Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exchanging Demands

Black Hat via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a Black Hat USA 2012 conference talk that delves into the vulnerabilities of Microsoft Exchange's mobile device management policies. Learn how attackers can exploit the protocol for updating these policies to remotely wipe connected devices without authentication. Discover the process of impersonating an Exchange server and sending policy updates through a simple script to erase data on Android and iOS devices. Gain insights into the security implications of Exchange's relationship with mobile clients, including password complexity enforcement, screen timeouts, and remote lockout features. Follow along as the speaker demonstrates proof-of-concept code and discusses potential future developments in this area of mobile security.

Syllabus

Introduction
Who am I
Laser Tag
Clarification
Story
Client Questions
Do We Need Exchange
Its Too Simple
SSL
Expert opinion
Lets get started
Installing Exchange
Hacking Competition
Provision Command
Service Response
Binary XML
Developing Concept
Structure
Device Encryption
Man in the Middle
Targets
Dance
Request
Policy Push
Demo Time
Python Script
Email
Phone
iPhone
Future Work
Open Source Software
Active Sync
Google Backdoor
Conclusion
Thank you

Taught by

Black Hat

Reviews

Start your review of Exchanging Demands

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.