PocketPC exploitation

To: vuln-dev@xxxxxxxxxxxxxxxxx
Subject: PocketPC exploitation
From: "Jose Morales" <mrjoemango2@xxxxxxxxxxx>
Date: Wed, 21 Sep 2005 12:46:39 -0400
Cc: bugtraq@xxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: jose@xxxxxxxxxxxxxxxx

I would like to contribute to the list a paper i just had published thatdiscusses the vulnerabilities of current virus detectors for pocket pc's, itis scary to think that such simplistic detectors are the current state ofthe art for such powerfull devices, it leads one to think that the lessonsof the past have not been learned, feedback on the paper is appreciated andwelcomed, i hope it helps those interested in this area of research feelfree to contact me. I should be presenting the paper at the workshop onsoftware security assesment tools, tactics and metrics in long beachcalifornia in early november in conjunction with the automated softwareengineering conference. the paper can be downloaded at


http://www.cs.fiu.edu/~jmora009/

Jose.


********************************************************************************************
Jose Andre Morales
Computer Specialist
Master of Science in Computer Science, FIU 2004
Email: jose@xxxxxxxxxxxxxxxx
********************************************************************************************



From: Nicolas RUFF <nicolas.ruff@xxxxxxxxx>
To: "Vuln-Dev@Securityfocus. Com" <vuln-dev@xxxxxxxxxxxxxxxxx>
CC: Jerome Athias <jerome.athias@xxxxxxx>
Subject: Re: PocketPC exploitation
Date: Mon, 19 Sep 2005 17:47:14 +0200

> i would like to know if some of you have experience with exploitation of
> PocketPCs and could give me some ways and tools (debugger...).
> since some vulns come ( http://www.securityfocus.com/bid/13807 )
> I know that writing a DLL (Fuser) is quite easy with eVC++ (Embedded),
> so a "download and execute"-like shellcode could be amazing...

Pointers to begin with :

- Microsoft Embedded Visual C++, with on-target debugging :
http://www.microsoft.com/downloads/details.aspx?FamilyID=1dacdb3d-50d1-41b2-a107-fa75ae960856&displaylang=en

- Phrack #63 "Hacking Windows CE"
http://www.phrack.org/phrack/63/p63-0x06_Hacking_WindowsCE.txt

- And the upcoming IDA Pro 4.9 with Windows CE on-target debugging :
http://www.datarescue.com/idabase/wince/index.htm

Regards,
- Nicolas RUFF
Security researcher @ EADS-CCR

Prev by Date: [SNS Advisory No.83] Webmin/Usermin PAM Authentication Bypass Vulnerability
Next by Date: UnixWare 7.1.4 : LibTIFF < 3.72 malformed data code exec
Previous by thread: [SNS Advisory No.83] Webmin/Usermin PAM Authentication Bypass Vulnerability
Next by thread: Re: PocketPC exploitation
Index(es):
- Date
- Thread