Re: PocketPC exploitation

[dennis () backtrace de]

> > i would like to know if some of you have experience with exploitation of
> > PocketPCs and could give me some ways and tools (debugger...).
> > since some vulns come ( http://www.securityfocus.com/bid/13807 )
> > I know that writing a DLL (Fuser) is quite easy with eVC++ (Embedded),
> > so a "download and execute"-like shellcode could be amazing...
>
> Pointers to begin with :
>
> - Microsoft Embedded Visual C++, with on-target debugging :
http://www.microsoft.com/downloads/details.aspx?FamilyID=1dacdb3d-50d1-41b2-a107-fa75ae960856&displaylang=en
> - Phrack #63 "Hacking Windows CE"
> http://www.phrack.org/phrack/63/p63-0x06_Hacking_WindowsCE.txt
>
> - And the upcoming IDA Pro 4.9 with Windows CE on-target debugging :
> http://www.datarescue.com/idabase/wince/index.htm
>
> Regards,
> - Nicolas RUFF
> Security researcher @ EADS-CCR


Hello Nicolas, hello Jerome, hello list :)

Even an early alpha version of the IDA Windows CE debugger proved
to be *very* useful and had some major advantages over the
Embedded MSVC debugger (single-stepping into subfunctions for instance).
I used IDA and the CE debugger in order to find and verify the
vulnerability mentioned above. Looking forward to 4.9 :-)

Cheers,

Dennis