Learn about smartphone penetration testing in this conference talk from BSides Las Vegas 2012. Explore the Smartphone Penetration Testing Framework introduced by Georgia Weidman. Discover the security risks associated with smartphones in the workplace, including app vulnerabilities, software bugs, and social engineering techniques. Understand the implications of jailbreaking and examine existing tools for mobile security testing. Dive into the framework's structure, including its console and GUI components. Watch live demonstrations of clientside vulnerabilities, SMS message manipulation, mobile modem exploitation, and local kernel vulnerabilities. Gain insights into command shell access, agent attachment, and SMS-based attacks. Witness GUI demonstrations and learn about future plans for the framework's development.
Overview
Syllabus
Giveaway
Disclaimer
Smartphones in the Workplace
Apps
Software Bugs
Social Engineering
Jailbreaking
Question
Whats out there now
Structure
Framework Console
Framework GUI
Demo
Clientside vulnerabilities
Sending SMS messages
Attaching to a mobile modem
The future of spam
Local kernel vulnerabilities
Command shell
Attaching an agent
Using SMS
Demos
GUI Demo
Future Plans
