Learn, hack!

URL

https://media.blackhat.com/us-12/video/us-12-Oi-Windows-Phone-7-Internals-and-Exploitability.mp4

File name

us-12-Oi-Windows-Phone-7-Internals-and-Exploitability.mp4

File size

159.4 MB

MD5

38a77f5bbce0dda76d1c1792a0700395

SHA1

d67b83a0d83d12926a8293f1498e0446aa3b49c8

Windows Phone 7 is a modern mobile operating system developed by Microsoft. This operating system -- based on Windows CE 6 -- protects the system and the user by modern sandbox and secure application model. These security models are veiled and were difficult to uncover but we succeeded to analyze and inspect not well-known Windows Phone 7 security internals by comprehensive reverse engineering. This operating system is properly implemented which makes exploitation and privilege escalation extremely difficult. However, it does not mean exploitation is impossible. Even the sandbox can be breached on some latest Windows Phone 7.5 devices. The first topic is Windows Phone 7 security analysis. In this presentation, I will talk how we analyzed the system and how Windows Phone 7 looks secure/unsecure along with examples. The second topic is customizations by thirt-party vendors. Windows Phone 7-based devices by some vendors have special interfaces for system applications. Some interfaces however makes subverting sandbox easier because of various design/implementation issues such as directory traversal and improper privileged operations. I will talk about this kind of vulnerability along with its countermeasure.