Blackjacking - 0wning the Enterprise via the Blackberry

Presented at Defcon 14 - Las Vegas, NV 2006

Jesse D'Aguanno
jesse [at] praetoriang.net

Abstract:

Research in Motion's Blackberry technology has quickly become the defacto standard for executives and technical personnel alike to maintain unteathered remote access to critical data. Often regarded as inherently secure, most administrators deploy this solution without a full understanding of the technology or risks involved.

This presentation will demonstrate how an attacker could utilize many typical corporate blackberry deployments to directly attack machines on the internal network—behind your perimiter defenses! The tools and source code presented will be available for attendees. Techniques for reducing the risks associated with this technology will also be presented.

Materials:

Presentation Slides Blackberry Attack Toolkit (Including BBProxy)


Download


Download

 

Thank you for your interest!