Explore a Black Hat USA 2012 conference talk that delves into the vulnerabilities of Microsoft Exchange's mobile device management policies. Learn how attackers can exploit the protocol for updating these policies to remotely wipe connected devices without authentication. Discover the process of impersonating an Exchange server and sending policy updates through a simple script to erase data on Android and iOS devices. Gain insights into the security implications of Exchange's relationship with mobile clients, including password complexity enforcement, screen timeouts, and remote lockout features. Follow along as the speaker demonstrates proof-of-concept code and discusses potential future developments in this area of mobile security.
Overview
Syllabus
Introduction
Who am I
Laser Tag
Clarification
Story
Client Questions
Do We Need Exchange
Its Too Simple
SSL
Expert opinion
Lets get started
Installing Exchange
Hacking Competition
Provision Command
Service Response
Binary XML
Developing Concept
Structure
Device Encryption
Man in the Middle
Targets
Dance
Request
Policy Push
Demo Time
Python Script
Email
Phone
iPhone
Future Work
Open Source Software
Active Sync
Google Backdoor
Conclusion
Thank you
Taught by
Black Hat
