1 / 6

iPhone Hacking for fun and profit

iPhone Hacking for fun and profit. Term Project for CAP 6135 Malware and Software Vulnerability Noah Guilbault and Zachary Neyland. iPhones are Everywhere. Apple has touted that they have sold more than 30 million iPhones.

mahdis
Télécharger la présentation

iPhone Hacking for fun and profit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. iPhone Hacking for fun and profit • Term Project for CAP 6135 Malware and Software Vulnerability • Noah Guilbault and Zachary Neyland

  2. iPhones are Everywhere • Apple has touted that they have sold more than 30 million iPhones. • A significant amount of sensitive personal information is stored on an iPhone. • Usernames, passwords, email, contacts, web cache • The iPhone has proved to be exploitable. • QuickPWN, iFuntastic, www.exploitingiphone.com • YellowSn0w, Redsn0w applications • Provide tethering and remove AT&T carrier

  3. Fuzz testing with the iPhone • Plan on using the iPhone development kit • Create / Port fuzz tester used for assignment 2 to iPhone • Mobile Safari has history of poor url handling • Shell access has previously been obtained using malformed url • Many 3rd party iPhone applications use remote communications or url's as well • Attempt to identify new / known issues on iPhone firmware versions or applications

  4. Pwned iPhones and exploits • Jailbreaking the iPhone is now a point and click operation. • An increasing number of users are Jailbreaking the iPhone for additional capabilities • Attempt to port the Assignment 1 example to the iPhone to determine the feasibility of obtaining shell access to jailbroken iPhone • Additionally, perform fuzz testing on jailbroken iPhone applications to locate potential flaws.

  5. A Community of Hackers & Why • The iPhone Dev Team is a community of iPhone Hackers • Currently developing an AppStore for jailbroken iPhones • Enabled extend functionality beyond intended capabilities • Tethering, non At&T carriers, speciality applications • Allows applications that Apple's AppStore will not distribute.

  6. Identified Resources • Apple's iPhone Developer's Program • http://developer.apple.com/iphone/program/ • Exploiting the iPhone • http://content.securityevaluators.com/iphone/ • Iphone Hacks • http://www.iphonehacks.com/ • Iphone Dev Team Blog • http://blog.iphone-dev.org/ • Mobile Malware Attacks and Defense • By Ken Dunham ISBN 1597492981

More Related