Presentation Title Hacking from the Restroom
Presentation Abstract
One man enters in a company, asks for going to the restroom, from there, he takes his cellphone attacks the systems and got administrator privileges, a new Hollywood movie? Yes, until this presentation. A lot of papers are released showing techniques for hacking smartphones/pdas, if we can hack them, why not hack with them? It’s a fu***** computer!
The increase of softwares for mobile systems (Symbian, Windows Mobile, iPhone OS, Blackberry), increased the chance for making this real and the imagination helps a lot. This presentation has the goal to demonstrate that a smartphone is also swiss knife for hacking and not just for talking, no new attack just a new way for doing that.
Goal
-Making a mobile device as a hacking tool
Why?
-It’s a computer
-Not just hack them, hack with them
-Too many smartphones on market
-low prices
-geek stuffs rules
-Mobile OS much more complex
-symbian rox
-a lot of softwares availables
-too many *mobile*Sotres
-Many conectivity resources
-IR, Bluetooth, WLAN(1), UMTS, HSPDA
-SDKs available for developing
-Symbian (C/C++, Python, other more?
-Discrete
-Hack with no attention
-End-user doesn’t know the power of smartphones
-You can hack besides the iT manager
-Softwares already done (great!)
-Apache + MySQL + PHP
-Python
How? With Demo!
Client-Side Attacks = Apache, SMB + Social Engineer
Server-Side Attacks = Just a shell to attack
Reverse Tunnel = Hacking from the Restroom! ;D
About Bruno Goncalves de Oliveira
Bruno Goncalves de Oliveira currently works as an intrusion analyst at iBLISS (Intelligence Business Logic / Intrusion Security Specialists). With over 9 years of experience developing techniques for attacking systems for profit (fun as well), Bruno has also done analysis in web applications infrastructure and pentest assessments. He has previously spoken at ToorCon X (USA), You Sh0t The Sheriff 2.0/3.0 and H2HC IV (Brazil).