HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 85 guests and 2 members online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Mobilearrow Mobile Devices Penetration Testing
EH-Net
May 25, 2012, 11:11:02 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Mobile Devices Penetration Testing  (Read 16468 times)
0 Members and 1 Guest are viewing this topic.
satyr
Newbie
*
Offline Offline

Posts: 41



View Profile
« on: August 17, 2010, 05:22:07 AM »
any pointers on how to do a penetration testing for mobile devices ?

what sorts of things need to be considered security of mobile applications ?

also is there a guidelines for developing secure applications for mobile devices ?

any help in this regards is highly appreciated
Logged
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« Reply #1 on: August 28, 2010, 06:01:53 AM »
There was a really good presentation at Bsides by one of the Intrepidis guys on this. He attacked the protocols, auth mechanisms, and other aspects using a variety of MiTM attacks... Ill see if i can dig it up.

Mallory is gonna be sweet for this.
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
satyr
Newbie
*
Offline Offline

Posts: 41



View Profile
« Reply #2 on: September 23, 2010, 12:46:46 AM »
thanks Smiley

kindly share any information you have on this topic as it would be really helpful
Logged
philocipher
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #3 on: November 12, 2010, 10:51:44 PM »
From what i know it seems like the easiest way to Pen Test a Cell phone or other mobile device is through blue-tooth hacking. I've read stuff about cloning cell phones as well but idk if that falls under the same category.
Logged
Brian Cowen
Newbie
*
Offline Offline

Posts: 4



View Profile
« Reply #4 on: November 29, 2010, 04:18:21 AM »
Hello guys....!
Thank you for your useful information.I like this kind of post which tell us much wander full massage. ...!
Logged
my lead system pro
Agoonie
Full Member
***
Offline Offline

Posts: 142



View Profile
« Reply #5 on: November 29, 2010, 02:07:40 PM »
Hey guys,

I was just wondering, what are people here telling their customers after a pentest of mobile devices?  Should they disable bluetooth all together?  Create complicated 5 pin codes?  Encrypt them if applicable? Add antivirus where applicable?  It just seems like there are so many attack vectors with the mobile devices, it would be hard to nail down a secure way for all customers to use them 24-7.  Not to mention, the browser being vulnerable.  Just curious since I see so many companies now going to IPhones, Ipads, and Androids.  Thanks.
Logged
OSCE, OSCP, OSWP, CISSP, MEH...
T_Bone
Full Member
***
Offline Offline

Posts: 199


View Profile
« Reply #6 on: October 06, 2011, 05:37:04 PM »
Here are some URLs to help start you off:

http://www.mcafee.com/us/resources/white-papers/foundstone/wp-pen-testing-iphone-ipad-apps.pdf

http://www.mcafee.com/us/resources/white-papers/foundstone/wp-pen-testing-android-apps.pdf
Logged
magnologan
Newbie
*
Offline Offline

Posts: 4



View Profile WWW
« Reply #7 on: October 27, 2011, 01:11:31 PM »
Try this too... https://www.owasp.org/index.php/Mobile#tab=For_Security_Testers
Logged
OWASP - www.owasp.org
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.324 seconds with 23 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.