Attacking Blackberry For Phun and Profit
Upcoming SlideShare
Loading in...5
×
 

Attacking Blackberry For Phun and Profit

on

  • 2,289 views

 

Statistics

Views

Total Views
2,289
Views on SlideShare
2,287
Embed Views
2

Actions

Likes
0
Downloads
49
Comments
0

1 Embed 2

https://twitter.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Attacking Blackberry For Phun and Profit Attacking Blackberry For Phun and Profit Presentation Transcript

  • Attacking BlackBerry for phun and profit y3dips[et]echo.or.id Sunday, November 8, 2009
  • y3dips • A Bandwidth Hunter ... A Renegade • IT Security fans for more than 7 year • http://google.com/search?q=y3dips Sunday, November 8, 2009
  • BlackBerry • Push Email • Wireless Messaging System • Phone, SMS, Cameras, Browsing Sunday, November 8, 2009
  • BlackBerry • Photos • Emails • Sms • Phone log • Contact Sunday, November 8, 2009
  • BlackBerry • BlackBerry Enterprise Server (BES) • BlackBerry Internet Service (BIS) Sunday, November 8, 2009
  • Diagram http://smartphone.nttdocomo.co.jp/english/blackberrybold/blackberryservice/img/index/dgm_diagram.gif Sunday, November 8, 2009
  • BB Proxy • Attack BES network • Defcon 2006 presented by Jesse D’aguanno • Making a Blackberry Device as a gateway to internal Network Sunday, November 8, 2009
  • Attacking Anatomy Server Apps Server BB User INTERNAL LAN Firewall INTERNET Attacker Sunday, November 8, 2009
  • Attacking Anatomy Server Apps Server BB User INTERNAL LAN Connecting into Attacker Computer Firewall INTERNET Attacker Sunday, November 8, 2009
  • Attacking Anatomy Connecting into App Server Server Apps Server BB User INTERNAL LAN Connecting into Attacker Computer Firewall INTERNET Attacker Sunday, November 8, 2009
  • Attacking Anatomy Connecting into App Server Device as a proxy Server Apps Server BB User INTERNAL LAN Connecting into Attacker Computer Firewall Attacker 0wned Internal Network INTERNET Attacker Sunday, November 8, 2009
  • Our Approach • Attacking Wifi Network • DNS Spoofing • Ssl Tunneling - http://stunnel.org • BlackBag - http://matasano.com Sunday, November 8, 2009
  • DNS Spoofing • Spoof dns entry into router/dns server # echo “133.7.133.7 rcp.ap.blackberry.com” >> /etc/hosts Sunday, November 8, 2009
  • DNS Spoofing Sunday, November 8, 2009
  • Stunnel • Setup 2 SSL connection • SSL Connection from BB device to Attacker machine • SSL Connection from Attacker machine to BB Real Server Sunday, November 8, 2009
  • Stunnel • Setup 2 SSL connection # stunnel -d 443 -r localhost:8888 # stunnel -c -d 8889 -r 216.9.240.88:443 Sunday, November 8, 2009
  • BlackBag • Glue the tunnel back # bkb replug -b localhost:8889@8888 Sunday, November 8, 2009
  • BlackBag Sunday, November 8, 2009
  • Attacking Anatomy search rcp.ap.blackberry.com DNS Server rcp.ap.blackberry.com 216.9.240.88 WIFI RIM Network Attacker - 133.7.133.7 Sunday, November 8, 2009
  • Attacking Anatomy rcp.ap.blackberry.com 133.7.133.7 search rcp.ap.blackberry.com DNS Server rcp.ap.blackberry.com 216.9.240.88 WIFI RIM Network Attacker - 133.7.133.7 Sunday, November 8, 2009
  • Attacking Anatomy rcp.ap.blackberry.com 133.7.133.7 search rcp.ap.blackberry.com DNS Server rcp.ap.blackberry.com 216.9.240.88 Tcp/443 WIFI Tcp/8888 Tcp/443 RIM Network Tcp/8889 Attacker - 133.7.133.7 Sunday, November 8, 2009
  • Viewable Sunday, November 8, 2009
  • Viewable Sunday, November 8, 2009
  • Result Sunday, November 8, 2009
  • Result • Clear Text Sender PIN • Clear Text Recipient PIN • Clear Text Message type • Encrypted Data Sunday, November 8, 2009
  • Impact • Spam? until DDOS • PIN abuse; such as cloning • Blackmail; identity thief, logs • Email and PIN Mapping Sunday, November 8, 2009
  • Next • More Data to analyze (different type) • Attack the Encryption? • Another Infrastructur attacking Scenario Sunday, November 8, 2009
  • Confession Sunday, November 8, 2009
  • Raw Data Sunday, November 8, 2009
  • Mal(Spy)ware • The Most Famous Etisalat Issue • Firmware Update • Reverse by some researcher • 100% Spyware Sunday, November 8, 2009
  • Mal(Spy)ware Sunday, November 8, 2009
  • POC • Provided by Sheran Gunasekera @HITB 2009 • Bugs - Forwarding Emails • PhoneSnoop - Turn your BB into Spy devices • http://chirashi.zensay.com Sunday, November 8, 2009
  • Bugs Sunday, November 8, 2009
  • Summary • 0wned a blackberry with $20 (USD) • Social Engineering rulez! • BlackBerry User awareness Sunday, November 8, 2009
  • Case Stories Sunday, November 8, 2009
  • Case Stories Sunday, November 8, 2009
  • Case Stories Sunday, November 8, 2009
  • Mitigation • Password Your Device • Turn On Firewall • Encrypt your Data/Media Card • Controlling downloded application • Protecting GPS location • Connect to Legitimate Wifi Network Sunday, November 8, 2009
  • References • Attack Surface Analysis of Blackberry Devices - symantec • BlackBerry: Call to Arms, some provided - Ftr & FX of Phenoelit • BlackJaking:0wning the Enterprise via BlackBerry - x30n • Bugs & Kissess: Spying on Blackberry User for Fun - Sheran Gunasekera • Seberapa Amankah Infrastruktur WIFI Blackberry device anda - y3dips & chopstick Sunday, November 8, 2009
  • Greetz • Hermis Consulting • Sheran Gunasekera • staff@echo.or.id • Info Komputer Sunday, November 8, 2009