TRAINING: TEAM JOCH Presents: Lessons In Mobile Penetration Testing

November 14-15, 2011

Two day Training

CLICK HERE TO REGISTER FOR TRAINING

Abstract
Requirements
Outline
Trainer Bio
Schedule

This class is designed to provide students with an introduction to penetration testing, reverse engineering, and exploitation on modern mobile platforms. The instructors will cover the security architecture of popular mobile platforms and mobile applications, investigate their weaknesses and vulnerabilities, and give students hands-on experience in analyzing and attacking them. Through lectures and interactive labs, students will walk away armed with the foundational knowledge needed to discover, identify, and exploit vulnerabilities on mobile platforms such as Android, iOS, and Blackberry.

On day one, students will be brought up to speed with penetration testing on mobile platforms, exploring the differences and similarities between mobile and conventional pentesting. Students will be introduced to dynamic and static analysis tools and techniques for gaining the information necessary to reverse engineer, discover vulnerabilities, and plan their attacks against Android, iOS, or BlackBerry applications.

On day two, we'll dive a bit further into practical bug hunting, reverse engineering methods, and exploitation techniques, including replicating case studies from the instructors' experiences in real-world mobile application pentests. Students will also get hands-on experience through several labs including reverse engineering of the top Android security applications, exploiting native code vulnerabilities on the ARM architecture, and developing jailbreak/privilege escalation exploits from scratch and deploying them on real devices.

Requirements:
• Laptop capable of running a VMware Virtual Machine
• Dual core CPU, 2GB+ of RAM recommended
• At least 8GB disk space available
• At least one free USB 2.0 port
• This training course has a strong emphasis on the Android platform, so an actual Android device is recommended, but not strictly required.
• Familiarity with protocol analysers (e.g. Wireshark, tcpdump), man-in-the-middle techniques, and basic reverse engineering concepts (e.g. debuggers, disassemblers)

Outline:

Day 1

1. Introduction
2. Conventional attacks / penetration testing, and why mobile is different
3. Building an attack Methodology
4. Static analysis techniques
1. Tools used
2. How to identify issues for each platform and what to look for
5. Dynamic analysis techniques
1. Runtime issues, artifacts, etc.
2. Network issues, man-in-the-middle
6. Reverse engineering lab (Pt 1.)
   1. Extracting "secrets" and useful data
   2. Patching and rebuilding apps

Day 2

1. Application Auditing
2. Reverse engineering lab (Pt. 2)
1. Reversing advanced protection techniques
2. Deeper bug hunting
3. ARM exploitation lab
4. Native code threats and vulnerabilities
3. Intro to ARM exploitation
1. Exploit mitigation across platforms
2. Real-world vulnerabilities
3. Exploiting a vulnerable mobile app
4. Jailbreak/privilege escalation lab
1. Platform-level vulnerabilities
2. Kernel-level vulnerabilities
3. Writing your own jailbreak
4. Post-exploitation persistence
5. Findings Review

Trainer Bio

Zach Lanier is a Principal Consultant with the Intrepidus Group, specializing in network, mobile, and web application penetration testing. Prior to joining Intrepidus, Zach served as Senior Network Security Analyst at Harvard Business School, and Security Assessment Practice Manager at Rapid7. Zach likes Android, vegan food, and cats (but not as food).

Jon Oberheide is CTO of Duo Security, an Ann Arbor-based startup developing kick-ass two-factor authentication. In his free time, Jon dabbles in kernel exploitation, mobile security, and beer brewing.

Schedule