CEHv6 module 36 hacking mobile phones, PDA and handheld devi

Trang 1

Ethical Hacking and Countermeasures

Version 6

Module XXXVIHacking Mobile Phones, PDA and Handheld Devices

Ethical Hacking and Countermeasures v6

Module XXXVI: Hacking Mobile Phones, PDAs, and Handheld

Devices Exam 312-50

Trang 2

Source: http://news.zdnet.com/

News

Warnings about the Trojan known as “iPhone firmware 1.1.3 prep” or “113 prep” were posted on

the iPhone modification forum that said, “This Trojan on installation displays nothing except the

word “shoes” While uninstalling this application, it wipes the files from the /bin directory.”

According to security vendor Symantec, it also breaks “Erica’s Utilities”, which are a collection of

command-line utilities for the iPhone and overwrites the OpenSSH, an open-source encryption

protocol It is the first Trojan horse seen for the iPhone that seemed to be a trick

According to Symantec, the affected users have to uninstall the Trojan and reinstall the affected

files There is a minimum risk factor for the user as they would have to choose to install the bogus

package, and the site that was hosting those packages has been taken offline Apple warned that

its own updates could break unlocked iPhones running unofficial iPhone software Users should

be careful while downloading the third-party iPhone applications

Trang 3

Module Objective

• Different OS in Mobile Phone

• What Can A Hacker Do

• Vulnerabilities in Mobile Phones

• Mobile Phone Security Tips

• Defending Cell Phones and PDAs against Attack

This module will familiarize you with:

Module Objective

This module will familiarize you with:

 Different OS in Mobile Phones

 What Can an Attacker Do?

 Vulnerabilities in Mobile Phones

 Mobile Phone Security Tips

 Defending Cell Phones and PDAs against Attack

Trang 4

Module Flow

What Can A Hacker Do

BlackBerry

Vulnerabilities in Mobile Phones

PDA

iPod

Viruses

Mobile Phone Security Tips Security Tools

Defending Cell Phones and PDAs against Attack

Mobile: Is It a Breach

to Enterprise Security

Antivirus Different OS in

Mobile Phone

Module Flow

Trang 5

Different OS in Mobile Phone

Palm OS

Windows Mobile

Symbian OS

Linux

 Different OS in Mobile Phone

Advanced mobile phones usually work on any of the following operating systems:

 Symbian OS

 Windows Mobile OS

 Linux OS

 Palm OS

Symbian Operating System:

The Symbian Operating System is an open mobile operating system This OS supports a wide

range of devices that are categorized with different user interfaces

Features:

 Supports multimedia and graphics

 Supports various mobile technologies like CDMA, GSM, GPRS, and so on

 Supports packet-switched networks

Windows Mobile Operating System:

Windows Mobile Operating System is developed by Microsoft Corporation It is an operating

system used in mobile devices and smart phones It acts like a standard platform for PDAs and

cell phones to provide common user interfaces This is a non-component based operating system

Set of applications included in Windows Mobile Operating system are Office Mobile, Internet

Explorer Mobile, Windows Media player Mobile, APIs, and so on

Linux Operating Systems:

This is another important operating system that provides integrated Software Environment to run the Java Applications and Linux applications

Features:

 Open source operating system

 Highly secured

 More flexible

Trang 6

 Provides Internet Access, VoIP, and WiFi

Palm OS

PalmOS is one of the most popular handheld compact operating system designed in the year

1996

Features:

 Users can access email services

 Portable and flexible

 Multitasking and multithreading

Trang 7

Different OS Structure in Mobile

Phone

 Different OS Structure in Mobile Phone

The three different OS structures in mobile phones are shown in the diagram:

Fig: OS Structure in Mobile Phones

Trang 8

Evolution of Mobile Threat

• Connectivity to mobile networks and the Internet

• Symbian installation files (SIS)

Malware propagates on the network by:

Mobile phone operating systems consist of open APIs which may be vulnerable to attack

OS has a number of connectivity mechanisms through which malware can spread

 Evolution of Mobile Threat

Mobile malware is a fast growing threat difficult to detect Among all other malware, mobile

malware can spread more quickly It is expected that the growth of mobile malware will increase

the growth of Internet malware Most individuals and organizations are now depending on mobile

communication A pandemic-level attack can harm millions of mobile users

Smartphones are programmable mobile device running on Symbion, PalmOS, and Windows

mobile operating systems These OS consist of many open APIs, which are vulnerable to attack

OS has a number of connectivity methods, by which the malware can be spread

Reasons for spreading of mobile threats:

 Connectivity to mobile networks and the Internet

The mobile malware has increased at an alarming rate in the past years They all are aimed at

sabotage and financial gain These attacks finally can lead to denial of mobile resources, data theft

or destruction, and fraud

Trang 9

Threats

• Malware propagates across the Internet and infects PCs

• Infected PC can infect a smartphone via:

• IR

• Bluetooth

• Infected smartphone can in turn propagate the malware through wireless LAN to other smartphones

Mobile Malware Propagation:

• Botnets on infected mobile devices wait for instructions from their owner

• After getting instruction to launch DDoS floods, the mobile provider’s core infrastructure may be overwhelmed with a high volume of seemingly legitimate requests

• It results into denial of service, failure in connecting call as well as transmitting data

DDoS Floods:

 Threats

Mobile Malware Propagation:

Mobile malware spreads via the Internet and first infects the PCs; the infected PCs can then infect

smartphones by using:

 IR

 Bluetooth

Malware infected smartphone spreads this malware to another smartphone via Wireless LAN

The mobile malware can infect many mobiles through the MMS, and then this infected device can

spread the malware to another mobile device by using General Radio Packet Service (GPRS)

DDoS Floods:

A collection of bots present in a channel is a botnet It can compromise large numbers of

machines without the intervention of machine owners Botnets consist of a set of compromised

systems that are monitored for specific command infrastructure These bots can pose threats in

terms of denial-of-services attacks, or compromised machines running programs such as Trojans

and worms A botnet owner needs to send an instruction to the botnet present on the mobile

device after infecting it After receiving instruction to launch DDoS floods, the mobile owner’s

core infrastructure is filled with a high volume of seemingly legitimate requests

It results into:

 Denial-of-Service

 Failure in connecting call

 Failure in transmitting data

Trang 10

What Can A Hacker Do

Steal your information:

• Hackers can download addresses and other personal information from your phone

Rob Your Money

• Hacker can transfer money from your account to another account

Spying Access your voice mails Insert the virus

 What Can a Hacker Do?

Attackers can do various things with your mobile phone using spyware and other mobile

malwares Attackers can download addresses and other personal information from your mobile

without your knowledge Some attackers not only extract your information, but also change all your contact numbers Attackers can access your contact book, read messages and mails using

various mobile spywares and also gain access to your calls to listen to your conversations

Attackers insert these viruses and spywares in your mobile using Bluetooth or GPRS Attackers

can access your personal voice mails from your mobile if the password is disabled This virus can

remove all your personal information such as contacts, messages, and mails

Trang 11

Vulnerabilities in Different

Mobile Phones

A format string vulnerability in Research In Motion Ltd.'s BlackBerry 7270

• Allows a remote hacker to disable the phone's calling features

HTC HyTN using AGEPhone is vulnerable to malformed SIP messages sent over wireless LAN connections

• Active calls are disconnected

A buffer overflow vulnerability in Samsung SCH-i730 phones that run SJPhone SIP Clients

• Allows an attacker to disable the phone and slow down the operating system

A Dell Axim running SJPhone SIP soft phones is vulnerable to denial of service attacks

• It can freeze the phone and drain the battery

SDP parsing module of D-Link DPH-540 and DPH-541 Wi-Fi phones

• Allows remote attackers to disable the phone's calling features

 Vulnerabilities in Different Mobile Phones

Source: http://searchmobilecomputing.techtarget.com/

The vulnerabilities in mobile phones are as follows:

 The Research In Motion Ltd.’s BlackBerry 7270 SIP stack has the format string vulnerability An attacker can exploit this vulnerability, which disables the calling feature

in the mobile device

 Samsung SCH-i730 phone that runs SJPhone SIP Clients has the buffer overflow vulnerability; it disables the mobile phone and slows down the operating system

 HTC HyTN using AGEPhone is vulnerable to malformed SIP messages sent over wireless

LAN connections; it disconnects the active calls

 Dell Axim running SJPhone SIP soft phones has the Denial-of-Service attacks

vulnerability, which disables the mobile phone and drains the battery

 SDP parsing module of D-Link DPH-540 and DPH-541 Wi-Fi phones has the

vulnerability, which disables the phone’s calling feature

Trang 12

Malware

Malware allows hackers to access critical and often confidential information which is stored on the device and on the network those devices connect to

Malware can steal contact information, address lists, message logs, and call logs

In some cases, the malware can also be used to issue commands from the device, so hacker can have total control of a smartphone

or mobile phone to make calls and send messages

Malware will spread faster across the mobile network and it is difficult to detect because of complicated virus-writing techniques

Spyware

• Hacker sends an SMS message to the target

• Target opens the message, installing the spyware onto the device

• That spyware, unknown to the victim, takes the SMS messages and forwards them on to the hacker

Process:

Hackers have created mobile spyware, which manipulates SMS messages and allows them to be read by others

 Spyware

Mobile spyware created by the attacker manipulates SMS messages and enables them to be read

by others These are invisible to the user, loads on startup, and forwards SMS messages from the

mobile to its author

Process:

1 Attacker sends an SMS to the target mobile

2 The victim mobile user who is not aware of spyware, opens the message, and installs the

spyware onto the device

3 The spyware then takes the SMS messages consisting of some important information and

forwards them to the attacker

Trang 13

Spyware: SMSSender.A.intd

SymbOS/Htool-SymbOS/Htool-SMSSender.A.intd is a prototype spyware application that targets the Symbian OS

It sends copies of received SMS messages to the spyware author

SymbOS/Htool-SMSSender.A.intd is distributed as source code and in a SIS file named "XaSMS.SIS“

Both the source code and SIS file are included in a RAR archive file named "HackSMS.rar“

It copies the text of the last SMS message received, places it into a new SMS, and forwards the message to the spyware

 SymbOS/Htool-SMSSender.A.intd

Source: http://vil.nai.com/vil/content/v_141087.htm

SymbOS/Htool-SMSSender.A.intd is a prototype spyware application It attempts to send copies

of received SMS messages to the spyware author It is distributed as the source code and in a SIS

file named "XaSMS.SIS" Both the source code and SIS file are included in a RAR archive file

named "HackSMS.rar" The spyware is installed under the name "XaSMS"

SymbOS/Htool-SMSSender.A.intd provides an example for intercepting and forwarding SMS in

the manner of SymbOS/Mobispy.A or SymbOS/Acallno.A This entails copying the text of the last

SMS message received, placing it into a new SMS, and forwarding the message to the spyware

author The spyware copies the text of the last received SMS into a new message in the drafts

folder

It never sends the drafted SMS messages It also starts automatically on reboot

The source code for SymbOS/Htool-SMSSender.A.intd does not include functions for sending

SMS messages to the malware author It also includes unimplemented functions, unused

arguments, and functions that are commented out The author of

SymbOS/Htool-SMSSender.A.intd, though apparently unskilled, believes the source code will be useful to other

malware authors for constructing SMS spyware

Trang 14

SymbOS/MultiDropper.CG is the spyware application that targets the Symbian operating system

for mobile phones It comes bundled with different MultiDropper mobile phone Trojans It

accesses the SMS messages from the mobile phone and copies the log files of incoming and

outgoing call mobile numbers

Trang 15

Best Practices against Malware

Make sure all host systems that you sync your devices have the latest anti-virus protection

Activate Bluetooth when necessary and turn it off when not in use

Do not click on every attachment sent to your PC e-mail inbox, and check all unsolicited messages and software on PDAs and phones with suspicion

 Best Practices against Malware

Source: http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1134324,00.html

Some of the best practices to protect from malware attacks are:

 Ensure that all host systems that your users are syncing their devices to are protected

with current antivirus software

 Disable the Bluetooth in mobile phones, PDAs, luxury automobiles, or other gadgets

when it is not in use

 When Bluetooth accessories are necessary for you, make sure that at least your phone or

PDA, etc is set to discoverable A better practice is to activate Bluetooth when you need it

and turn it off when not in use

 Ensure that there is anti-virus software on your PDA while opening a malicious email as it

may harm your device

 Ensure that the information kept on phones and PDAs should have a backup

Trang 16

Blackberry

Trang 17

Source: http://www.vnunet.com/

News

Experts have issued a security warning that the BlackBerry email devices are vulnerable to

attacks A hacking program, BBProxy, which can be installed by just clicking a link in the

unsuspected message, will open a back channel between the hacker and the victim bypassing the

organization’s security mechanisms As the communication channel between the BlackBerry and

the handheld device is encrypted, the administrator in an organization will use a subway to allow

encrypted communication channel to BlackBerry server within the internal network A malicious

person can make use of this channel in order to remove the confidential information and install

the malware

Trang 18

“Attack vector" links and tricks the users by downloading the malicious software

Blackjacking or Hijacking attacks exploit legal users' BlackBerry devices and replaces them on network with harmful devices

 BlackBerry Attacks

A BlackBerry is a wireless handheld device introduced in 1999 It provides a number of

applications such as pushing e-mail, mobile telephone, text messaging, Internet faxing, web

browsing, and other wireless information services

 The “BlackBerry Attack Toolkit” contains the BBProxy, BBScan, and relevant MetaSploit

patches to exploit the vulnerability of any company’s website

o BBProxy is a security assessment tool running on blackberry devices It used the

device as a proxy between the Internet and the Intranet

 Attack vector is a method used by attackers to trick the user for downloading the

malicious data or software on the device or network server; then attacker extracts the

confidential information from it

 Blackjacking or hijacking attacks exploit BlackBerry devices of legal users and replaces

them with harmful devices

Trang 19

Blackberry Attacks: Blackjacking

Blackjacking : Using the BlackBerry environment to circumvent perimeter defenses and directly attacking hosts on a enterprise networks

BBProxy tool is used to conduct the Blackjacking

Attacker installs BBProxy on user’s blackberry or sends it in email attachment to the targets

Once this tool is activated, it opens a covert channel between hackers and compromised hosts on improperly secured enterprise networks

This channel between the BlackBerry server and handheld device is encrypted and cannot be properly inspected by typical security products

 BlackBerry Attacks: Blackjacking

Blackjacking is a method of hijacking BlackBerry connection Attackers make use of BlackBerry

environment to prevent the security perimeters and attack directly on the host of the network Attackers use BBProxy tool to conduct the Blackjacking It is a security assessment tool that

allows attacker to use BlackBerry devices as a proxy between Internet and Internal network The

attacker installs BBProxy on a user’s BlackBerry or sends it in email attachment to the target

device When this tool is activated, it creates a covert channel between attacker and the hosts of

an unsecured enterprise network This channel is encrypted between the BlackBerry server and

mobile device and it is unable to be identified by the security products

Trang 20

BlackBerry Wireless Security

The BlackBerry Enterprise Solution uses Advanced Encryption Standard (AES) or Data Encryption Standard (Triple-DES) encryption methods to encrypt data in transit

The BlackBerry Enterprise Solution is designed so that data remains encrypted during transit and is not decrypted between the BlackBerry Enterprise Server and the handheld devices

 BlackBerry Wireless Security

The BlackBerry Encryption Security (BES) mechanism meets the US military standards The US government gave the designation 140/2 to BlackBerry, which is permitted to be used by

government agencies and the armed forces

During transit between the BES and BlackBerry, BES ensures that your confidential data is secured by using encryption methods such as the Advanced Encryption Standard (AES) and

Triple Data Encryption Standard (Triple DES)

The BlackBerry Enterprise Solution is designed to encrypt the data during transit and not to

decrypt the data between the BES and the handheld and anywhere outside the corporate firewall

The private keys are created in a secure, two-way authenticated environment The private keys

that are used to access BlackBerry devices remotely are stored in the BlackBerry user’s secure

mailbox (Microsoft Exchange, IBM Lotus, or Novell GroupWise mailbox)

Using the private key (which is available from the user’s mailbox), any data that is sent to

BlackBerry device can be encrypted and sent to the device, where it can be decrypted using the

key available on that device

The MDS (Mobile Data System) service acts like a secure gateway between the wireless networks,

corporate intranets, and the Internet

Trang 21

Fig: BlackBerry Security for Wireless Data

Image Source: http://www.blackberry.com/

Trang 22

BlackBerry Signing Authority

It uses asymmetric private/public key cryptography to validate the authenticity of signature request

It allows external developers to request, receive, and verify the signatures for accessing specified API and data in a secure environment

BlackBerry Signing Authority Tool

Source: http://www.blackberry.com/developers/downloads/signingauthority/?CPID=OTC-devdec14

Through the BlackBerry Signing Authority Tool, developers protect the data and intellectual property of their applications by accessing their sensitive APIs and data through public and private signature keys Using server-side software, administrators select and access their specified APIs and data stores

This tool uses asymmetric private/public key cryptography to validate the authenticity of a signature request It can be configured by an administrator to restrict access to specific APIs and data stores by confining the signing of applications to internal developers

Optionally, the BlackBerry Signing Authority Tool can be configured to allow external developers to request and receive signatures for accessing specified APIs and data As signature requests can be tracked, accepted, or rejected based on the administrator’s decision, the BlackBerry Signing Authority Tool can assist in the monitoring and enforcement systems for license agreements as they relate to APIs and application data which requires -signing by the administrator

The BlackBerry Signing Authority Tool supports all versions of the BlackBerry Java Development Environment (JDE) and applications created for Java-based BlackBerry devices

Trang 23

Countermeasures

Clean the BlackBerry device memory

Protect stored messages on the messaging server

Encrypt application password and storage on the BlackBerry device

Protect storage of user data on a locked Blackberry device

Limit the Password authentication to ten attempts Use AES (Advanced Encryption Standard) technology to secure the storage

of password keeper and password entries on BlackBerry device (e.g

banking passwords and PINs)

 Countermeasures

The countermeasures for the BlackBerry security are as follows:

 Clean the BlackBerry device memory

 Protect the stored messages on the messaging server

 Encrypt the application password and storage on the BlackBerry device

 Protect the storage of the user data on a locked BlackBerry device

 Limit the password authentication to ten attempts

 Use AES (Advanced Encryption Standard) technology to secure the storage of password keeper and password entry on BlackBerry device

Trang 24

Personal Digital Assistant

(PDA)

Trang 25

PDA Security Issues

• Password theft

• Viruses and data corruption

• Data theft through line sniffing

• Theft of the PDA itself

• Mobile code vulnerabilities

• Wireless vulnerabilities

Six different security issues related to PDA:

 PDA Security Issues

The different security issues related to PDA are:

 Viruses and data corruption

 Password stealing

 Information theft by using line sniffing

 Mobile code vulnerabilities

 Wireless vulnerabilities

 Stealing of the PDA itself

The major security issue with the PDA is the theft of the device itself The best precaution to overcome this threat is to secure the data on the device in standalone mode

The second largest security risks related to PDAs are viruses Mobile code vulnerabilities such as Java and ActiveX exploits are also a threat, but it affects only PDAs that perform web surfing

PDAs that use wireless services or wireless ports are also vulnerable to wireless attacks The best solution

to protect PDAs from wireless attacks is to install VPN client on user’s PDA While protecting wireless transmission, the sensitive data being transmitted is also protected Encryption is another solution for PDA to protect data and links that are used to connect to remote systems on the Internet

By giving a secure password, an attacker will be unable to identify the password and/or steal it

Trang 26

After accessing the password, attacker can steal private information

or unleash the malicious code

 ActiveSync Attacks

Windows Mobile Pocket PC and Smartphone are vulnerable to ActiveSync attacks ActiveSync synchronizes Windows-based PDAs and smartphones with desktop computer ActiveSync is connected to

a desktop PC through its cradle It requires a password to be entered A user protects an ActiveSync with

a password and it can be saved on the desktop It allows a user to try an unlimited number of password attempts when they do not get the right password, which opens the gates for the attacker to perform brute-force and dictionary attacks

When the user saves the password on the desktop, the attacker, after gaining the access to the desktop, can access the ActiveSync password also After accessing the password, the attacker can steal private information or unleash malicious code, such as Keylogger or spy software, which reveals all information about the user

Trang 27

HotSync Attack

HotSync is the process of synchronizing information between your Palm handheld device and your desktop PC

Palm devices can be vulnerable because of HotSync features

When HotSync enables to synchronize elements, the Palm

OS opens TCP ports 14237 and 14238 as well as UDP port 14237

Attacker can open connections to these ports and access private information or unleash the malicious code

 Tasks and Notes

While handling the HotSync feature, various viruses, Trojans, and other spyware software can be transmitted from one mobile device to another local desktop device and from there to your network The Palm OS opens TCP port 14237 and 14238 and also UDP port 14237 during the HotSync elements synchronization It means an attacker can open connections to these ports and access private information

or steal malicious code

Trang 28

PDA Virus: Brador

Brador is the first known backdoor for the Pocket PC hand-held devices

When run, the backdoor copies itself to startup folder, mails the IP address of the PDA to the backdoor author, and starts listening commands on a TCP port

The hacker can then connect back to the PDA via TCP port and control the PDA through the backdoor

It runs on ARM-based Pocket PC devices that have Windows Mobile

2003 (Windows CE 4.2) or later

 PDA Virus: Brador

Brador is a virus targeted against mobile devices While running, it copies itself to the startup folder and sends the IP address of the PDA to its author The attacker then starts receiving commands on the TCP port He/she can connect to PDA by using the TCP port and control PDA through backdoor It runs on ARM-based Pocket PC devices, which include Windows Mobile 2003 or later versions

Trang 29

PDA Security Tools: TigerSuite

PDA

TigerSuite PDA includes remote scanning, service detection, penetration testing, and network and file tools such a hex editor, IP subnetter, host collaboration, and remote Trojan scanner

Suite operates from Main Memory or Storage Card, and is compatible with wireless,

IR and LAN Internet and/or network connections

• Hex Editor File Hack

• Service Recognition and Verification

• TigerSim Virtual Server Simulators

• WLAN Scanning with RC Site Query Features:

 TigerSuite PDA

Source: http://www.tigertools.net/tt2kpda.htm

The TigerSuite PDA includes modules for remote scanning, service detection, and penetration testing, plus network and file tools such a hex editor, IP subnetter, host collaboration, and a remote Trojan scanner TigerSuite operates from main memory or storage card, and is compatible with wireless, IR and LAN Internet, and/or network connections

 Service Recognition and Verification

 TigerSim Virtual Server Simulators

 WLAN Scanning with RC Site Query

Trang 30

Trang 31

Security Policies for PDAs

Organizations generally create security policies to protect sensitive data residing on PDAs

End-user behavior policy states that PDAs should not be used for receipt or sending of e-mails with private and sensitive information

By creating end-user behavior security policies, organizations can hold the end-users accountable for security violations

Users can create a policy that requires the synchronization capability (hotsync) to be turned off

 Security Policies for PDAs

Security policies are created by organizations to protect confidential information that resides on PDA For example, a policy that needs a wireless port to be disabled will minimize the risk of sensitive data being transmitted to unauthorized individuals Management can create an end-user behavior policy that specifies that PDAs should not be used for receiving or sending of e-mails with private and sensitive data

If they are found doing so, organizations can hold end-users accountable for violation

If the network used is at risk from PDA viruses and they are not using antivirus software for PDAs, then management can create a policy that involves synchronization capability (hostsysnc) to be turned off

Trang 32

iPod

Trang 33

The iTunes Music Store (also sometimes referred as "iTunes" or "iTMS") is the component

of iTunes through which you can purchase digital music files from within iTunes

Tony Fadell was the first to conceive the iPod, and was later hired by Apple to develop it Apple’s Industrial Design Group designed the later versions of iPods iPods have a simple user interface, and contains a central scroll wheel, which is used to browse songs

The following figure shows various components of an iPod:

Trang 34

Misuse of iPod

iPod's large capacity and ability to connect easily to a computer and transfer data rapidly via USB, makes it potentially more useful in information theft

iPod devices can be used to spread viruses or child pornography, or maintain records for criminal organizations

• Criminals use iPod and all its features in a variety of ways

• Calendar entries may contain dates of crime or other events that are related to crime

• Contact information of conspirators or victims along with photos or other documentation are transferred and stored on iPod

 Misuse of iPod

The iPod’s large storage capacity and rapid data transfer by using USB makes it potentially more useful for attackers The use of iPods in crimes and criminal investigations are known facts Though major threats of an iPod include corporate espionage and data theft, it can be used wherever there is a need to store data

Small size and easy operability of iPods make them suitable for criminal activity Moreover, their popularity as ‘innocent’ media players until now has made them popular among criminals In the past, police had established the connections of iPods and various crimes, and successfully traced the criminals

by iPod investigations

iPods can be hacked or customized using various techniques They can be configured to act like an external booting device, and custom scripts can be written to use iPods in any desired way These help criminals to misuse iPods for various malicious activities such as spreading viruses, maintaining a calendar that relates to date of crime, documents with explicit content, etc

Trang 35

Jailbreaking

Jailbreaking is the process used to unlock the iPhone and iPod touch devices to allow the installation of third-party applications

It can add ringtones or change wallpaper on your iPhone

It opens up your iPhone's file system so that

it can be accessed from your computer

 Jailbreaking

Jailbreaking is the process to unlock the iPhone and iPod touch devices to permit the installation of party applications It can also add ringtones or change wallpaper on iPhone It opens up the file system of iPhone so that it can be accessed from the computer

third-Attackers use different techniques to jailbreak the iPod; after jailbreaking, they can install malicious code

or software, which helps to access the information from the iPod Some tools used for jailbreaking, include:

 iFuntastic

 iDemocracy

 iActivator

 iNdependence

Trang 36

Tool for jailbreaking: iDemocracy

iDemocracy is the iPhone jailbreak and third-party app installation solution for the Windows platform

It installs Installer.app (for 3rd party apps/games), custom ringtones, and SIM unlock

It has new features like free ringtones on firmwares , as well

Features:

 Provides GUI interface and instructions that guides you through every step

 It does all the command-line scripting

 Jailbreaks (gives access to the file system), installs AppTapp Installer.app for third-party apps

 Supports unlocking for any SIM card using the aptly named anySIM.app

Trang 37

Tool for jailbreaking: iActivator

iActivator is a Cocoa-based application for the Mac

iActivator is a graphical interface providing iPhone activation/deactivation tools, and methods for breaking/restoring the jail

 Tool for Jailbreaking: iActivator

Source: http://www.iphone-hacks.com/2007/07/

iActivator is a Cocoa-based application for the Mac It is a graphical interface providing iPhone activation/deactivation tools, and methods for breaking/restoring the jail

Tiêu đề	Hacking mobile phones, PDA and handheld devices
Trường học	EC-Council
Chuyên ngành	Ethical Hacking
Thể loại	module

Định dạng
Số trang	75
Dung lượng	2,87 MB