Abstract: “We’ve got Mobile Device Management, BYOD is not a risk for us!” “Our proxy filters all outbound traffic, no one is getting a shell out ever!” Companies are putting a lot of faith in these security mechanisms to stop the threats of mobile devices. In this talk we put those big claims to the test and look at ways to bypass security restrictions on and using mobile devices. For example, we will see if that MDM that claims it can detect rooting/jailbreaking has ever heard of polymorphic code. And that proxy that stops all outbound traffic unless its in the Internet Explorer process authenticated against the domain? Why not just send your shell back to an exploited mobile device in the environment and have it pass the shell out via SMS? Code examples of all the techniques used will be demoed live and released as additions to the author’s Smartphone Pentest Framework.
Georgia Weidman is an experienced penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), NIST 4011, and Offensive Security Certified Professional (OSCP) certifications. Her groundbreaking work in the field of smartphone exploitation has been featured in print and on television including MIT Technology Review, Ars Technica, PC World, Fox News and Global TV Canada. She has presented her research at conferences around the world including Shmoocon, Blackhat, Security Zone, and Bsides. Georgia has delivered highly technical security training at conferences, hacker spaces, and schools to excellent reviews. Building on her experience working in both the public and private sectors, Georgia founded Bulb Security LLC (http://www.bulbsecurity.com), a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to build the Smartphone Pentest Framework(SPF).