Hacking Backtrak Mobile

1,741 views

Published on

at UII

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,741
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
83
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Hacking Backtrak Mobile

  1. 1. HackingHacking MobileMobile Novizul Evendi FO Techno-OS & T'Lab
  2. 2. Outline ● Introduce ● Bluetooth Hacking ● Internet Conection Hacking ● Remote Hacking ● Backtrak On Phone Hacking
  3. 3. Introduce
  4. 4. Bluetooth Hacking Hacking Bluetooh enabled mobile phones and beyond – Wire replacement technology – Low power – Short range 10m - 100m – 2.4 GHz – 1 Mb/s data rate
  5. 5. Bluetooth Hacking Architecture – Hardware layer ● Radio, Baseband and Link Manager ● Access through Host Controller Interface – Hardware abstraction – Standards for USB and UART – Host protocol stack ● L2CAP, RFCOMM, BNEP, AVDTP etc. – Profile implementations ● Serial Port, Dialup, PAN, HID etc.
  6. 6. Bluetooth Hacking Bluetooth Protocol Stack
  7. 7. Bluetooth Hacking – Trivial OBEX PUSH channel attack ● obexapp (FreeBSD) ● PULL known objects instead of PUSH ● No authentication – IrMC (Specifications for Ir Mobile Communications) ● Infrared Data Association – e.g. telecom/pb.vcf – Ericsson R520m, T39m, T68 – Sony Ericsson T68i, T610, Z1010 – Nokia 6310, 6310i, 8910, 8910i
  8. 8. Bluetooth Hacking – Early adopters abuse 'Name' field to send message – Now more commonly send 'Business Card' with message via OBEX – 'Toothing' - Casual sexual liasons
  9. 9. Bluetooth Hacking HelloMoto – Requires entry in 'Device History' – OBEX PUSH to create entry – Connect RFCOMM to Handsfree or Headset ● No Authentication required ● Full AT command set access – Motorola V80, V5xx, V6xx and E398
  10. 10. Bluetooth Hacking Blooover is performing the BlueBug attack ● Reading phonebooks ● Writing phonebook entries ● Reading/decoding SMS stored on the device (buggy..) ● Setting Call forward (predef. Number) +49 1337 7001 ● Initiating phone call (predef. Number) 0800 2848283 – Not working well on Nokia phones :( but on some T610
  11. 11. Bluetooth Hacking – How come!? ● Various Manufacturers poorly implemented the Bluetooth security mechanisms ● Unpublished services on RFCOMM channels – Not announced via SDP – Connecting to unpublished HS service without pairing! ● Nokia has quite a lot of models (6310, 6310i, 8910,8910i,...) ● Sony Ericsson T86i, T610, ... ● Motorola has similar problems (see HeloMoto)
  12. 12. Internet Conection Hacking ● Bluetooth Dialup (wvdial etc.) ● PAN Sharing internet ● Bluetooth/cable to Wifi ad hoc ● Tethering ● Etc
  13. 13. Remote Hacking ● Remote PC (anyremote, etc) – Get Desktop – Control PC – Etc ● Remote Server (java, sisx, etc) – Putty – FloydSSH – MidpSSH – etc
  14. 14. On Phone Hacking ● Gitbrew has been able to install Backtrack 5 on a rooted Android phone ● By using Debdroid, users run Linux distros built for ARM devices.
  15. 15. :Visit Me at . . .www tlab co id . - .www techno os net End :Contact Me at @ . .karuwak tlab co id = .Ym Novizul karuwak Powerd by T'Lab Technology Open Source Laboratory
  16. 16. Live Demo!!

×