On 1/12/2012 2:55 PM, Dimitrios Kapsalis wrote:
I'm experimenting with different mobile devices and applications on each.
For the WM6 I have an application whose traffic I'd like to capture
using an HTTP Proxy. How can a proxy be configured for the connection? I
saw one proxy setting in the connections menu but it does not seem to be
working.
Has anyone looked at any applications on the Windows Mobile 6 devices?
You can use Burp as a transparent proxy server. Use Ettercap or
arpspoof to establish a MitM connection between the WM6 device and your
Linux box (Backtrack 5 R1 on a virtual machine is a good start), then
use iptables to send all the HTTP traffic to Burp:
# ettercap -TqM arp:remote /172.16.0.102/ /172.16.0.1/
In this example, 172.16.0.102 is the WM6 device, and 172.16.0.1 is the
default gateway:
# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
Here, all traffic to port 80 is sent to the local system running Burp on
port 8080. This way, you don't have to rely on the crappy proxy
implementation on WM6.
In Burp, make sure you disable proxy intercept (unless you want to
manually forward traffic). Then you'll be able to inspect all the HTTP
activity, and match and replace content on the fly to perform
client-side injection against the WM6 device.
This is something I've been writing up for the new SANS course I'm
working on, SEC575: Mobile Phone and Tablet Security and Ethical
Hacking. The course is going to debut in May in San Diego, and I'm
finishing up the section on exploiting HTTP and HTTPS rendering
functionality on client systems today. More information about the
course is available at http://bit.ly/wCT86U (sans.org).
-Josh
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
