[Pauldotcom] Security Assessment: Mobile Application on Windows Mobile 6
dimitrios at gmail.com
Thu Jan 12 21:13:40 UTC 2012
Thanks for the tips. This is what I was afraid I would have to do next.
I was going to take the approach of using Cain and Abel to perform the
Layer2 attack to pick up the traffic.
Good opportunity to use BT5.
This class sounds very interesting. Too bad it isn't around the Midwest.
On Thu, Jan 12, 2012 at 2:13 PM, Joshua Wright <jwright at hasborg.com> wrote:
> On 1/12/2012 2:55 PM, Dimitrios Kapsalis wrote:
>> I'm experimenting with different mobile devices and applications on each.
>> For the WM6 I have an application whose traffic I'd like to capture
>> using an HTTP Proxy. How can a proxy be configured for the connection? I
>> saw one proxy setting in the connections menu but it does not seem to be
>> Has anyone looked at any applications on the Windows Mobile 6 devices?
> You can use Burp as a transparent proxy server. Use Ettercap or arpspoof
> to establish a MitM connection between the WM6 device and your Linux box
> (Backtrack 5 R1 on a virtual machine is a good start), then use iptables to
> send all the HTTP traffic to Burp:
> # ettercap -TqM arp:remote /172.16.0.102/ /172.16.0.1/
> In this example, 172.16.0.102 is the WM6 device, and 172.16.0.1 is the
> default gateway:
> # iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port
> Here, all traffic to port 80 is sent to the local system running Burp on
> port 8080. This way, you don't have to rely on the crappy proxy
> implementation on WM6.
> In Burp, make sure you disable proxy intercept (unless you want to
> manually forward traffic). Then you'll be able to inspect all the HTTP
> activity, and match and replace content on the fly to perform client-side
> injection against the WM6 device.
> This is something I've been writing up for the new SANS course I'm working
> on, SEC575: Mobile Phone and Tablet Security and Ethical Hacking. The
> course is going to debut in May in San Diego, and I'm finishing up the
> section on exploiting HTTP and HTTPS rendering functionality on client
> systems today. More information about the course is available at
> http://bit.ly/wCT86U (sans.org).
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pauldotcom