2010 za con_ross_simpson
TRANSCRIPT
![Page 1: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/1.jpg)
The iPhone Jailbreak
![Page 2: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/2.jpg)
The iPhone Jailbreak
What?
breaking out of the sandbox (Apple's restrictions)
![Page 3: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/3.jpg)
The iPhone Jailbreak
Why?
* 3rd party apps (Cydia)
* full access to filesystem (r00t access)
* 3G tethering
* change default behaviour of system software
![Page 4: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/4.jpg)
The iPhone Jailbreak
How?
* download an application, for your OS version
* use http://www.JailbreakMe.com (PDF exploit)
![Page 5: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/5.jpg)
The iPhone Jailbreak
r00t!
passwords for “root” and “mobile” user accounts are “alpine”...
Change them!
(mobile terminal)
![Page 6: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/6.jpg)
iPhone and WiFi
![Page 7: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/7.jpg)
iPhone and WiFi
eWiFi
* free (in Cydia)
* displays encryption methods on home screen
![Page 8: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/8.jpg)
iPhone and WiFi
eWiFi
* free (in Cydia)
* displays encryption methods on home screen
* easy “auto scan” (time/shake)
![Page 9: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/9.jpg)
iPhone and WiFi
WiFiFoFum
* free (in Cydia)
* no encryption methods on home screen :(
![Page 10: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/10.jpg)
iPhone and WiFi
WiFiFoFum
* free (in Cydia)
* no encryption methods on home screen :(
* displays community-contributed (public) APs
![Page 11: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/11.jpg)
iPhone and WiFi
WiFiFoFum
* free (in Cydia)
* no encryption methods on home screen :(
* displays community-contributed (public) APs
* radar to display locations of APs
![Page 12: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/12.jpg)
iPhone and WiFi
WiFiFoFum
* free (in Cydia)
* no encryption methods on home screen :(
* displays community-contributed (public) APs
* radar to display locations of APs
![Page 13: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/13.jpg)
Packet Capturing
![Page 14: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/14.jpg)
Packet Capturing
tcpdump * free (in Cydia)
* packet analyzer
* http://www.tcpdump.org
![Page 15: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/15.jpg)
Packet Capturing
Pirni * free (in Cydia)
* iPhone network sniffer
* console based
![Page 16: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/16.jpg)
Packet Capturing
Pirni Pro
* $1.99 (in Cydia)
* GUI based
* auto detects gateway
![Page 17: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/17.jpg)
Packet Capturing
Pirni Pro
* free (in Cydia)
* GUI based
* auto detects gateway
* RegEX searching
![Page 18: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/18.jpg)
Man In The Middle Attacks
![Page 19: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/19.jpg)
Man-in-the-Middle attacks
* easily scriptable
* awk+sed+grep = cookies
Pirni + bash
![Page 20: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/20.jpg)
Man-in-the-Middle attacks
* easily scriptable
* awk+sed+grep = cookies
* inject into mobile Safari
* easily scriptable
* awk+sed+grep = cookies
* inject into mobile Safari
Pirni + bash
![Page 21: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/21.jpg)
Packet Capturing
* easily scriptable
* awk+sed+grep = cookies
* inject into mobile Safari
* Profit!
Pirni + bash
![Page 22: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/22.jpg)
Packet Capturing
pirni-derv
* http://code.google.com/p/pirni-derv/
* console based
* sniffs for, and auto-injects, cookies
![Page 23: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/23.jpg)
Packet Capturing
pirni-derv
* http://code.google.com/p/pirni-derv/
* console based
* sniffs for, and auto-injects, cookies
* displays and logs rawtext passwords
![Page 24: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/24.jpg)
Penetration Testing
![Page 25: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/25.jpg)
Penetration Testing
nmap
* free (in Cydia)
* network scanner
![Page 26: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/26.jpg)
Penetration Testing
metasploit * free (in Cydia)
* requires Ruby 1.8.6 (Cydia installs 1.9)
![Page 27: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/27.jpg)
Penetration Testing
S.E.T * install APT 0.7 Strict (Cydia)
* manually install python
* manually install subversion
* svn check out SET
* agree to install “soup”
![Page 28: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/28.jpg)
Penetration Testing
nikto * manually install perl (http://coredev.nl)
* manually install nikto (http://cirt.net/nikto2)
![Page 29: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/29.jpg)
Penetration Testing
aircrack-ng * download + unzip binaries
* lots of broken links/zips
* broken version in Cydia
* no packet capturing
* only cracking
![Page 30: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/30.jpg)
Penetration Testing
PenTBox * free (in Cydia)
* http://www.pentbox.net/
![Page 31: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/31.jpg)
Penetration Testing
THC-Hydra * free (in Cydia)
* network login hacker
![Page 32: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/32.jpg)
Other l33t stuff
![Page 33: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/33.jpg)
Other l33t stuff
TV Out
* free (in Cydia)
* lets you connect your iPhone to a TV
* works with un-official TV Out cables
* multiple output modes / controls (eg: size)
![Page 34: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/34.jpg)
Other l33t stuff
Veency * free (in Cydia)
* VNC server for iPhone
![Page 35: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/35.jpg)
Other l33t stuff
MyWi
* costs $19.99 (in Cydia)
* create an Access Point, sharing 3G (wifi/usb)
* transmit power settings (saves battery / security)
* bypass service provider fees
![Page 36: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/36.jpg)
Other l33t stuff
Fake location
* free (in Cydia)
* fakes your location in selected apps
* choose your location on a map
![Page 37: 2010 za con_ross_simpson](https://reader033.vdocuments.net/reader033/viewer/2022042717/55d2ae0bbb61ebe15e8b47c9/html5/thumbnails/37.jpg)
Other l33t stuff
Fake location
* free (in Cydia)
* fakes your location in selected apps
* choose your location on a map
* steal Foursquare mayorships ;)
* social engineering (Twitter / Facebook Places)