Presentation is loading. Please wait.

Presentation is loading. Please wait.

Thessaloniki 28-30 November 2014. Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom.

Published byJeffry Fisher Modified over 9 years ago

Similar presentations

Presentation on theme: "Thessaloniki 28-30 November 2014. Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom."— Presentation transcript:

1 Thessaloniki 28-30 November 2014

2 Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom Cr0w’s Place, DeltaHacker Magazine 1

3 Introduction : Powerful Android devices are our daily companion. They are helping us with every type of task. Why not help us with Penetration Testing and everyday ethical hacking.

4 Why Android? Open Platform Root Access Hardware Reachability Top Specs

5 Prerequisites: Android Device ( duh? ) Root Privileges Full BusyBox Install Some Hardware Knowledge Some Programming Knowledge

6 Disclaimer!

7 Enterprise Solutions Professional-grade applications 2222

8 Zimperium - Introduction Founded on 2010 Mobile Security zANTI Kevin Mitnick joins in 2012 Simone Margaritelli (@evilsocket) joins in 2014 zANTI 2 + zIPS + zConsole

9 Zimperium – zANTI 2 Penetration testing suite Free community edition Innovative capabilities Sync with Zimperiums cloud service https://s3.amazonaws.com/zANTI/zANTI2.apk

10 Demo Let’s see what is all about!

11 Zimperium – zIPS Cloud based service Device specific attacks Network attacks Human based attacks Pop-Up windows

12 Zimperium - zConsole A window into advanced mobile threats Cloud based Online service zANTI and zIPS result demonstration

13 Offensive Security Founded 2006 Backtrack Linux Kali linux in 2013 Kali Linux NetHunter ROM for Android

14 Offensive Security - Kali Linux NetHunter Penetration Testing Custom ROM Nexus Devices 802.11 Wireless Injection USB HID Keyboard attacks - BadUSB MITM attacks

15 Offensive Security - Kali Linux NetHunter

16 Offensive Security – Kali Linux ARM Installation with Linux Deploy app Complete Linux distribution Hardware enchantments SSH or VNC connectivity Build for ARM devices

17 Applications Quality hacking applications from random developers 2222

18 dSploit – Penetration Testing Suite Development stop in 2014 Simone Margaritelli (@evilsocket) Extensive network scanning MITM attacks Exploitation with Metasploit Framework

19 DroidSheep – DroidSheep Guard Simplicity Session hijacking fast and easy Safety from session hijacking with DroidSheep Guard Android ARP-Table monitoring

20 Demo Let’s see what is all about!

21 Shark for Android (Shark for Root) Network traffic sniffer Works on 3G and WiFi Based on tcpdump tool Dump file can be viewed in Wireshark

22 WiFi Protocol Cracking WEP, WPA/WPA2, WPS Cracking 2222

23 Monitor Mode Hardware bcm4329/4330 internal wifi chipset Many external cards over OTG cable (RTL8187 chipset) Kernel Integration

24 Aircrack-NG Suite 802.11 WEP and WPA-PSK key recovery Cross-Platform Variety of attacks GPU implementation Internal or external chipset support Runs in terminal emulators

25 Reaver-GUI for Android Graphic User Interface WPA(2) Key recovery via WPS vulnerability Wide range of chipset support 2-10 hours key recovery Bcmon = companion app

26 Questions?

27 Thank you for listening! http://cr0wsplace.wordpress.com e-mail: cr0wsplace1993 [at] gmail [dot] com YouTube Channel: https://www.youtube.com/channel/Cr0wsPlace DeltaHacker.gr

28

Download ppt "Thessaloniki 28-30 November 2014. Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom."

Similar presentations

Brute Force Attack Against Wi-Fi Protected Setup

Brute Force Attack Against Wi-Fi Protected Setup
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Omni Introduction Page All About Omni and our Products.

Omni Introduction Page All About Omni and our Products.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,

A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Extend Your UFT for Mobile Testing & Monitoring Mobile Add-on For UFT Nov 2014.

Extend Your UFT for Mobile Testing & Monitoring Mobile Add-on For UFT Nov 2014.
 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.
UFCFX5-15-3Mobile Device Development Android Development Environments and Windows.

UFCFX5-15-3Mobile Device Development Android Development Environments and Windows.
Deployment and Configuration Management Solution

Deployment and Configuration Management Solution
Understanding and Managing WebSphere V5

Understanding and Managing WebSphere V5
Romney Bake Brian Peterson Clay Stephens Michael Hatheway.

Romney Bake Brian Peterson Clay Stephens Michael Hatheway.
Linux Deploy This application is open source software for quick and easy installation of the operating system (OS) GNU/Linux on your Android device. The.

Linux Deploy This application is open source software for quick and easy installation of the operating system (OS) GNU/Linux on your Android device. The.
MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University

MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University
SeeTestCloud. End-to-End Suite of Tools for iOS, Android, BlackBerry & Windows Phone Automation tools for 24/7 testing and monitoring Productivity tools.

SeeTestCloud. End-to-End Suite of Tools for iOS, Android, BlackBerry & Windows Phone Automation tools for 24/7 testing and monitoring Productivity tools.
What is PaperCut MF? What is PaperCut MF? What is PaperCut MF?

What is PaperCut MF? What is PaperCut MF? What is PaperCut MF?

Similar presentations

Ads by Google