Hack6: Mobile Device Hacking

Mobile devices are now an integral part of the company environment and have long been used for more purposes than just making telephone calls. It is now common practice for many employees to use their mobile devices to process e-mails, surf the Internet and transmit a large quantity of often confidential company data. This concentration of interesting data make mobile devices very attractive to hackers.

This seminar is aimed at users who want to better understand security aspects of mobile devices, for example for integration in their own company infrastructure. In addition to management of the devices, critical points of attack will be illustrated. "Hands-on" exercises will also be carried out in order to analyze and show different vulnerabilities whose theoretical principles were formulated beforehand.

Topics

General information

  • Properties of mobile devices
  • Management of mobile devices in the company
  • Mobile device management solutions

Attack techniques

  • Physical attack on the device
  • Hardware hacks
  • Recording of data traffic
  • Man-in-the-middle attacks

Apple iOS

  • Security concept of iOS devices
  • Attacks on apps with a proxy
  • Reverse engineering of apps
  • Runtime manipulation 

Google Android 

  • Security concept of Android
  • Attacks on old and current Android versions
  • Emulation of an Android smartphone
  • Rooting detection and certificate pinning
  • Attacks on services, content providers, etc.
  • Reverse engineering of apps
  • Runtime manipulation

Technical requirements

Principles in Linux

Duration

Two days