PWN The Phone
SMS messages govern most of the activity on today’s phones. From over the air updates to rich content multimedia messages, SMS is no longer a simple service to deliver small text-only messages. This year’s Black Hat had a large focus on mobile exploits. Zane Lackey and Luis Miras demonstrated how SMS messages are constructed and how you can spoof a message. They also reveal that many of the control services that the mobile carriers use are simply modified SMS messages. By crafting their own messages they were able to push notifications to other mobile phones to spoof having voice mail or even pushing out “software updates.” This is a potentially very dangerous exploit that can cause a mobile phone to run unsafe code from a malicious source. Their testing was done on the GSM network and it is uncertain the same attack would work on a CDMA network. These exploits have been reported to the GSM Alliance. Mobile carriers are now on the watch for this kind of traffic coming through their networks. With the carriers now aware, hopefully a patch will be in the works soon. You can view the contents of the slides from the presentation here.
Zane and Luis showing their findings |
Another large topic was specific exploits for various mobile platforms (iPhone, Windows Mobile, Android) that can lead to DOS (Denial of Service) attacks. Some of these new exploits require no interaction by the user. The scary part is that nothing can really be done by mobile users as the problem exists in the carrier’s backend infrastructure.
Along with the phone specific exploits come a few new frameworks for fuzzing the mobile platforms. Two white papers about new fuzzing frameworks along with examples of exploits for each platform can be found here and here.
I liked it. So much useful material. I read with great interest.
Very much enjoyed this! Well done!