[Pauldotcom] Security Assessment: Mobile Application on Windows Mobile 6
jwright at hasborg.com
Mon Jan 16 15:57:42 UTC 2012
Are you successfully getting traffic from the victim through Ettercap?
Press "c" in Ettercap to look at connection information after trying to
browse to a web page with the WM6 device.
I've seen VMware have problems with running MitM attacks. You might try
running it from a native system.
On 1/16/2012 10:27 AM, Dimitrios Kapsalis wrote:
> Having some difficulty setting this up on BT5. Maybe someone can see
> what I am missing.
> My set up is as follows.
> * BT5 running in VMWare
> * WM6 device
> Both devices are in the same network segment.
> The steps I took to configure the set up are:
> 1. Enable IP Forwarding
> $ echo 1 > /proc/sys/net/ipv4/ip_forward
> 2. Set up ip tables rules to forward to port 8888 where my HTTP Proxy is
> listening. Tried multiple different ports and checked to ensure nothing
> is already running on them before settnig up the redirect.
> $ iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT
> --to-port 8888
> 3. Ensure the ip tables command stuck by executing below command.
> Everything looks ok.
> $ iptables -t nat -L -n -v
> 4. Started ettercap in text only mode.
> $ ettercap -TqM arp:remote /<ip of wm6 device>/ /<Gateway IP>/
> 5. Ensured HTTP Proxy was running.
> 6. Ran ettercap plugin to check if the poison was occurring and
> everything check out.
> 7. Tried to browser to a resource using the browser on the device. No
> traffic was redirected to the proxy. Instead it looks like no connection
> was ever established. When checking connections in ettercap, I only see
> connections for DNS on port 53.
> Anything I have missed?
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> Main Web Site: http://pauldotcom.com
More information about the Pauldotcom