Embed Size (px)
DESCRIPTION
Penetration Testing Windows Phone Applications Jewel Joy Contents : Windows Phone Overview Approach Application File Structure Tools for Penetration Testing Security Features
Citation preview
Penetration TestingWindows Phone Applications
Jewel Joy
Contents Windows Phone
Overview Approach Application File
Structure Tools for
Penetration Testing
Security Features
Penetration Testing of Windows Phone Applications
Windows Phone Overview
Microsoft’s Own OS Based on Windows 8 Core – ARM Architecture History
The successor to the Windows Mobile OS - 15 Mar 2010 – Windows Phone 7 series announced - 21 Oct 2010 – Windows Phone 7 released - 29 Oct 2012 – Windows Phone 8 released With the
GDR 2 (Amber) & GDR 3 (Black) Updates
Penetration Testing of Windows Phone Applications
Penetration Testing of Windows Phone Applications
OS Features
NTFS file system support BitLocker device encryption Sandboxed applications: Applications run in their own sandboxed
virtual environment UEFI Secure boot: Unified Extensible Firmware Interface (UEFI) is
the successor to the legacy BIOS firmware interface. UEFI relies on the Trusted Platform Module (TPM) 2.0 standard requiring unique keys to be burned into the chip during production to restrict software without correct digital signature to execute.
All Windows Phone 8 binaries must have digital signatures signed by Microsoft to run
Penetration Testing of Windows Phone Applications
Security features Chamber Concept (WP7)
Trusted Computing Base (TCB)▪ Kernel, kernel-mode drivers
- Elevated Rights Chamber (ERC)▪ Services, user-mode drivers
- Standard Rights Chamber (SRC)▪ Pre-installed applications
- Least Privileged Chamber (LPC)▪ Applications from WP store
Penetration Testing of Windows Phone Applications
Chamber Concept (WP8) Trusted Computing Base
(TCB)▪ Kernel, kernel-mode drivers
- Least Privileged Chamber (LPC)
All other software: services, pre-installed apps,
application from WP store
Penetration Testing of Windows Phone Applications
Capabilities
Penetration Testing of Windows Phone Applications
Sandboxing
Testing Approach
Emulator / Windows Phone SDK Unlocked Device
Side Loading Developer Unlock – Free Unlock with 2 Apps Limit Student Unlock – Up to 3 Apps
Limitations Apps from the store cannot be extracted Apps from the store will not work on emulators
Penetration Testing of Windows Phone Applications
Penetration Testing of Windows Phone Applications
Tools Burp Suite WP Power tools .NET Reflector
Penetration Testing of Windows Phone Applications
Application File Structure
► AppManifest.xaml► WMAppManifest.xml
► WMAppManifest.xml
Penetration Testing of Windows Phone Applications
XAP - Headers
Penetration Testing of Windows Phone Applications
File Analysis
Penetration Testing of Windows Phone Applications
Thank You
