Upload File

appsec2013 presentation

23
Hacking Web File Servers for iOS Bruno Gonçalves de Oliveira Senior Security Consultant – Trustwave’s SpiderLabs

Upload: drewz-lin

Post on 14-May-2015

852 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: Appsec2013 presentation

Hacking Web File Servers for iOS

Bruno Gonçalves de Oliveira

Senior Security Consultant – Trustwave’s SpiderLabs

Page 2: Appsec2013 presentation

About Me

#whoami• Bruno Gonçalves de Oliveira• Senior Security Consultant @ Trustwave’s SpiderLabs

• MSc Candidate• Computer Engineer• Offensive Security• Talks:

Silver Bullet, THOTCON, SOURCE Boston, Black Hat DC, SOURCE Barcelona, DEF CON, Hack In The Box Malaysia, Toorcon, YSTS e H2HC.

Hosted by OWASP & the NYC Chapter

Page 3: Appsec2013 presentation

INTRO• Smartphones

– A LOT OF information– iPhone is VERY popular

• Mobile Applications– (MOST) Poorly designed

• Old fashion vulnerabilities

Hosted by OWASP & the NYC Chapter

Page 4: Appsec2013 presentation

What are those apps?

• Designed to provide a storage system to iOS devices.

• Data can be transferred utilizing bluetooth, iTunes and FTP.

• Easiest way: HTTP protocol.

• They are very popular.

Page 5: Appsec2013 presentation

Examples

Page 6: Appsec2013 presentation

Features

• Manage/Storage files

• Create Albums, etc.

• Share Data

Page 7: Appsec2013 presentation

VULNERABILITIES

Page 8: Appsec2013 presentation

• No encryption (SSL):

Page 9: Appsec2013 presentation

• No authentication (by default):

Page 10: Appsec2013 presentation

• (Reflected) XSS

Page 11: Appsec2013 presentation

• (Persistent) XSS

Page 12: Appsec2013 presentation

• (Persistent) XSS

http://www.vulnerability-lab.com/get_content.php?id=932

Page 13: Appsec2013 presentation

• Vulnerability-Lab Advisories:http://www.vulnerability-lab.com/show.php?cat=mobile

Page 14: Appsec2013 presentation

Disclaimer

• Trustwave (me) did this research on March/13 and just now we are disclosing these advisories.

Page 15: Appsec2013 presentation

• Path Traversal

• WiFi HD Free Path Traversal (CVE-2013-3923)• FTPDrive Path Traversal (CVE-2013-3922)• Easy File Manager Path Traversal (CVE-2013-

3921)

You probably want to test the app that you use.

Page 16: Appsec2013 presentation

• Path Traversal (DEMO)

Page 17: Appsec2013 presentation

• Easy File Manager

• Unauthorized Access to File System (CVE-2013-3960)

Page 18: Appsec2013 presentation

• Unauthorized Access to File System (CVE-2013-3960)

Page 19: Appsec2013 presentation

• Getting worst with a jailbroken device.

Page 20: Appsec2013 presentation

• Remote Command Execution: Unauthorized Access to File System (CVE-2013-3960) – Jailbroken Device

Page 21: Appsec2013 presentation

• iOS 7 Security Improvement

Page 22: Appsec2013 presentation

How to find vulnerable systems

<= mDNS Watch for iOS

mDNS Queries

Page 23: Appsec2013 presentation

• Conclusions

• Mobile Apps (already) are the future.• Mobile Apps designers still don’t care too

much about security.• Too many apps, we have to take care.• Old fashion vulnerabilities still rock.


España presentation spain presentation

Presentation Title Presentation Subtitle

Merged Presentation KICC Presentation

Data Presentation Techniques. Data Presentation Techniques Data Presentation Techniques

APPSEC2013 OWASP Testing Guide v4 Alpha

Unit 9 Consumer Arithmetic Presentation 1Buying Presentation 2Hire Purchases Presentation 3Earning Presentation 4Money Exchange Presentation 5Savings Presentation

Coloursquare presentation Corporate Presentation

Presentation on presentation

Presentation Effective Presentation Skills

CRRF Presentation Final Presentation

CVA Accenture Presentation Presentation

Presentation Educ 285 Presentation

3Q 2017 Investor Presentation · Investor Presentation. This presentation, including the accompanying oral presentation (collectively, this “presentation”),does not constitute

Production Presentation VUMS Presentation

Mi presentation presentation

Imeem Presentation Buscomp Presentation

PBS Presentation - Final Presentation

Presentation and presentation skills

PRESENTATION HEADER Presentation Title Placeholder PRESENTATION HEADER Presentation Title Placeholder

BCE Presentation- presentation updated

Investor Presentation...Investor Presentation November 2016 This presentation, including the accompanying oral presentation (collectively, this “presentation”),does not constitute

Presentation on Presentation 1

A Presentation on Presentation

Appsec2013 presentation-dickson final-with_all_final_edits

Presentation skills - Zen presentation

PRESENTATION TITLE PRESENTATION TITLE PRESENTATION …

Appsec2013 assurance tagging-robert martin

Investor Presentation...This presentation

Presentation Title Presentation Title Presentation Title

Information Session Presentation 2015,PowerPoint ......Information Session Presentation 2015,PowerPoint Presentation,Information Session Presentation 2015,PowerPoint Presentation Author

Efficient Presentation Design & Presentation

First Presentation+2nd Presentation

4Q ’17 Earnings Presentation · Earnings Presentation. This presentation, including the accompanying oral presentation (collectively, this “presentation”),does not constitute

Drought presentation presentation

FANATIC WINDSURFING 2017 PRODUCT PRESENTATION · product presentation. range overview. radical wave . product presentation. product presentation. product presentation. wave / freestyle