17 - Hacking Mobile Platforms Flashcards

1
Q

What are the top ten mobile risks considered by OWASP?

A
  • Improper Platform Usage
  • Insecure Data Storage: Jailbreaking or Rooting bypasses encryption
  • Insecure Communication: Poor handshaking, incorrect SSL versions
  • Insecure Authentication: Weak session management, failing to identify the user
  • Insufficient Cryptography: weak algos or flaws in process
  • Insecure Authorization
  • Client Code Quality: Weaknesses in the code that is running on the device.
  • Code Tampering: Where an attacker can modify code on the device
  • Reverse Engineering: Analyze code of applications on device
  • Extraneous Functionality: sometimes developers hide extra functionality into an app that could be discovered by an attacker
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the different points in a mobile attack that can be exploited?

A
  • The Device: The browser, Phone/SMS, Apps, OS
  • The Network: Wi-Fi, Rogue AP’s, Packet Sniffing, MitM, Session Hijacking, DNS Poisoning, SSLStrip
  • Data Center/CLOUD: Web Server (misconfig, XSS, no input validation), Database (SQL Injection, Privilege escalation, data dumping, OS Command execution)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Once a Mobile is compromised, what types of activities can an attacker do?

A
  • Surveillance
  • Financial
  • Data Theft
  • Botnet Activity
  • Impersonation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the mobile attack vectors and vulnerabilities?

A
  • Vectors:
    • Malware
    • Data Exfiltration
    • Data Tampering
    • Data Loss
  • Vulnerabilities:
    • Malicious Apps in Stores: Insufficient or no vetting of apps
    • Mobile Malware
    • App Sandboxing vulnerabilities
    • Weak device and app encryption
    • OS and App Update Issues
    • Jailbreaking and Rooting
    • Mobile App Vulnerabilities
    • Privacy Issues
    • Weak Data Security
    • Excessive Permissions
    • Weak Communication Security
    • Physical Attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Why is SMiShing (SMS Phishing) effective?

A
  • Mobile users are not conditioned to look out for malicious texts
  • No mainstream mechanism for weeding out spam SMS
  • Most mobile Anti-Virus does not check the SMS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Android OS?

A

A soft environment developed by Google for mobile devices that includes an OS, middleware, and key applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What makes up the Android OS architecture?

A
  • Linux-based
  • System Apps: Most Android apps are written in Java
  • Java API Framework: Offers higher-level services to apps which developers incorporate in their development
    • Activity Manager, Location Manager, Package Manager, Notification Manager, Resource Manager, Telephony Manager
  • Native C/C++ Libraries: Specific to particular hardware. Allows the device to control different types of data.
  • Android Runtime: Includes Core Libraries and Android Runtime (ART)
  • Hardware Abstraction Layer: Acts as an abstraction layer between the hardware and software stack.
  • Linux Kernel: Comprises of low-level device drivers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Android Rooting?

A

Allows users to attain privileged control (root) within Androids subsystem. Enables all the user-installed apps to run privileged commands like removing bloatware, Bluetooth tethering, and install apps on SD. Comes with risks like voiding your warranty, poor performance, malicious performance, bricking the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are some steps to secure your Android Device?

A

Enable screen locks

Never root your device

Only download apps from official Android market

Keep device updated with Google Android AV software

Do not directly download Android package files.

Update OS regularly

Use Android protector that assigns passwords to text messages, mail accounts, etc

Lock apps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the layers of the iOS?

A
  • Cocoa Touch: Contains frameworks that help in building iOS apps
  • Media: Contains graphics, audio, and video technologies
  • Core Services: Contains system services such as Core Foundation and Foundation frameworks
  • Core OS: Contains low-level features on which most other technologies are built
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is “jailbreaking”?

A

The process of installing a modified set of kernel patches that allows users to run 3rd party apps not signed by the OS vendor. Provides root access to the OS and removes sandbox restrictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the different types of jailbreaking?

A
  • Userland Exploit: Allows user-level access
  • iBoot Exploit: Allows user-level and iBoot-level access
  • Bootrom Exploit: Allows user-level and iBoot-level access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the different techniques for Jailbreaking?

A
  • Untethered Jailbreaking: Device will be jailbroken after each reboot without the help of a computer
  • Semi-Tethered Jailbreaking: To use jailbroken addons, user will need to the device with the help of the jailbreaking tool.
  • Tethered Jailbreaking: Device needs assistance of computer in order for it to start up completely and with a patched kernel.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the guidelines for securing iOS devices?

A
  • Use passcode lock
  • Use only secured and protected wifi
  • Do not access web services on compromised network
  • Disable JS and add-ons from web browser
  • Do not store sensitive data on client-side DB
  • Do not open links or attachments from untrusted sources
  • Change default password of iPhones root password
  • Do not jailbreak or root your device if used within enterprise environment
  • Enable jailbreak detection
  • Stay up to date on patches and updates
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Mobile Spyware?

A

A software tool that gives you full access to monitor a victim’s phone. Secretly records all activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the most common features of mobile spyware?

A
  • See call history
  • View Text Messages
  • Web Site History
  • GPS Tracking
17
Q

What is Mobile Device Management (MDM)?

A

Provides platforms for over-the-air or wored distribution of applications, data and config settings for all types of mobile devices. Helps sys admins to deploy and manage software apps across all enterprise devices. Can enforce passcodes, remotely lock device, wipe data, detects jailbreaks, enforce policies, and perform real time monitoring.

18
Q

What is BYOD and what are the benefits?

A

Refers to a policy where an employee uses their own personal device to for workplace activities such as accessing company resources. It can increase productivity, employee satisfaction, work flexibility, and lower costs.

19
Q

What are the risks of BYOD?

A

Sharing confidential data over unsecured network, endpoint security issues, improperly disposing device, support of many different devices, mixing personal and private data, lost or stolen devices, lack or awareness, ability to bypass company policies, infrastructure issues, disgruntled employees.

20
Q

What are the different steps for implementing BYOD Policy?

A
  • Define Requirements: Define the needs of different user segments
  • Select devices of your choice and technology portfolio: Types of devices and tech allowed
  • Develop Policies surrounding usage.
  • Security: Info Security, Operations Security, Transmission Security
  • Support: Support users and issues
21
Q

What are the security guidelines of BYOD?

A
  • Administrator:
    • Secure org’s data centers, educate your employees, make it clear who owns apps and data, use encrypted channel for data transfer, do not allow jailbroken devices, apply session authentication and timeout policy on access gateways.
  • Employee:
    • Use encryption mechanism to store data, maintain clear separation between business and personal data, register devices with a remote locate, update device with latest OS and patches, use AV and DLP solutions, set a strong passcode and change it often, set passwords for apps.
22
Q

What are the general guidelines for Mobile Platform Security?

A
  • Do not load too many apps
  • Perform assessment of app architecture
  • Maintain config control and management
  • Install apps from trusted app stores
  • Securely wipe or delete data disposing of the device
  • Do not share info within GPS-enabled apps unless they are necessary
  • Disable wireless access if not in use
  • Never connect 2 separate networks such as wifi and Bluetooth simultaneously
  • Use passcode
  • Update OS and Apps
  • Enable remote management and remote wipe services
  • Do not allow Rooting or Jailbreaking
  • Encrypt storage
  • Perform periodic backup and synchronization
  • Filter email forwarding barriers
  • Configure app certification rules
  • Harden browser permission rules
  • Design and implement mobile device policies.
23
Q

What are the Mobile Device Security Guidelines for Admins?

A
  • Publish an enterprise policy that specifies acceptable usage
  • Publish an enterprise policy for cloud
  • Enable security measures
  • Specify what levels of app and data access are allowable
  • Specify a session timeout through Access Gateway
  • Specify whether domain password can be cached on device
24
Q

What are SMS Phishing Guidelines?

A
  • Never reply to suspicious SMS
  • Do not click on any links included in SMS
  • Never reply to SMS that requires personal and financial info from you
  • Enable block texts from the internet feature from your provider
  • Never call a number left in a SMS
25
Q

What is Agent Smith Attack?

A

Persuading the victim to install a malicious app designed and published by an attacker. Malicious app replaces legitimate apps.

26
Q

What is Exploiting SS7 vulnerability?

A

Signaling System 7 (SS7) is a communication protocol that allows users to exchange communication through another cellular network. Attackers can exploit and perform MitM.

27
Q

What is the Simjacker attack?

A

takes advnantage of SIM cards S@T browser that is designed to provide a set of instructions.

28
Q

What is Man-in-the-Disk attack?

A

When apps do not incorporate proper security measures against usage of the devices external storage.

29
Q

What is the Spearphone attack?

A

Allows Android apps to record loudspeaker data without any privileges.

30
Q

what is iOS Trustjacking?

A

A vulnerability that can be exploited by an attacker to read messages and emails, ect. Exploiting the iTunes Wi-Fi Sync feature where victim connects to any trusted pc that is already infected by an attacker.