Vulnerability Development mailing list archives

Re: Exploit code for PalmOS

From: crispin () WIREX COM (Crispin Cowan)
Date: Fri, 16 Jun 2000 23:38:47 -0700


Greg Swallow wrote:

On Thu, 15 Jun 2000, Philip Rowlands wrote:

IIRC, the Palm defaults to "Beam Receive On", in order to receive
electronic address cards, applications etc. It may be possible to
transmit a malformed address card to cause the Palm to crash or lose
data.


Mmmmmmm...infrared virii.  Imagine--a virus that automatically spreads
through the IR port *and* changes the channels on any TV set it has IR
codes for to 666 (or 66 if the TV doesn't have that many channels). Sounds
like fun.  Aren't Furbies IR-capable?


A student taking my security class (Mark Jacobson) did a term project
investigating the vulnerability prospects of IR ports in laptops.  It turns
out to be feasible to attack fun PnP (Plug-n-Play) devices to the IR port ...
like mice.  So someone strolling near your laptop in an airport lobby could
add a mouse to your desktop and start clicking on things :-)  A working
exploit was not completed, but the major barrier was obscurity of device
drivers for the IR port for Windows.

Crispin

--
Crispin Cowan, CTO, WireX Communications, Inc.    http://wirex.com
Free Hardened Linux Distribution:                 http://immunix.org

Current thread:

Re: Exploit code for PalmOS Darren Moffat - Solaris Sustaining Engineering (Jun 15)
- Re: Exploit code for PalmOS Eddie (Jun 15)
- Re: Exploit code for PalmOS Philip Rowlands (Jun 15)
- Re: Exploit code for PalmOS Aviram Jenik (Jun 15)
- <Possible follow-ups>
- Re: Exploit code for PalmOS Oliver Friedrichs (Jun 15)
- Re: Exploit code for PalmOS Greg Swallow (Jun 16)
  - Re: Exploit code for PalmOS Crispin Cowan (Jun 16)
  - Re: Exploit code for PalmOS Blue Boar (Jun 17)