1. Hacking Web File Servers for iOS
Bruno Gonçalves de Oliveira
Senior Security Consultant – Trustwave’s SpiderLabs
2. About Me
#whoami
• Bruno Gonçalves de Oliveira
• Senior Security Consultant @ Trustwave’s
SpiderLabs
• MSc Candidate
• Computer Engineer
• Offensive Security
• Talks:
Silver Bullet, THOTCON, SOURCE Boston, Black
Hat DC, SOURCE Barcelona, DEF CON, Hack In
The Box Malaysia, Toorcon, YSTS e H2HC.
Hosted by OWASP & the NYC Chapter
3. INTRO
• Smartphones
– A LOT OF information
– iPhone is VERY popular
• Mobile Applications
– (MOST) Poorly designed
• Old fashion vulnerabilities
Hosted by OWASP & the NYC Chapter
4. What are those apps?
• Designed to provide a storage system to iOS devices.
• Data can be transferred utilizing bluetooth, iTunes
and FTP.
• Easiest way: HTTP protocol.
• They are very popular.
15. • Path Traversal
• WiFi HD Free Path Traversal (CVE-2013-3923)
• FTPDrive Path Traversal (CVE-2013-3922)
• Easy File Manager Path Traversal (CVE-20133921)
You probably want to test the app that you use.
22. How to find vulnerable systems
mDNS Queries
<= mDNS
Watch for iOS
23. • Conclusions
• Mobile Apps (already) are the future.
• Mobile Apps designers still don’t care too
much about security.
• Too many apps, we have to take care.
• Old fashion vulnerabilities still rock.
Notes de l'éditeur
Well, vulnerabilities to compromise data shared/stored
Explain
Take a look on the date
Old vulnerabilities,ios 7, etcetc
After changed the password, the hashes will be stored at /etc/master.passwd and no longer access to the mobile user.