Upload File

ipwn your iphone – wifi edition

14
iPwn your iPhone – WiFi edition Fun with with CVE-2011-0228 @hubert3 [email protected]

Upload: keefer

Post on 06-Feb-2016

57 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

iPwn your iPhone – WiFi edition. Fun with with CVE-2011-0228 @hubert3 [email protected]. Agenda. Brief intro to SSL certs The CVE-2011-0228 vulnerability iSniff Demo. SSL certificate chains. SSL certificate chains. SSL certificate chains. SSL certificate chains. Patch…. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: iPwn your iPhone – WiFi edition

iPwn your iPhone – WiFi edition

Fun with with CVE-2011-0228

@[email protected]

Page 2: iPwn your iPhone – WiFi edition

Agenda

• Brief intro to SSL certs

• The CVE-2011-0228 vulnerability

• iSniff Demo

Page 3: iPwn your iPhone – WiFi edition

SSL certificate chains

Page 4: iPwn your iPhone – WiFi edition

SSL certificate chains

Page 5: iPwn your iPhone – WiFi edition

SSL certificate chains

Page 6: iPwn your iPhone – WiFi edition

SSL certificate chains

Page 7: iPwn your iPhone – WiFi edition

Patch…

Page 8: iPwn your iPhone – WiFi edition

Man-in-the-middle setup

• Linux VM (Debian 6)• Netgear WG111v2 USB WiFi stick• R8187 driver from aircrack-ng

• airbase-ng• dhcpd• iSniff.py

Page 9: iPwn your iPhone – WiFi edition

sslsniff 0.8 AuthorityCertificateManager.cpp

Page 10: iPwn your iPhone – WiFi edition

iSniff.py

Page 11: iPwn your iPhone – WiFi edition

iSniff Demo

Page 12: iPwn your iPhone – WiFi edition

After patch…

Page 13: iPwn your iPhone – WiFi edition
Page 14: iPwn your iPhone – WiFi edition

Resources

• https://github.com/hubert3/iSniff

Airbase-ng wifi setup:

http://adaywithtape.blogspot.com/2009/10/fake-ap-using-airbase-ng.html

Advisories:

• https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt

• http://blog.recurity-labs.com/archives/2011/07/26/cve-2011-0228_ios_certificate_chain_validation_issue_in_handling_of_x_509_certificates/index.html

https://github.com/hubert3/iSniff
https://github.com/hubert3/iSniff
http://adaywithtape.blogspot.com/2009/10/fake-ap-using-airbase-ng.html
http://adaywithtape.blogspot.com/2009/10/fake-ap-using-airbase-ng.html
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-007.txt
http://blog.recurity-labs.com/archives/2011/07/26/cve-2011-0228_ios_certificate_chain_validation_issue_in_handling_of_x_509_certificates/index.html
http://blog.recurity-labs.com/archives/2011/07/26/cve-2011-0228_ios_certificate_chain_validation_issue_in_handling_of_x_509_certificates/index.html
http://blog.recurity-labs.com/archives/2011/07/26/cve-2011-0228_ios_certificate_chain_validation_issue_in_handling_of_x_509_certificates/index.html

Univerzálny rozširovač WiFi Powerline Edition (XAVN2001

WiFi Camera (360eyeS) Installation Manual iPhone … Camera (360eyeS) Installation Manual iPhone IOS Android . iPhone IOS Smart Phone Installation . Wireless WIFI Configuration (with

Bria iPhone Edition User Guide - Amazon Web …counterpath.s3.amazonaws.com/docs/Bria_iPhone_User_Guide...Bria iPhone Edition User Guide1 1 About Bria iPhone EditionBria iPhone Edition

Accuracy of iPhone Locations: A Comparison of Assisted GPS, WiFi

2.0. Apple(R) iPod Series Deivce...iPod touch 8G iPod Classic 160G iPhone iPhone 3GS 16G iPhone 4 16G iPad iPad2 Wifi 16G ... SilverStone NT01 Evolution NT06-E Evolution Thermalright

WIFI RELAY CONTROL BOARD USER MANUAL · 2013. 3. 13. · WIFI RELAY CONTROL BOARD USER MANUAL 2. Open this file on Iphone, because WIFI relay board core module default factory set

Sumpple s620 wifi ip HD video camera for iphone ipad & android

PowerLINE WiFi 1000 Essentials Edition · 2016-02-10 · Edition adapter into your modem or router, then plug in the companion PowerLINE WiFi Essentials Edition access point to an

Iphone AppGuide Russian Edition ( Русская версия)

Data Sheet EX6400v2 Essentials Edition AC1900 WiFi Mesh ......PAGE 3 of 4 AC1900 WiFi Mesh Extender Data Sheet EX6400v2 Essentials Edition Nighthawk® App—Get more from your WiFi

Bria iPhone Edition 3.5.2 User Guide - CounterPath iPhone Edition User Guide 3 2 Configuring 2.1 Getting Ready 1. Once you have installed Bria iPhone Edition, make su re you have set

WiFi Camera (V380) Installation Manual iPhone IOS … Camera (V380) Installation Manual iPhone IOS Android . iPhone IOS Smart Phone Installation . WiFi smart link installation

OpenTouch Conversation for iPhone - al- · PDF fileOpenTouch Conversation for iPhone Manual de Usuario OmniPCX Office Rich Communication Edition user OpenTouch Business Edition and

Bria iPhone & iPad Edition 3.7 Release Notes

kromě iOs v.11 a vyšších verzí a také zařízeních která ...€¦ · Apple iPhone 5s Apple iPad 3 - Wifi Apple iPad mini 2 - wifi Apple iPod Touch 1 Apple iPad Air - wifi

Analysis of a Mixed-Use Urban WiFi Network: When ... · PDF filethe increasingpopularityof laptops and WiFi-capable smart-phones like the Apple iPhone. Yet mesh WiFi networks are

Addendum to The DCS WiFi Companion 1st Edition

AC1200 WiFi Range Extender Essentials Edition Data Sheet · NETGEAR AC1200 WiFi Range Extender Essentials Edition boosts your existing network range, delivering AC dual band WiFi

Bria iPhone Edition Version 2 User Guide - Broadview Networks

Bria iPhone Edition User Guide - CounterPath

Report-IT Enterprise Edition User Manual for iPhone€¦ · 07.01.2019  · Report-IT Enterprise Edition User Manual for iPhone Software Version 3.5.2 Manual Version 3.5.2_20190107

Performance & Use - Englishcdn.cnetcontent.com/a6/6c/a66cffad-6cc3-4753-a474-6db157a99eec.pdf• ®Ultimate connectivity for dual band WiFi devices like iPad and iPhone® AC1600 WiFi

HEMLIGHETERNA SOM MAXAR MOBILEN · Hämta appar Google Play Butik App Store Hämta appar Surfa via wifi ANDROID. Inställningar, Nätverk och internet, Wifi. IPHONE. Inställningar,

Bria iPhone Edition User Guide 2

WIFI Instruc on (For IOS iPhone) Connect with power and light · one iPhone connect with it. You can’t have two Android mobile phones or two iPhone connect with APP meanwhile. 5

Dial91 iPhone User Guide · Dial91 iPhone Edition User Guide 1 About Dial91 iPhone Edition Dial91 iPhone Edition is a SIP-based phone for the Apple iPhone™ mobile digital device,

1A 1B / ANDROID™ WIFI SETUP IPHONE / ANDROID™ ETHERNET SETUP€¦ · 4: 5: Press Wifi Setup Press Next 6: Enter the password for your WiFi network ... Click on Network and then

Accuracy of iPhone Locations: A Comparison of Assisted GPS ... · Accuracy of iPhone Locations: A Comparison of Assisted GPS, WiFi and Cellular Positioning Paul A Zandbergen Department

Bria iPhone Edition User Guide - CounterPath Corporation

Bria iPhone Edition 3.2.1 User Guide - CounterPath · Bria iPhone Edition User Guide 1 1 About Bria iPhone Edition Bria iPhone Edition is a SIP-based phone for the Apple iPhone™

WiFi Camera (NETCAM) Installation Manual iPhone IOS Android

Bria iPhone Edition v3 User Guide - CounterPath · This guide corresponds to Bria iPhone Edition version 3.6.2 Rev 15 March 2016. i Contents ... Bria iPhone Edition is a SIP-based

TIBCO Nimbus Control iPhone Edition · 2012. 7. 3. · Nimbus Control Player - iPhone Edition 7 Nimbus Control iPhone Edition Navigating Storyboards To view a storyboard: 1.On the

iPhone iOS 4 Development Essentials - Xcode 4 Edition · iPhone iOS 4 Development Essentials – Xcode 4 Edition 3 iPhone iOS 4 Development Essentials – Xcode 4 Edition (Revision

WiFi Camera (V380) Installation Manual iPhone IOS …...WiFi smart link installation (with WiFi Network) 1. Open Apple App Store, search, download, and install V380 2. Connect the