Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Windows Phone 7 Internals and Exploitability

Type
Paper
Tags
phone
Authors
Tsukasa Ooi
Event
Black Hat USA 2012
Indexed on
Jun 03, 2014
URL
https://media.blackhat.com/bh-us-12/Briefings/Oi/BH_US_12_Oi_Windows_Phone_WP.pdf
File name
BH_US_12_Oi_Windows_Phone_WP.pdf
File size
297.3 KB
MD5
38e74b0b4f249d8ee50260006f2471ac
SHA1
5ff506082406fd8315560645761ea32383463a14

Windows Phone 7 is a modern mobile operating system developed by Microsoft. This operating system -- based on Windows CE 6 -- protects the system and the user by modern sandbox and secure application model. These security models are veiled and were difficult to uncover but we succeeded to analyze and inspect not well-known Windows Phone 7 security internals by comprehensive reverse engineering. This operating system is properly implemented which makes exploitation and privilege escalation extremely difficult. However, it does not mean exploitation is impossible. Even the sandbox can be breached on some latest Windows Phone 7.5 devices. The first topic is Windows Phone 7 security analysis. In this presentation, I will talk how we analyzed the system and how Windows Phone 7 looks secure/unsecure along with examples. The second topic is customizations by thirt-party vendors. Windows Phone 7-based devices by some vendors have special interfaces for system applications. Some interfaces however makes subverting sandbox easier because of various design/implementation issues such as directory traversal and improper privileged operations. I will talk about this kind of vulnerability along with its countermeasure.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.

Statistics

Serving 8165 documents and 530.8 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.

Contribute

To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !