities 8 App Sandboxing Data Security Device and App Encryption Excessive Perm issions OS and App U pdates Com m unication Security ‫י‬ 9 3 1 0 4 5 ] V c 6 ] Jailb re ak in g a n d Rooting 1 1 1 ‫׳' —דז‬ ‫ר‬ Physical Attacks 1 2 --------------- - ■ ...:-------J .. M obile Platform Vulnerabilities and Risks Mobile platform vulnerabilities and risks are the challenges faced by mobile users due to the functionality and increasing use of mobile devices at work and in other daily activities. The new functionalities amplify the attraction of the platforms used in mobile devices, which provide an easy path for attackers to launch attacks and exploitation. Attackers use different technologies such as Androids and other multiple instances to insert malicious applications with hidden functionality that stealthily gather a user's sensitive information. The companies that are into developing mobile applications are more concerned about security because vulnerable applications can cause damage to both parties. Thus, levels of security and data protection guarantees are mandatory. But the assistances and services provided by mobile devices for secure usage are sometimes neutralized by fraud and security threats. The following are some of the risks and vulnerabilities associated with mobile platforms: 0 App Stores © Mobile Malware 0 App Sandboxing 0 Device and App Encryption 0 OS and App Updates Module 16 Page 2403 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  13. 13. Ethical Hacking and Countermeasures Hacking Mobile Platforms e Jailbreaking and Rooting e Mobile Application Vulnerabilities e Exam 312-50 Certified Ethical Hacker Privacy Issues (Geolocation) Q Data Security e Excessive Permissions e Communication Security e Physical Attacks Module 16 Page 2404 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  14. 14. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Security Issues Arising from App Stores CEH J Insufficient or no vetting of apps leads to malicious and fake apps entering app marketplace Attackers can also social engineer users to download and run apps outside the official app stores J App stores are common target for attackers to distribute malware and malicious apps Malicious apps can damage other application and data, and send your sensitive data to attackers App Store ■ 11 n 11 • >d f ‫ יי‬i m :.... < JLp h i ® ’ A • »*> : Third Party ■ App Store M o b ile A pp No Vetting .... > ..... Malicious app sends sensitive data to attacker Call logs/photo/videos/sensitive docs Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. S ecurity Iss u e s A risin g from App Stores --- An authenticated developer of a company creates mobile applications for mobile users. In order to allow the mobile users to conveniently browse and install these mobile apps, platform vendors have created centralized marketplaces, but security concerns have resulted. Usually mobile applications that are developed by developers are submitted to these marketplaces (official app stores and third-party app stores) without screening or vetting, making them available to thousands of mobile users. If you are downloading the application from an official app store, then you can trust the application as the hosting store has vetted it. However, if you are downloading the application from a third-party app store, then there is a possibility of downloading malware along with the application because third-party app stores do not vet the apps. The attacker downloads a legitimate game and repackages it with malware and uploads the mobile apps to a third-party application store from where the end users download this malicious gaming application, believing it to be genuine. As a result, the malware gathers and sends user credentials such as call logs/photo/videos/sensitive docs to the attacker without the user's knowledge. Using the information gathered, the attacker can exploit the device and launch many other attacks. Attackers can also socially engineer users to download and run apps outside the official app stores. Malicious apps can damage other applications and data, and send your sensitive data to attackers. Module 16 Page 2405 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  15. 15. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Call logs/photo/videos/sensitive docs FIGURE 16.3: Security Issues Arising from App Stores Module 16 Page 2406 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  16. 16. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker T hreats of M obile M alw are CIEH T h re a ts of M obile M a lw are In recent years, many system users are moving away from using personnel computers toward smartphones and tablets. This increased adoption of mobile devices by users for business and personal purposes and comparatively lesser security controls has shifted the focus of attackers and malware writers for launching attacks on mobile devices. Attackers are attacking mobile devices because more sensitive information is stored on them. SMS spoofing, toll frauds, etc. are attacks performed by attackers on mobile devices. Mobile malware include viruses, SMS-sending malware, mobile botnets, spyware, destructive Trojans, etc. The malware is either application or functionality hidden within other application. For infecting mobile devices, the malware writer or attacker develops a malicious application and publishes this application to a major application store and waits until users install these malicious mobile applications on their mobile devices. Once the user installs the application hosted by the attacker, as a result, the attacker takes control over the user's mobile device. Due to mobile malware threats, there may be loss and theft, data communication interruption, exploitation and misconduct, and direct attacks. According to the threats report, the security threats to mobile devices are increasing day by day. In 2004, malware threats against mobile devices were fewer when compared to recent years. The frequency of malware threats to mobile devices in the year 2012 drastically increased. Module 16 Page 2407 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  17. 17. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker FIGURE 16.4: Threats of Mobile Malware Module 16 Page 2408 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  18. 18. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker App Sandboxing I s s u e s CEH Sandboxing helps protect systems and users by limiting the resources the app can access in the mobile platform; however, malicious applications may exploit vulnerabilities and bypass the sandbox Copyright © by E & C a u a c i. All Rights Reserved. Reproduction is Strictly Prohibited. App Sandboxing Issu e s Sandboxing separates the running program with the help of a security mechanism. It helps protect systems and users by limiting the resources the app can access in the mobile platform; however, malicious applications may exploit vulnerabilities and bypass the sandbox. Sandboxing is clearly explained by comparing a computer and a smartphone. In normal computers, a program can access any of the system resources such as entire RAM i.e. not protected, hard drive information, and more can be read easily by anyone, unless and until it is locked. So if any individual downloads malicious software believing it as genuine, then that software can read the keystrokes that are typed in your system, scan the entire hard drive for useful file types, and then send that data back through the network. The same occurs in mobile devices; if an application is not given a working environment, it accesses all the user data and all the system resources. If the user downloads a malicious application, then that application can access all the data and resources and can gain complete control over the user's mobile device. Secure sandbox environment In a secure sandbox environment, each individual application is given its own working environments. As a result, the application is restricted to access the other user data and system resources. This provides protection to mobile devices against malware threats. Module 16 Page 2409 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  19. 19. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Other User Data N o A ccess s A N Unrestricted D Access B *• App O System Resources ‫ו‬ User Data rriwiiif System X Resources FIGURE 16.5: Secure sandbox environment Vulnerable Sandbox Environment In vulnerable sandbox environment, the malicious application exploits loopholes or weaknesses for bypassing the sandbox. As a result, the application can access other user data and system resources that are restricted. s User Data 1“ A n r M Unrestricted Access A ccess System Resources User Data Bypass the Sandbox App System Resources FIGURE 16.6: Vulnerable Sandbox Environment Module 16 Page 2410 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  20. 20. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker c EH M odu .le Flow Urtiftod • • f^^ l :‫־‬ 1 1 eH . IU k j I lUchM • - Mobile Platform Attack Vectors Copyright © by E & C a i n d . All Rights Reserved. Reproduction is Strictly Prohibited. M odule Flow So far, we have discussed various potential attack vectors of mobile platforms. Now we will discuss hacking the Android OS. w Mobile Platform Attack Vectors * '< Hacking BlackBerry 1 f> flBSi Hacking Android iOS v ---/ Mobile Device Management ■^‫׳‬ Hacking iOS Hacking Windows Phone OS Module 16 Page 2411 ‫^׳‬ ‫־‬ Mobile Security Guidelines and Tools Mobile Pen Testing Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  21. 21. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker This section introduces you to the Android OS and its architecture, various vulnerabilities associated with it, Android rooting and Android rooting tools, various Android Trojans, Android security tools, Android penetration testing tools, and Android device tracking tools. Module 16 Page 2412 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  22. 22. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker CEH Android OS Android is a software environment developed by Google for mobile devices that includes an operating system, middleware, and key applications Features A pplication fram ew ork enabling reuse and replacem ent of com ponents Dalvik virtual m achine optim ized for mobile devices Integrated b row ser based on the open source W ebK it engine SQ Lite for structured data storage M e d ia support for common audio, video, and still image form ats (M P E G 4 , H.264, M P3 , AAC, A M R , JP G , PNG, GIF) Rich developm ent environment including a device emulator, tools for debugging, memory and performance profiling, and a plugin for the Eclipse IDE http://developer.android.com Copyright © by E & C a u a c ! . All Rights Reserved. Reproduction is Strictly Prohibited. A ndroid OS Android is a software stack developed by Google specifically for mobile devices such as smartphones and tablet computers. It is comprised of an operating system, middleware, and key applications. Android's mobile operating system is based on the Linux kernel. The Android application runs in a sandbox. The sandbox security mechanism is explained on a previous slide. Antivirus software such as Lookout Mobile Security, AVG Technologies, and McAfee are released by security firms for Android devices. However, the sandbox is also applicable to the antivirus software. As a result, though this antivirus software has the ability to scan the complete system, it is limited to scanning up to a certain environment. The features of android operating system include: © Application framework enabling reuse and replacement of components 0 Dalvik virtual machine optimized for mobile devices © Integrated browser based on the open source WebKit engine 0 SQLite for structured data storage 0 Media support for common audio, video, and still image formats (MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, GIF) Module 16 Page 2413 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  23. 23. Ethical Hacking and Countermeasures Hacking Mobile Platforms Q Exam 312-50 Certified Ethical Hacker Rich development environment including a device emulator, tools for debugging, memory and performance profiling, and a plugin for the Eclipse IDE Module 16 Page 2414 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  24. 24. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android OS A rchitecture CEH (•rtifwd itkitjl APPLICATION Contacts Phone APPLICATION FR A M EW O R K Activity Manager Window ManagerContentProviders Package Manager Telephony Manager Surface Manager L IBRA R IES Resource Manager Location Manager Media Framework Notification Manager AND RO ID RUN TIM E Core Libraries OpenGL | ES Dalvik Virtual Machine SGI LINUX KERNEL Display Driver Camara Driver Flash Memory Driver Binder (IPC) Driver Keypad Driver WiFi Driver Audio Driver Power Management Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid OS A rch ite c tu re Android is a Linux-based operating system especially designed for portable devices such as smartphones, tablets, etc. The pictorial representation that follows shows the different layers such as application, application framework, libraries, android runtime, and Linux kernel, which make up the Android operating system. Module 16 Page 2415 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  25. 25. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker J<PPLI CATION Home Phone Contacts Browser A P PL IC A T IO N F R A M E W O R K A ctivity Manager W ind ow M anager Content Providers Telephony Resource Manager V iew System Location Manager Package Manager Manager N o t if ic a t io n Surface Manager S Q lite O penGL | ES FreeType W ebKit SGL L IB R A R IE S M edia Fram ework SSL Manager libc A N D R O ID R U N T IM E Core Libraries Dalvik Virtual Machine L IN U X K E R N EL Display Driver Camara Driver Flash M e m o ry Driver Binder (IPC) Driver Keypad Driver W iFi Driver Audio Driver Power Managem ent FIGURE 16.7: Android OS Architecture Applications: The applications provided by Android include an email client, SMS, calendar, maps, Browser, contacts, etc. These applications are written using the Java programming language. Application Framework Q As Android is an open development platform, developers have full that is used in the core applications access tothe © The View System can be used to develop lists, grids, text boxes,buttons, application API etc. in the Q The Content Provider permits applications to access data from other applications in order to share their own data © The Resource Manager allocates the non-code resources like localized strings, graphics, etc. Q The Notification Manager helps applications to show custom messages in the status bar Q The Activity Manager controls the lifecycle of applications Libraries Libraries comprise each and every code that provides the main features of an Android OS. For example, database support is provided by the SQLite library so that an application can utilize it for storing data and functionalities for the web browser provided by the Web Kit library. The Module 16 Page 2416 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  26. 26. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android core library includes Surface Manager, Media Framework, SQLite, OpenGL | ES, FreeType, WebKit, SGL, SSL, libc, SQLite (database engine), and LibWebCore (web browser engine). Android Runtime Android Runtime includes core libraries and the Dalvik virtual machine. The set of core libraries allows developers to write the Android applications using the Java programming language. Dalvik virtual machine is helpful in executing Android applications. Dalvik can run multiple VMs efficiently. Linux Kernel The Android operating system was built based on the Linux kernel. This layer is made up of all the low-level device drivers such as Display Driver, Camara Driver, Flash Memory Driver, Binder (IPC) Driver, Keypad Driver, WiFi Driver, Audio Driver, and Power Management for various hardware components of an Android device. Module 16 Page 2417 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  27. 27. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker A n d ro id D e v ic e A d m in is tra tio n A PI I C E H J The Device Administration API introduced in Android 2.2 provides device adm inistration features at the system level J » These A PIs allow developers to create security-aware applications that are useful in enterprise settings, in which IT professionals require rich control over employee devices I* Policies supported by the Device Administration API 6 Password enabled Minimum password length Minimum uppercase letters required in password Alphanumeric password © Password expiration timeout required © Password history restriction Complex password required Minimum letters required in password 9 Maximum failed password attempts a Maximum inactivity time lock required in password 0 Require storage encryption Minimum non-letter characters required in password o Disable camera « Prompt user to set a new password Minimum lowercase letters Minimum numerical digits required in password 9 Minimum symbols required in password Lock device immediately S Wipe the device's data h t t p : / / d e v e l o p e r . a n d r o id , c o m Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid D evice A d m in istratio n API ",“ "■ ‫'׳‬ Source: http://developer.android.com The Device Administration API introduced in Android 2.2 provides device administration features at the system level. These APIs allow developers to create security-aware applications that are useful in enterprise settings, in which IT professionals require rich control over employee devices. The device admin applications are written using the Device Administration API. These device admin applications enforce the desired policies when the user installs these applications on his or her device. The built-in applications can leverage the new APIs to improve the exchange support. Policy Description Password enabled Requires that devices ask for PIN or passwords. Minimum password length Set the required number of characters for the password. For example, you can require PIN or passwords to have at least six characters. Alphanumeric password required Requires that passwords have a combination of letters and numbers. They may include symbolic characters. Module 16 Page 2418 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  28. 28. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Complex password required Requires that passwords must contain at least a letter, a numerical digit, and a special symbol. Introduced in Android 3.0. Minimum letters required in password The minimum number of letters required in the password for all admins or a particular one. Introduced in Android 3.0. Minimum lowercase letters required in password The minimum number of lowercase letters required in the password for all admins or a particular one. Introduced in Android 3.0. Minimum non-letter characters required in password The minimum number of non-letter characters required in the password for all admins or a particular one. Introduced in Android 3.0. Minimum numerical digits required in password The minimum number of numerical digits required in the password for all admins or a particular one. Introduced in Android 3.0. Minimum symbols required in password The minimum number of symbols required in the password for all admins or a particular one. Introduced in Android 3.0. Minimum uppercase letters required in password The minimum number of uppercase letters required in the password for all admins or a particular one. Introduced in Android 3.0. Password expiration timeout When the password will expire, expressed as a delta in milliseconds from when a device admin sets the expiration timeout. Introduced in Android 3.0. Password history restriction This policy prevents users from reusing the last ‫ ו‬unique passwords. ‫ר‬ This policy is typically used in conjunction with setPasswordExpirationTimeout(), which forces users to update their passwords after a specified amount of time has elapsed. Introduced in Android 3.0. Maximum failed password attempts Specifies how many times a user can enter the wrong password before the device wipes its data. The Device Administration API also allows administrators to remotely reset the device to factory defaults. This secures data in case the device is lost or stolen. Maximum inactivity time lock Sets the length of time since the user last touched the screen or pressed a button before the device locks the screen. When this happens, users need to enter their PIN or passwords again before they can use their devices and access data. The value can be between 1 and 60 minutes. Require storage encryption Specifies that the storage area should be encrypted, if the device supports it. Introduced in Android 3.0. Disable camera Specifies that the camera should be disabled. Note that this doesn't have to be a permanent disabling. The camera can be enabled/disabled dynamically based on context, time, and so on. Introduced in Android 4.0. TABLE16.1: A ndroid Device A dm inistration API Module 16 Page 2419 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  29. 29. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker I S M o 2:0977] App/Device Admin Demonstration of ‫ ג‬DeviceAdmin class for administering the user's device. FIGURE 16.8: Android Device Administration API Module 16 Page 2420 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  30. 30. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker CEH Android R ooting J Rooting allows Android users to attain privileged control (know n as "ro o t access") within Android's subsystem J Rooting process involves exploiting security vulnerabilities in the device firm w a re , and copying the su binary to a location in the current process's PATH (e.g. /system/xbin/su) and granting it executable permissions with the chmod command Rooting enables all the user-installed Rooting also comes with many applications to run privileged security and other risks to your commands such as: device including: Modifying or deleting system files, module, ROMs (stock firmware), and kernels Low-level access to the hardware that are typically unavailable to the devices in their default configuration Voids your phone's warranty » Removing carrier- or manufacturerinstalled applications (bloatware) & Poor performance © Malware infection 6 Bricking the device Improved performance Wi-Fi and Bluetooth tethering Install applications on SD card Better user interface and keyboard Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid R ooting Rooting is the process of removing the limitations and allowing full access. It allows Android users to attain "super user" privileged control (known as "root access") and permission within Android's subsystem. After rooting the Android phone, an Android user will have control over SETTINGS, FEATURES, and PERFORMANCE of his or her phone and can even install software that is not supported by the device. The root users will have "super -user" privileges using which they can easily alter or modify the software code on the device. Rooting is basically hacking Android devices and is equivalent to "jailbreaking" in iPhone. Rooting exploits a security vulnerability in the device firmware, and copying the su binary to a location in the current process's PATH (e.g. /system/xbin/su) and granting it executable permissions with the chmod command. Rooting enables all the user-installed applications to run privileged commands such as: Q Modifying or deleting system files, module, ROMs (stock firmware), and kernels Q Removing carrier- or manufacturer-installed applications (bloatware) Q Low-level access to the hardware that are typically unavailable to the devices in their default configuration © Improved performance Module 16 Page 2421 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  31. 31. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker © Wi-Fi and Bluetooth tethering © Install applications on SD card © Better user interface and keyboard Rooting also comes with many security and other risks to your device including: © Voids your phone's warranty © Poor performance © Malware infection © Bricking the device Module 16 Page 2422 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  32. 32. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker R ooting Android P hones u sin g SuperO neC lick CEH D f1 f-V ‫ זת«ווזז״,י‬H J Plug in and connect your android device to your computervia USB USB debugging Debug mode *when use « (OAMnM PC M ode © W ind ow s M edia Sync O U S B M ass Storage O Charge O nly Q Stay awa ke Serft n will neve* sleep *hile (tw png J Install driver for the device if prompted J Unplug and re-connect, but this time select "Charge only" to sure that your phone's SD Card is not mounted to your PC J Run SuperOneClick.exe(availableinToolsDVD) J Click on the "Root" button J Wait for some time until you see a "Running a Su test Success!" message J Now check out the installed apps in your phone J Allownock loe&ions Go to Settings ‫ >־‬Applications ‫ >־‬Development ‫־‬ and enable USB Debugging to put yourandroid into USB Debugging mode J Allow mock locations Superusericon means you now have root access (reboot the phone if you do not see it) !5] Superuser Request App: drocap2 (10104) pAckdga: cam guv* nig. Jtudrcx4!)3 Requested U1D: root(O) Com nwltd: /sys1 1 1 « n‫׳‬bl Vsh Rcmember J Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. R ooting A ndroid P h o n es u sin g S u p erO n eC lick SuperOneClick is a tool designed especially for rooting an Android phone. The step-bystep procedure for rooting an Android phone with the help of SuperOneClick follows: © Plug in and connect your Android device to your computer via a USB. Q Install the driver for the device if prompted. © Unplug and re-connect, but this time select Charge only to ensure that your phone's SD Card is not mounted to your PC. Q Go to Settings ‫ >־‬Applications ‫ >־‬Development and enable USB Debugging to put your ‫־‬ ‫־‬ android into USB Debugging mode. Q Run SuperOneClick.exe (available in Tools DVD). © Click the Root button. Q Wait for some time until you see a "Running a Su test Success!" message Q Now check out the installed apps in your phone. © Superuser icon means you now have root access (reboot the phone if you don't see it). Module 16 Page 2423 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  33. 33. Ethical Hacking and Countermeasures Hacking Mobile Platforms Li © Exam 312-50 Certified Ethical Hacker — USB connection USB debugging o o o o 1 PC Mode 1 Windows Media Sync USB Mass Storage 1 Charge Only | OK Text M « BfOWStr Debug m od* when USB Is connected Stay awake mm Screen will never sleep while charging Allow mock locations m Allowm locations ock Cancel Market © VO K em ji! 1 Su p e ru se r Req u est The following app is requesting superuser access: App: drocap2 (10104) Package: c0m ail.nag...atu.df0cap2 .gm Requested UID: root (0) Com m and: /system/bin/sh FIGURE 16.9: Rooting Android Phones using SuperOneClick Module 16 Page 2424 Ethical Hacking and Countermeasures Copyright © by EC-C0l1nCil All Rights Reserved. Reproduction is Strictly Prohibited.
  34. 34. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker R ooting Android P hones U sing Superboot . ------- D ow nload and extract the S u p e rb o o t files ft Put your Android phone in bootloader mode Depending on your com puter's O S, do one of the following: m J Turn off the phone, remove the battery, and pluginthe USB cable Windows: Double click "install-superbootwindows.bat" J When the battery icon appears onscreen, pop the battery back in Mac: Open a terminal window to the directory containing the files, and type "chmod + installx superboot-mac.sh" followed by "./installsuperboot-mac.sh" al Now tap the Power button while holding down the Camera key J 1 Linux: Open a terminal window to the directory containing the files, and type "chmod + installx superboot-linux.sh" followed by 1 './installsuperboot-linux.sh" For Android phoneswithatrackbalLTurn off the phone, press and hold the trackball, then turn the phone backon r~ 1 * j . Your device has been ro o ted m Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. R ooting A ndroid P h o n es u sin g S uperkoot Superboot is a boot.img. It is designed specifically to root Android phones. It roots Android phones when they are booted for the very first time. Any individual can root the Android phone using superboot by following these steps: Step 1: Download and extract the Superboot files. Step 2: Put your Android phone in bootloader mode: Q Turn off the phone, remove the battery, and plug in the USB cable. 9 When the battery icon appears onscreen, pop the battery back in. © Now tap the Power button while holding down the Camera key. Q For Android phones with a trackball: Turn off the phone, press and hold the trackball, then turn the phone back on. Step 3: Depending on your computer's OS, do one of the following: Q Windows: Double-click install-superboot-windows.bat. © Mac: Open a terminal window to the directory containing the files, and type chmod + x install-superboot-mac.sh" followed by ./install-superboot-mac.sh. Module 16 Page 2425 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  35. 35. Ethical Hacking and Countermeasures Hacking Mobile Platforms 6 Exam 312-50 Certified Ethical Hacker Linux: Open a terminal window to the directory containing the files, and type chmod + x install-superboot-linux.sh" followed by ./install-superboot-linux.sh. Step 4: Your Android device has been rooted. Module 16 Page 2426 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  36. 36. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android R ooting Tools i( ] □ ! CEH @ D s1:5. B < 26 (D B ?! a ‫ ׳‬m a 9:15 am a un re v o k e d 1« th» tutron to root your phono y r Wo don't antiripa!! U n iv e r s a l A n d r o o t Do you want to install this application? UnlockRoot.com a t Allow this application to: A Storage modify/delete SD card contents A Phone calls read phone state and identity A System tools c neWFsa ,peetpoefr m tag i i t te r vn hn o s ein lep g O i n i Sh o w all R eco very F la sh e r ‫ר‬ U niversal Androot U nlock Root Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. A n d r o id R o o t in g T o o ls C O J In addition to SuperOneClick and Superboot, there are many other tools that can be used for rooting Android phones: © Unrevoked available at http://unrevoked.com © Recovery Flasher available at https://sites.google.com/site/adlxmod © Universal Androot available at http://forum.xda-developers.com © Unlock Root available at www.unlockroot.com Module 16 Page 2427 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  37. 37. Ethical Hacking and Countermeasures Hacking Mobile Platforms AH□ ‫ י‬B Exam 312-50 Certified Ethical Hacker gfflj® 1:5* 26 i & B D 0 9:15 AM un r e v o k e d Press the button to root your phone. We don't anticipate orealdng your prion*, but w e're noi liable if It do•* On Ev you’l hare to do thi5 each time you reboot. Have fun! , u Universal Androot UntocfcRoot v2 0 Do you want to install this application? Donate | Follow us on Twitter. UnlockRoot.com Allow this application to: A Storage modify/delete 50 card contents A i n Phone calls read phone state and tdentlty A System tools change Wi-Fi slate, prevent phone from sleeping O S h o w a ll Install 1 || Cancel _ . Root I Contort devic• with U S8 coble and FIGURE 16.10: Android Rooting Tools Module 16 Page 2428 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  38. 38. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Session Hijacking Using DroidSheep J •. © * v DroidSheep is a simple Android tool for web session hijacking (sidejacking) ? i n s■ Connect edt o *••‫יי»י‬ 2:02 pm ‫■״‬ « Spoofing IP: 192.168.0.1 J It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session IDs from these packets in order to reuse them m ‫צ‬ ». . ^ [http7/w w w .facebook... IP=192.168 0.100 Anil Sardiw al [h ttp V M w .. http://www.google.co.in IP=192.168.0.100 ID : 1239002684 http://xsltcache.alexa.com J IP=192.168.0.100 ID : 1120334729 DroidSheep can capture sessions using the libpcap library and http://api.mywot.com supports: O PEN N etw orks, W E P encrypted networks, W P A and IP-192.168.0.100 ID : 166224861 http://apis.google.com W P A 2 (P SK only) encrypted n etw orks IP=192.168 0.100 ID : -561222905 http://www.blogger.com IP=192.168.0.100 ID : •70447663 o in n ■ A A User Internet ARP Spoofing Attacker modifies the m *«. http://platf orm .twitter.com IP-192.168.0.100 ID : 1933430236 http://s7.addthis.com IP-192.168 0.100 ID : 1667993814 http://www .stum bleupon.com session IDs and relay them to web server Attacker intercepts client's request for a web page w W http://platform .linkedln.com I P “ 192.168.0.100 ID : •2082712684 Attacker IP-192.168.0.100 ID : •1486882064 ✓ o c R U N N IN G AN D S P O O F IN G Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. Session H ijack in g U sing D roidS heep Most web applications use a session ID to verify the user's identity with the application. This session ID is transmitted in subsequent requests within HTTP packets in order to maintain the session with the user. The attacker uses the DroidSheep tool to read the all the packets sent via a wireless network and captures the session ID. Once the attacker captures the victim's legitimate session ID, he or she may use this stolen session ID to access the target web application on behalf of the victim. DriopSheep listens and captures HTTP packets sent via a wireless (802.11) network and then analyzes the captured packets to extract and reuse the session IDs. DriopSheep accomplishes this using the libcap library. It supports OPEN Networks, WEP encrypted networks, WPA, and WPA2 (PSK only) encrypted networks. Module 16 Page 2429 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  39. 39. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker A User A Internet ARP Spoofing A ttacker intercepts client's request for a *»« A ttacke r modifies the session IDs and relay them to W e b s e rv e r w ebpage Attacker FIGURE 16.11: Session Hijacking Using DroidSheep Module 16 Page 2430 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  40. 40. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker ^ rid I © 2:02 PM Connected to - • ■ • • ‫•י״יייי‬ Spoofing IP: 192.168.0.1 [http://www.facebook.... IP=192.168.0.100 Anil Sardiwal [http://ww... http://www.google.co.in IP=192.168.0.100 ID: 1239002684 http://xsltcache.alexa.com IP=192.168.0.100 ID: 1120334729 http://api.mywot.com IP=192.168.0.100 ID: 166224861 http://apis.google.com IP=192.168.0.100 ID: -561222905 http://www.blogger.com IP=192.168.0.100 ID: -70447663 http://platform.linkedin.com IP=192.168.0.100 ID: -2082712684 http://platform.twitter.com IP=192.168.0.100 ID: -1933430236 http://s7.addthis.com IP=192.168.0.100 ID: -1667993814 http://www.stumbleupon.com IP=192.168.0.100 ID: -1486882064 M o ARP-Spoofing a i G eneric mode RUNNING AND SPOOFING FIGURE 16.12: DroidSheep Screenshot Module 16 Page 2431 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  41. 41. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android-based Sniffer: FaceNiff I C EH FaceNiff is an Android app that allows you to sniff It is possible to hijack sessions only when W iF i is and intercep t w e b session profiles over the W iFi not using EAP, but it should work over any private that you r mobile is connected to n etw orks (Open/W EP/W PA-PSK/W PA2-PSK) |‫ז‬ Vibration Vibrate when new praMe is foutd MAC TO Vendor resolving Try fimfcng oul Jhe device *ewdor Filter services Selecl wtnch twvictt you want to be shown h ttp://faceniff.ponury. net Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. H A n d ro id -b ased Sniffer: F aceN iff Source: http://faceniff.ponury.net FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the Wi-Fi that your mobile is connected to. It is possible to hijack sessions only when Wi-Fi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). Note: If webuser uses SSL this application won't work. Module 16 Page 2432 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  42. 42. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker m L _ J u Fitter services STOP Vibration amazon.com Vibratewt*n new proMe it found f71f| bponury p bl ue MAC TO Vendor resolving amazon.co uk Try frying 014 (he device vendor Filter services bponury Setecl which servicesyou want to be •hown amazon.de Intel Corporate (30.88.b4: tuenti.com BartoszTestowy nk.pl 10 0 ‫(6 ו 00 ו‬ twitter.com tumblr.com meinvz.net % & Unlock mu Request new key • Go to website Export sessions r t Import sessions © Settings studivz.net blonoer com FIGURE 16.13: FaceNiff Screenshot Module 16 Page 2433 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  43. 43. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker A n d ro id T ro ja n : Z itM o (ZeuS-inth e -M o b ile ) r cu !z —? Zitmo is the notorious mobile component of the Zeus banking Trojan that circumvents twofactor authentication by Ml C a r H om e Contacts intercepting SMS confirmation codes to access bank accounts H The new versions for Android and BlackBerry have now added Em ail Galery » Custom local* m Q M nugng botnet-like features, such as enabling cybercriminals to control the Trojan via SMS r m » Dev Tool! * 4 commands Music C Home ar ‫יי‬ conucn » » cus*‫״״‬ lAa rU ^ 5 Zertifikat Installation erfolgreich Ihr Aktivierungskode lautet 7725486193 Copyrigh t © b y E&Cauaci. A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid T rojan: ZitM o (ZeuS‫־‬in ‫־‬th e ‫־‬M obile) Zitmo refers to a version of the Zeus malware that specifically targets mobile devices. It is a malware Trojan horse designed mainly to steal online banking details from users. It circumvents mobile banking app security by simply forwarding the infected mobile's SMS messages to a command and control mobile owned by cybercriminals. The new versions of Android and BlackBerry have now added botnet-like features, such as enabling cybercriminals to control the Trojan via SMS commands. Module 16 Page 2434 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  44. 44. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker S B D ® 10:53 am I Car H om e C o n ta c ts C u s to m D e v T o o ls L o c a le E m a il G a lle r y M e s sa g in g Phone S e ttin g s S p a r e P a rts M usk Sp eech R e co rd e r FIGURE 16.14: ZitMo (ZeuS-in-the-Mobile) Screenshot Module 16 Page 2435 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  45. 45. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: GingerBreak GingerBreak v l.l O p tio ns Q ) GingerBreak Please make sure of the following before rooting: - You have an SD card inserted and mounted - USB debugging is enabled AndroidOS/GingerBreak is a trojan that affects mobile devices running the Android operating system It drops and executes another trojan detected as Exploit: Android0s/CVE-2011-1823, which, if run successfully, gains administrator privileges on the device p CEH GingerBreak Do you want to install this application? Allow this application to: A System tools re»d system log riles Copyrigh t © b y EfrCaincl. A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid T rojan: G in g erB reak AndroidOS/GingerBreak is a Trojan that affects mobile devices running the Android operating system. It drops and executes another Trojan detected as Exploit: AndroidOS/CVE2011-1823, which, if run successfully, gains administrator privileges on the device. Module 16 Page 2436 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  46. 46. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker GingerBreak |PS GingerBreak GingerBreak v1.1 APK: Chainfire Exploit: The Android Exploid Crei Options________________ Do you w ant to install this application? Allow this application to: A System tools read system log files FIGURE 16.15: GingerBreak Screenshot Module 16 Page 2437 Ethical Hacking and Countermeasures Copyright © by EC-C0UnGil All Rights Reserved. Reproduction is Strictly Prohibited.
  47. 47. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: AcnetSteal and Cawitt A c n e tS te a l J C a w it t AcnetSteal is a program that harvests data and J Cawitt.A operates silently in the background, gathering device inform ation which it later inform ation from the device J CEH forw ards to a remote server Trojan sends the contact inform ation to a remote location using Triple DES Encryption J Collected information includes d evice ID, International Mobile Equipment Identity (IM E I) (DESede) number, phone num ber, Bot ID, and modules 8:06 AM a n a 8:06 AM Quote!!! Slim Be social! plugin 32.C0KB A v R ), ookb Your messages rctcrvc SMS E xam ple w a llp a p e rs A Network communication A Storage (til Iniffnrt K e n t • S am ple Soft K eyboard 10K 60R rroaity/ddtteSOcard content? A Services that cost you money send SMS rnesuges A Phone calls read phone sute a‫ ״‬identity td Copyrigh t © b y E f r C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid T rojan: A cnetSteal a n d C aw itt A cnetSteal AcnetSteal is a program that harvests data and information from the device. The Trojan sends the contact information to a remote location using Triple DES Encryption (DESede). FIGURE 16.16: AcnetSteal Screenshot Module 16 Page 2438 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  48. 48. Ethical Hacking and Countermeasures Hacking Mobile Platforms IM Exam 312-50 Certified Ethical Hacker C aw itt Cawitt operates silently in the background, gathering device information which it later forwards to a remote server. Collected information includes device ID, International Mobile Equipment Identity (IMEI) number, phone number, Bot ID, and modules. This Trojan doesn't place any launcher icon in the application menu in order to avoid being detected by the device user. t r iR & G 8:06 A M Manage applications Application Info com.android.gesture.builder 32.00KB Perm issions H wT) Be social! plugin 32.00KB This application can access the following on your phone: A 20.00KB Your messages receive SMS Example Wallpapers A Network communication full Internet access Sample Soft Keyboard 3600KB A Storage m odify/delete SOcard contents A Services that cost you money send SMS m essages A Phone calls read phone state and identity FIGURE 16.17: Cawitt Screenshot Module 16 Page 2439 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  49. 49. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: Frogonal and G am ex c EH to M Itc Jl IlM ftN fM h M Frogonal J Frogonal.A is a repackaged version of an original application where extra functionalities used for malicious intent have been added into the new package J It harvests the following information from the compromised device such as identification of the Trojaned application, phone number, IMEI number, IMSI number, SIM serial number, device model, operating system version, root availability G am ex -I Gamex.A hides its malicious components inside the package file _J Once it is granted a root access by the user, it connects to a command and control (C&C) server to download more applications and to forward the device IMEI and IMSI numbers J It also establishes a connection to an external link which contains a repackaged APK file, and proceeds to downloading and installingthe file Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited A ndroid T rojan: F ro g o n al a n d G am ex F ro g o n a l Frogonal is a repackaged version of an original application where extra functionalities used for malicious intent have been added into the new package. It harvests the following information from the compromised mobile devices: 9 Identification of the Trojanized application: • Package name • Version code 9 Phone number 9 IMEI number 9 IMSI number 9 SIM serial number 9 Device model 9 Operating system version 9 Root availability Module 16 Page 2440 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  50. 50. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker m @My Games Do you want to install this application? Allow this application to: ✓ Your m essages receive SMS ✓ m ft N e t w o r k c o m m u n ic a t io n Jull Internet access ✓ Storage modify/delete SO card contents ✓ H a r d w a r e c o n t r o ls take pictures and videos ✓ P h o n e c a lls read ohone state and identity *s ‫«יא‬ »‫מ‬ FIGURE 16.18: Frogonal and Gamex Frogonal Screenshot G am ex Gamex is an Android Trojan that downloads and installs the files on a compromised mobile device. It hides the malicious content inside the file that is to be installed; once it is granted a root access by the device owner, it connects to a command and control (C&C) server to download more applications and to forward the device's IMEI and IMSI numbers. It also establishes a connection to an external link that contains a repackaged APK file, and proceeds to download and install the file. *m e 1: 1P 2 M 2 Manage a p i a i n plctos Q Bi< 1:2 P 8 3 22 M A p ication i f pl no c o m . a n d r o id .g e s t u r e . b u ild e r 32.00KB E x a m p le W a l l p a p e r s 20.00KB S a m p le S o f t K e y b o a r d * 7 36.00KB This application can access the following on your phone: A Storage modify/delete SD card contents A Network communication ful Internet access A Phone calls read phone state and identity FIGURE 16.19: Gamex Screenshot Module 16 Page 2441 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  51. 51. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: KabStamper and M ania K a b S ta m p e r J KabStamper.A is a m alw are distributed via Trojaned CEH M an ia J M ania.A is an SMS-sending m alw are that sends applications that deliver new s and videos on the AKB48 group J out messages with the content "te l" or "quiz" to the number 84242 Malicious code in the m alware is highly destructive; J it destroys im agesfound in th esd card /D C IM Any reply from this number is redirected to an oth er device to prevent user from becoming /cam era fo ld e rth a t stores images taken with the suspicious device's camera J J Eve ry five m inutes, the m alw are checks this folder and modifies a found image by overwriting it with a Mania.A is known for using the trojanization technique, w h ere it is repackaged with another original application in order to dupe victim s predefined image U f f i ]<Li 6:M AM I £ | ce« ^ t 1M *e w a 11pjpen 0 rtflDa*26AM y ! S B 6:2* AM h })• H t*n wujpn ap c H c m n ro .g s re u e o .a d ld e tu .b lld r W m 3*.00KB Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid T rojan: K ab S tam p er a n d M a n ia K a b S ta m p e r KabStamper is an Android Trojan that modifies images found in the target mobile device by overwriting them with a predefined image. It is distributed via Trojanized applications that deliver news and videos about the AKB48 group. It is very destructive and destroys images found in the sdcard/DCIM/camera folder that stores images taken with the device's camera. Module 16 Page 2442 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  52. 52. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker 6 S4 AM 6:54 A M r r- ‫־‬ 704 1 *‫ז 2 י‬KB • • c o m .a n d ro id .g e stu re.b u lld er 3.0a 20 ■ R j 7 E x a m p le W a llp a p e r s S t / 20.00KB S a m p le So ft K e yb o a rd 36.00KB FIGURE 16.20: KabStamper and Mania Kabstamper Screenshot M a n ia Mania is an Android Trojan that pretends to perform license checking to cover up its SMS-sending activities in the background. It is SMS-sending malware that sends out messages with the content "tel" or "quiz" to the number 84242. Any reply from this number is redirected to another device to prevent the device owner from becoming suspicious. While running, Mania appears to be performing license checking, but this process always fails and never seems to be completed. The license checking is a coverup for the SMS sending activities that are taking place in the background. a n e 6:26 A M y b S G 6:28 A M FIGURE 16.21: Mania Screenshot Module 16 Page 2443 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  53. 53. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: PremiumSMS and SmsSpy Sm sSpy P re m iu m S M S Prem iu m SM S.A is a Trojan that reaps profit from J into a secsuite.db It has a configuration file that contains data on recipient numbers Example of the sent messages: SmsSpy.F poses as an Android Security Suite application that records received SM S messages its S M S sending activities th e content of the S M S messages and the CEH J Thism alw aretargetsbankingconsum ers in Spain w here it is spammed via a message indicatingthat an extra Security Protection program that protects the device is availablefor download 1. Number: 1151 f t 8 1 ® 7:14AM Content: 692046 169 BG QCb5T3w 2. Number: 1161 s . * 7 Content: 692046 169 BG QCb5T3w 3. Number: 3381 1 • <1 * f t * q («•< ‫/ §ז‬ &*r.y f t Snlun f e W.K Pho ne & S g Sp rehits ettin * o Content: 692046 169 BG QCb5T3w m Copyrigh t © b y E & C a i n c l . A ll Rights R eserve d. R eproduction is Strictly Prohibited. A ndroid T rojan: Prem ium SM S a n d Sm sSpy P r e m iu m S M S PremiumSMS is an Android Trojan that reaps profit from its SMS-sending activities. It has a configuration file that contains data on the content of the SMS messages and the recipient numbers. Example of send messages: 1. Number: 1151 Content: 692046 169 BG QCb5T3w 2. Number: 1161 Content: 692046 169 BG QCb5T3w 3. Number: 3381 Content: 692046 169 BG QCb5T3w 4. Number: 1005 Content: kutkut clsamg 6758150 5. Number: 5373 Module 16 Page 2444 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  54. 54. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Content: kutkut clsamg 6758150 6. Number: 7250 Content: kutkut clsamg 6758150 Sm sSpy SmsSpy is an Android Trojan that poses as an Android Security Suite application that actually does nothing in ensuring the device's security. However, it records received SMS messages into secsuite.db instead. It targets banking consumers in Spain, posing as an Android Security Suite application. FIGURE 16.22: SmsSpy Screenshot Module 16 Page 2445 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  55. 55. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: DroidLive SMS and UpdtKiller CEH U p d tK ille r D roidLive S M S DroidLive masquerades as a Google Library, J UpdtKiller.A connects to a command and control (C&C) server, w h ere it forw ards users' attempts to utilize Device A dm inistration A PI data to and receives further commands from It attempts to install itself as a device administration app, and is capable of tapping J This m alware is also capable of killing into personal data and performing a mixture of antivirus processes in order to avoid being nefarious activities on android mobile devices detected Text M essa g es i 1 • 4P S A U‫׳‬n(»M S h u td o w n R e c e iv e r ; DroidLive Main A Controller Add » D e vice A d m in ‫י‬ llrowv* O O tO CiHfnnm M iM r ‫י‬ ty Ia*l m Cn o tact* D loolt «v ‫ 8 &ז‬fe SmsMessageReceiver Call P h o n e W a k e L o c k R e c e iv e r N u m b ers DeviceAdmin (P fll W Copyrigh t © b y E f r C o in c l. A ll Rights R eserve d. R eproduction is Strictly Prohibited. Android Trojan: DroidLive SMS and UpdtKiller I | D r o id L iv e S M S DroidLive SMS is an Android Trojan masquerading as a Google Library; it attempts to utilize a device administration API. It attempts to install itself as a device administration app, and is capable of tapping into personal data and performing a mixture of nefarious activities on Android mobile devices. It attempts to disguise itself as a Google library, and receives commands from a Command and Control (C&C) server, allowing it to perform functions including sending text messages to premium numbers, initiating phone calls, and collecting personal data. Module 16 Page 2446 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  56. 56. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Send Text Messages BootReceiver A LiveReceiver DroidLive Main Controller ShutdownReceiver Add Device Admin SmsMessageReceiver V Call Phone Numbers WakeLockReceiver DeviceAdmin FIGURE 16.23: DroidLive SMS and UpdtKiller DroidLive SMS A n d r o i d T r o j a n : U p d t K ille r UpdtKiller is an Android Trojan that terminates processes belonging to antivirus products in order to avoid detection. It connects to a command and control (C&C) server, where it forwards harvested user data to and receives further command from. 7:51 AM •‫־‬ Alarm Clock # & Browser Calculator CameraContacts Dev Tools $!7 5 Gallery 5 Calendar Email P & Gestures Messaging Music Builder B PhoneSettings # ‫־‬E Sparc Parts FIGURE 16.24: UpdtKiller Screenshot Module 16 Page 2447 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  57. 57. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Trojan: FakeToken CEH C«rt1fW4 itfciul ■U ckw FakeToken steals both bankingauthentication factors (Internet password and mTAN) directly from the mobiledevice P erm issio n s Distribution T ech n iq u e s • T h ro u g h p h is h in g e m a ils p re te n d in g t o b e P erm issio n s This application can access th e following on yo u r phone: This application can access the following on your phone: ✓ Your messages receive SM S s e n t b y th e ta r g e te d ban k • receive SMS ✓ Network communication In je c t in g w e b p a g e s fro m in fe c te d full In te rn e t access co m p u te rs , s im u la tin g a fa k e s e c u r ity a p p t h a t p re s u m a b ly a v o id s t h e in te rc e p tio n ‫✓י‬ o f S M S m e s s a g e s b y g e n e r a tin g a u n iq u e ✓ Your messages Your personal information read contact data ✓ Network communication full In te rn et access ✓ Storage m odify/delete SD card contents d ig ita l c e r t ific a te b a s e d o n th e p h on e ■ Storage S n u m b e r o f th e d e v ic e ✓ Phone calls m odify/delete SD card contents • In je c t in g a p h is h in g w e b p a g e th a t r e d ire cts u s e rs t o a w e b s it e p re te n d in g to read phone state and Identity b e a s e c u r ity v e n d o r t h a t o ffe rs th e " e B a n k in g S M S G u a rd " a s p ro te ctio n a g a in s t " S M S m e s s a g e in te rc e p tio n a n d m o b ile P h o n e S IM c a rd c lo n in g " ✓ Phone calls A ✓ Services that cost you money send SM S messages read phone state and Identity ✓ Services that cost you money send SM S messages NEW VERSION Copyrigh t © b y E & C a in c f l. A ll Rights R eserve d. R eproduction is Strictly Prohibited. ^ Android Trojan: FakeToken FakeToken steals both authentication factors (Internet password and mTAN) directly from the mobile device. Distribution Techniques: © Through phishing emails pretending to be sent by the targeted bank © Injecting web pages from infected computers, simulating a fake security app that presumably avoids the interception of SMS messages by generating a unique digital certificate based on the phone number of the device © Injecting a phishing web page that redirects users to a website pretending to be a security vendor that offers the "eBanking SMS Guard" as protection against "SMS message interception and mobile Phone SIM card cloning" Module 16 Page 2448 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  58. 58. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Permissions Permissions This application can access the following on your phone: This application can access the following on your phone: ✓ Your messages receive SMS receive SMS ✓ Network communication full Internet access ✓ Network communication full Internet access ✓ Your personal information read contact data ✓ Storage modify/delete SD card contents ✓ Storage ✓ Phone calls modify/delete SD card contents ✓ Phone calls read phone state and Identity ✓ Services that cost you money send SMS messages V Your messages read phone state and Identity ✓ Services that cost you money send SMS messages NEW VERSION FIGURE 16.25: FakeToken Screenshot Module 16 Page 2449 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  59. 59. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker 1 ■ C o pyrigh t © b y EC-Coind. A ll Rights R e s e r v e d Rep rodu ction is S tric tly Prohibited. |J Securing Android Devices --- Security of Android devices is a major concern as most people at present using these devices as substitutes for computers. Similar to a traditional computer, security is mandatory for Android devices to avoid being infected by a malicious application or data loss. The following are a few key points that help you in securing your Android device: © Enable screen locks for your Android phone for it to be more secure © Never root your Android device © Download apps only from official Android market © Keep your device updated with Google Android antivirus software © Do not directly download Android package files (APK) © Keep updated with the operating system as and when updates arrive © Use free protectors Android apps such as Android Protector. Where you can assign passwords to text messages, mail accounts, etc. © Customize your locked home screen with the user's information Module 16 Page 2450 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  60. 60. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Google Apps Device Policy Google Apps Device Policy app allows Google J CEH This app allows IT ad m inistrato rto enforce Apps dom ain admin to set security policies for security policies and rem otely w ipe your yo ur Android d evice device It is a device adm inistration app for Google J Additionally, this app allows you to ring, lock, Apps for Business, Education, and G overnm ent or locate yo ur Android devices through the acco un tsthat makes your Android d evice more M y Devices page: secure for enterprise use h t t p s : / / w w w . g o o g le . c o m / a p p s / m y d e v ic e s Device .irtnnist'ffd urdef google Domair odrwwstfatof s can sel po1 c*« nrxl reirnlriy wif*• Ihe qooqe ccnVapca/mytfcvces cl 1 changrpauvora c irk tin M Cn*««t not b• gr•*•' than / MM Accourt register<d JrreQistef !his account 80 I ‫ גו‬no Of0#f rnuMOPfl hy your domain xin niitn itw i https://ploy.google.com Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. Google Apps Device Policy Source: https://play.google.com The Google Apps Device Policy app allows a Google Apps domain admin to set security policies for your Android device. It is a device administration app for Google Apps for Business, Education, and Government accounts that makes your Android device more secure for enterprise use. This app allows an IT administrator to enforce security policies and remotely wipe your device. Additionally, this app allows you to ring, lock, or locate your Android devices through the My Devices page: https://www.google.com/apps/mydevices■ Module 16 Page 2451 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  61. 61. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker © Device administered under rpogle I com Dama r administrators can set policies and remotely wipe the device. 91 ocate your device at m & J l m x i . google com/apps/mydevices google.com/apps/mydevices Successfully synced w ‫׳‬th server at Succe! O ‫22ו‬ :‫. ו‬ Unregister this account so it is no Icngcr managed by your domain administrators. uoorgtoxMnpIc.cOTi A Some device details are shared with domain administrators ✓ Successfully synced with server Click 10view •haied < W‫ ♦־‬Mailt t* K Successfully synced with server Dcvicc password must contort numbers. Calary Ncnic Hsidworc ID Successfully sy n ce J with server. ✓ Phone Num b?' Ocvicc OS; Android 4 0.4 Successfully synced with server. Bu»ld Num ber IM /bH M Successfully synced with server. Iasi Sync: kUCAdd’ess Click to change password Lock timeout must not be greaier than 15 minutes. Click to change timeout IVvict• Model 0«vtce IO Click to choogc password Device password must have at least 8 characters Domain administrators can v details about your device ✓ T Mobk 3 08-fl0J4feC9 Kernel version Basftv.no Version IS?SOXXI A? 2012rtWQ316:IS a: Account registered. Domain administrators w il be able to remotely wipe the device Jnregister FIGURE 16.26: Google Apps Device Policy Module 16 Page 2452 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  62. 62. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker ‫נ‬ R em ote W ipe Service: R em ote W ipe CEH (•rtifwd J itkitjl If users h ave G o o g le Syn c installed on a su p p orted m o b ile d ev ice o r an A n d ro id d evice w ith th e G o o g le A p p s D evice P o licy ap p , th e y can use th e G o o g le A p p s control p anel to re m o te ly w ip e th e device To remote wipe a lost or stolen device: Mobile settings O nSM »» ActMton Sign in to your Google Apps control panel. Click Settings ‫ >־־‬M o b ile. In the Devices tab, hover your cursor over the user w hose device you w ant to wipe. Click Rem ote W ip e in the box that appears. A second box appears asking you to confirm that you w ant to remotely wipe the device. Ify o u a r e s u r e y o u r w a n tt o w ipe the device, click W ip e D evice. http://support.google.com Copyrigh t © b y E & C a u a c i. A ll Rights R eserve d. R eproduction is Strictly Prohibited. Remote Wipe Service: Remote Wipe ' Source: http://support.google.com Remote Wipe Service is a feature service that allows you to reset or erase the information in the lost or stolen device. To use this service the device should install Google Sync or Device Policy. This can also delete all the information in the device such as mail, calendar, and contacts, etc. and cannot delete data stored on the device's SD card. When this service completes its task, it prompts the user with a message as acknowledgement to the delete function. To remote wipe a lost or stolen device: 1. Sign in to your Google Apps control panel. 2. Click Settings ‫ >־‬Mobile. 3. On the Devices tab, hover your cursor over the user whose device you want to wipe. 4. Click Remote Wipe in the box that appears. 5. A second box appears asking you to confirm that you want to remotely wipe the device. If you are sure you want to wipe the device, click Wipe Device. Module 16 Page 2453 Ethical Hacking and Countermeasures Copyright © by EC-C0l1nCil All Rights Reserved. Reproduction is Strictly Prohibited.
  63. 63. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Mobile settings P fB » « « |n a » D e v ic e . Se arch □ A a tV rtO T A ! vxr.r, B 'o c k R e m o t) E a p crtA i ‫׳‬ [ D e v ic e ID OS vrrm— )u tr e iir tm ft n n ^ a a liM c o t n □ M t f .X U P m □ A p p L JS S M Q E rro u ? m Zn • o w u n # u * *•os to* tc o «1 □ A d o !..0 K 3 3 N R Bustos Dormxa t» sU » < ■ Prun e 3 G » 10 a w c q < a a o * ttM c o fl 1 * n a o s lt M c o m 6 ‫« ט טו ג. -׳ פ פ‬ kLWSSi □ 3 6 c S 8 7 8 *c 0 □ A 00LB9KA4I La m n e M 0 H ! ‫ם‬ A b 07. . ‫׳‬B W M P H « T L B a c f» l1 « ‫ם‬ A dcK 7 T T A 4 T D o c to r B r o d e ‫ם‬ App! 0 U 0 A 4 T H i ifa a rt O u M n □ Am U E X M I l- . k l r o R . f o d I c A do! JC S A 4 T Ju c q u K R e tm i ‫ם‬ A « IP * 1 A 4 * V ic l a ‫ם‬ Acd ‫ם‬ App! S G X A 4 T EYD 3N S N *m o G o o g le S y n e C o o g le S y n c 11/4/11 A p p ro ve d iO S S G o o g le S y n c 11/4/11 A p p ro ve d G o o g le S y n c 11/4/11 A p proved Phone 7 ■OS 4 2 G o o g le S y n c 11/2/11 Ap oro vod M ann S A n droid 2 3 6 Android 1 0F2*11 A p o ro ve d G o o g le S y n c 10/26/11 A p erovo d IS G o o g le S y n c 10/28/11 A p proved IS G o o g le S y n c 10/20/11 A p proved IS G o o g le S y n c 10/20/11 A p p ro ve d IS G o o g le S y n c 10/20/11 A p proved IS G o o g le S y n c 10/15/11 A p provod ‫ר‬ 1 A. IS G o o g le S y n c 10/18/11 A p provod S u w * iM 1 r« l1 ■ i n — ■ a n a l— n a ta r 0 0 v < « ID 30c6d5d H d t « n lO 86743096675309 F T»t S y n c 4/1(111 9 2 6 P M Last Syn c [ 1 (^ 2 *1 1 2 08 P M B lo c k Ap v d p ro e S 5 O S 4 0 N exus S a M ‫ר‬ IS 1 1 1 ■ S ta tu s ‫* ז ־‬r ‫ר‬am ■ Prun e 3 G * w e m lra K l» * a e o a V * l< o m 3 Laat S y n c . ‫—חזזדר‬ 7 a v e tto m * e a o tlr a lc o a i S n a ro ? iO ,P r o n e 4 On m ouseover hovercards ‫ם‬ ■Phone 3 G » Typ e ‫־5 ־ 5 ס ד ־‬ V ia • D e la t e R e m o te W ip e M cw i 1 Tom C a stro to a K a t U o - - a a o » t r e lc o n ■ Plu n e 3 G e ■OS 4 3 G o o g le S y n c 10/14/11 A p p ro ve d G e r v a s lo M o n to n o p ro e e c v m to m o n • 4 K « t1 M c o m 1 Pro n e 4 i O S 4 .3 G o o g le S y n c 10/13/11 A p p ro ve d C 3cSO Ie 7 a0 § E r ik L O f U lM e t k l o m o t > a la a t f * t c o m O q t«d M T A ndn»d235 Android 1013/11 ‫ם‬ Ad o W Q 8A4T B < w tr f V it n r b o b e a tn n a w b o • a a n tra tc o m ■ Prun e 4 !o s 4 ‫נ‬ G o o g le S y n c 10/8/11 Bocaod P lo f r o M o n o i d p te r ie m e m r d ia lo t t ia lc o e i UqwdM T A n droid 2 3 5 Android 1<y7/11 A p proved S ila s H a s la m s to s lm h m ia a o a t ia t c o n i iP a d 2 ■OS 4 3 G o o g le S y n c 1a6/11‫׳‬ □ 3336 604a6d A 0 P 1 ..Z P D F H W 1 ‫׳‬ ‫ן‬ FIGURE 16.27: Remote Wipe Service Module 16 Page 2454 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  64. 64. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Security Tool: DroidSheep Guard DroidSheep Guard monitors CE H . ^ 1 ‫< ! • ג י ״ יי י‬ * ® * 27.12.2011 20005 your phones ARP-Table and pop-up alerts in case it detects suspicious entries in m - ‫וז מ ח ה‬ the phones ARP-Table It can immediately disable WiFi connection to protect Checks per M inute: 6 0 your accounts DroidSheep Guard works with all ARP-Based attacks, like DroidSheep and Faceniff V ' Auloslart/ stop depending WiFi S O M E O N E S E E M S TO B E HIJACKING USING A R P S P O O F IN G ON THIS NETWORK' V / Disable W iFi on alert Open DroidSheep Guard Notify m system . / mnrfe (MIGHT cause false alerts) ruutious mode 1 lun ‫״‬ W iF i w as H k•!Y ud iiK o 1-‫י‬MC , A h ttp ://d ‫־׳‬o ‫׳‬d s h e e p ' Copyright © by E&Cauaci. All Rights Reserved. Reproduction is Strictly Prohibited. A n d r o i d S e c u r i t y T o o l: D r o i d S h e e p G u a r d Source: http://droidsheep.de DroidSheep Guard monitors your phone's ARP-Table and it warns you by pop-up alerts in case it detects malicious entries. It can instantly disable a Wi-Fi connection to protect your accounts. This can guard against all ARP-based attacks, such as DroidSheep and Faceniff, man-in-middle attacks, handmade attacks, etc. You can use Facebook, eBay, Twitter, and Linkedin accounts on public Wi-Fis securely. Module 16 Page 2455 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  65. 65. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker *SS T < 2: 0 30 0 Status: Running <last check 27 12 2011 20:00 51> 4^^ L ^KTrr ‫־‬ 111 mil Checks per Minute: 60 V '' Autostart/ stop depending WiFi SOMEONE SEEM S TO BE HIJACKING USING ARPSPOOFING ON THIS NETWORK! / Disable WiFi on alert f Notify in system V / Cautious mode (MIGHT cause false alerts) Start protection Stop protection S a / e and hide If* 10 167.21S718 MAC Q?s0f3a>0000 IIP 19 1 # 11 MAC t04t7l to(M1l 2 6 FIGURE 16.28: DroidSheep Guard Screenshot Module 16 Page 2456 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  66. 66. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Vulnerability Scanner: X-Ray CE H X-Ray scans yo ur Android device to determ ine I w h eth er there are vulnerabilities that rem ain ^ | r _ ♦1 ‫י‬ unpatched by yo urcarrier X I ‫׳ ״‬ ‫•<»׳‬ Wunderbar It presents you with a list of vulnerabilities 1 that it is able to identify and allows you to check for the presence of each vulnerability Mcmpodroid Y u (kWtell nXmMlr 1 o! C A jO ASHMEM Uilfr.*,‫ ! ״‬Jjl, ?.'.>. :02 1 on yo ur device ZcrgRuch U1l«.KWrl Jjl, 71^ JtW Gingerbr^nk t M rrvV J m W l y/M V X-Ray is autom atically updated w ith the ability to scan for new vulnerabilitiesas they are discovered and disclosed V‫׳‬ l? 7im *1li4:h |M © ♦ ‫כד־‬ L V‫׳‬ O ‫י ם‬ ____________________ http://w w w .xray.io Copyright © by E&Cauaci. All Rights Reserved. Reproduction is Strictly Prohibited. A ndroid V u ln erab ility S canner: X-Ray Source: http://www.xray.io X-Ray scans your Android device to determine if there are vulnerabilities that remain unpatched by your carrier. It presents you with a list of vulnerabilities that it is able to identify and allows you to check for the occurrence of vulnerabilities on your device. This is automatically updated with the ability to scan for new vulnerabilities as they are discovered and disclosed. X-Ray has detailed information about a class of vulnerabilities known as "privilege escalation" vulnerabilities. Such vulnerabilities can be exploited by a malicious application to gain root privileges on a device and perform actions that would normally be restricted by the Android operating system. FIGURE 16.29: X-Ray Screenshot Module 16 Page 2457 Ethical Hacking and Countermeasures Copyright © by EC-C0l1nCil All Rights Reserved. Reproduction is Strictly Prohibited.
  67. 67. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android Penetration Testing Tool: Android Network Toolkit - Anti CEH On each run, Anti will map yo ur netw o rk, scan for active devices A ‫« ״‬i and vu lnerabilities, and will display the inform ation accordingly: Green led signals an A ctive device, Yellow led signals Available ports, and Red led signals Vulnerability found J Each device will have an icon representing the type of the device J W h en finished scanning, Anti will produce an autom atic report specifying which vulnerabilities you have or bad practices used, and how to fix each one of them http://www.zantiapp.com Copyright © by E&Cauaci. All Rights Reserved. Reproduction is Strictly Prohibited. A n d r o i d P e n e t r a t i o n T e s t i n g T o o l: A n d r o i d N e t w o r k T o o lk it ‫ ־‬A n ti Source: http://www.zantiapp.com Android Network Toolkit ‫ ־‬Anti is an Android penetration testing tool. It is a network scanner that allows you to scan for active devices and vulnerabilities and shows the evidence accordingly: Green signals an "Active device," yellow signals "available ports," and red signals "Vulnerability found.. Each device has an icon representing the type of device. When finished scanning, it produces an automatic report specifying which vulnerabilities you have or bad practices are used, and how to fix each one of them. Module 16 Page 2458 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  68. 68. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker ‫ יי‬t 9 t * IDHQ.3 v 1 4 • IN ▼ 4 ■»« « | f M X L ca Tifjrti o l 1 0 JV 4 00 2 ft■ Sa cr ‫׳‬W •M M ■ •iMI U M M « « M l• R I M M 1■^ J.T 1 ; 10001 w ; ip 10 J 0.0 100 0 2 • • • CnM en i 9 ‫91 ־‬ 100 0 6 «» : mW V 1« !‫׳‬ A 0 • • • • • • 10 s 0 .0 A k ltx ^ • • • FIGURE 16.30: Android Network Toolkit ‫ ־‬Anti Module 16 Page 2459 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  69. 69. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker Android D evice Tracking Tools CEH (•rtifwd ithiul •UtkM ^f|ID 1 75 w Security Settings p r e y Find My Phone Prey Anti-Theft Android Anti Theft Security Wheres My Droid http://findmyphone. mangobird. com http://preyproject.com http://www.5nuko.com http://wheresmydroid. com Total Equipment Pr tection app □ Btctup my ptauw fromQniMvKi o iHound GadgetTrak Mobile Security Total Equipment Protection App AndroidLost.com https://www.ihoundsoftware. com http://www. gadgettrak. com https://protection.sprint, com http ://www. androidlost, com Copyright © by E&Cauaci. All Rights Reserved. Reproduction is Strictly Prohibited. A n d ro id D e v ic e T r a c k i n g T o o ls Android device tracking tools help you to track and find the locations of an Android device in case it is lost, stolen, or misplaced cases. A few Android device tracking tools are listed as follows: F in d M y P h o n e Source: http://findmyphone.mangobird.com Find My Phone is an Android phone app that helps you find your lost, stolen, or misplaced phone. When you lose your phone, just send it a text msg (SMS) and the phone will reply with its current location. You can also make your phone ring loudly if you lose it somewhere close, like inside your home. Module 16 Page 2460 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  70. 70. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker FIGURE 16.31: Find My Phone Screenshot P r e y A n ti- T h e f t Source: http://preyproject.com Prey lets you keep track of your laptop, phone, or tablet if it is stolen or missing. It supports geolocation. It's lightweight, open source software that gives you full and remote control, 24/7. FIGURE 16.32: Prey Anti-Theft Screenshot A n d r o id A n ti- T h e f t S e c u r it y — Source: http://www.snuko.com The Android anti-theft security tool Snuko is anti-theft software that allows you to use it on multiple platforms protecting thousands of PCs, mobile phones, laptops, etc. It offers a complete online back-up solution; as part of the anti-theft package Snuko subscribers' files can be stored safely and securely in the cloud. This can generate important tracking information and security for your data by using its Mobile Dashboard. If the mobile device is lost, then the device is locked to prevent any unauthorized access. If the device's SIM card is replaced without Module 16 Page 2461 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  71. 71. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker your knowledge, the new SIM card number, phone number, and the IMEI/IMSI numbers will be recorded. The phone cannot be used until the correct PIN code is entered. •0 ■ a 1• M. on b|fSf»*r> ANDROID ANTI-THEFT OtvK• location y . m I y • -_‫• ־‬ '* V * # ‫•*-־‬ Accu• ytoiM € r«c««no c hn 0 f to o Ckt1ruf»«orrMrwTVtnjp , cjd n FIGURE 16.33: Android Anti-Theft Security Screenshot W h e r e s M y D r o id Source: http://wheresmydroid.com Where's My Droid is an Android device tracking tool that allows you to track your phone from anywhere, either with a text messaged attention word or with an online Commander. The app can also get the GPS coordinates with a link to Google Maps; if you're not near enough to your phone to hear the ringer, it can turn the ringer volume up and make your phone ring. One of the features is Activity Log, which enables you to see what the app does, when it does it, and who is using it. %!■)< ‫י‬•> ™• FIGURE 16.34: Wheres My Droid Screenshot iH o u n d ----- Source: https://www.ihoundsoftware.com Module 16 Page 2462 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.
  72. 72. Ethical Hacking and Countermeasures Hacking Mobile Platforms Exam 312-50 Certified Ethical Hacker iHound is an Android device tracking tool that allows you to track your mobile using its GPS and WiFi, 3G, or Edge signals built into your devices to determine its location. Using its tracking website, you can track the location of your device, remotely lock your phone, and remotely erase important personal information such as: SMS messages, contacts, phone call logs, photos, videos, and/or SD storage data. You can also set Geofencing location alerts by its intuitive mobile website optimized for iPhone, iPod Touch, and Android phones. You can track multiple devices on multiple platforms and set up Geofences. FIGURE 16.35: iHound Screenshot G a d g e t T r a k M o b ile S e c u r it y Source: http://www.gadgettrak.com GadgetTrak Mobile Security tool helps you to moderate the risk of mobile device loss or theft. It allows you to track its location, back up data, and even wipes the data in the device remotely. With the combination of GPS, Wi-Fi positioning, and cell tower triangulation, you can easily track the location of your device. If your device is lost or stolen, you can remotely enable a piercing alarm, even if it's in silent mode. Once tracking is activated, the software settings cannot be modified unless deactivated. ' B f f f l U l 224 PM I wane to be ab e to wipe my pictures if this Susan s Nexjs One gets stolen I I Backup n y pictures from ths device o F IG U R E 16.36: GadgetTrak M o b ile Secu rity Module 16 Page 2463 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

×