PaulDotCom mailing list archives
Re: Security Assessment: Mobile Application on Windows Mobile 6
From: Dimitrios Kapsalis <dimitrios () gmail com>
Date: Thu, 12 Jan 2012 15:13:40 -0600
Hi Josh, Thanks for the tips. This is what I was afraid I would have to do next. I was going to take the approach of using Cain and Abel to perform the Layer2 attack to pick up the traffic. Good opportunity to use BT5. This class sounds very interesting. Too bad it isn't around the Midwest. Thanks, Jim On Thu, Jan 12, 2012 at 2:13 PM, Joshua Wright <jwright () hasborg com> wrote:
On 1/12/2012 2:55 PM, Dimitrios Kapsalis wrote:I'm experimenting with different mobile devices and applications on each. For the WM6 I have an application whose traffic I'd like to capture using an HTTP Proxy. How can a proxy be configured for the connection? I saw one proxy setting in the connections menu but it does not seem to be working. Has anyone looked at any applications on the Windows Mobile 6 devices?You can use Burp as a transparent proxy server. Use Ettercap or arpspoof to establish a MitM connection between the WM6 device and your Linux box (Backtrack 5 R1 on a virtual machine is a good start), then use iptables to send all the HTTP traffic to Burp: # ettercap -TqM arp:remote /172.16.0.102/ /172.16.0.1/ In this example, 172.16.0.102 is the WM6 device, and 172.16.0.1 is the default gateway: # iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 Here, all traffic to port 80 is sent to the local system running Burp on port 8080. This way, you don't have to rely on the crappy proxy implementation on WM6. In Burp, make sure you disable proxy intercept (unless you want to manually forward traffic). Then you'll be able to inspect all the HTTP activity, and match and replace content on the fly to perform client-side injection against the WM6 device. This is something I've been writing up for the new SANS course I'm working on, SEC575: Mobile Phone and Tablet Security and Ethical Hacking. The course is going to debut in May in San Diego, and I'm finishing up the section on exploiting HTTP and HTTPS rendering functionality on client systems today. More information about the course is available at http://bit.ly/wCT86U (sans.org). -Josh ______________________________**_________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 12)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Joshua Wright (Jan 12)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 12)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Joshua Wright (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dan King (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 16)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Dimitrios Kapsalis (Jan 12)
- Re: Security Assessment: Mobile Application on Windows Mobile 6 Joshua Wright (Jan 12)