Tag Archives: Computer Forensics

Smart Bombs: Mobile Vulnerability and Exploitation Presentation

1
Filed under Android, Apple, Mobile Applications, Mobile Security, Penetration Testing
Tagged as , , , ,

This week I co-presented “Smart Bombs: Mobile Vulnerability and Exploitation” with John Sawyer and Kevin Johnson at OWASP AppSec DC.  We talked about the some of the current problems facing mobile applications such as flaws found in the OWASP Mobile Top 10 and various privacy issues.  We also talked about how you go about testing mobile applications from the application layer (HTTP) down to the transport layer (TCP) and file system.  I highly recommend you take a look at John’s file system testing methodology as he takes more of a forensic approach which works really well.  The takeaway from the talk is that you need to look at all these areas when testing mobile apps and mobile apps are growing area of concern from a security and privacy perspective.

One update we forgot to mention in the talk is that you should use Mallory, which is a transparent TCP and UDP proxy for testing mobile applications.  This is an excellent tool created by the guys at Intrepidus Group.  We’ve found that some apps will bypass proxy settings and lots of apps are sending data over binary protocols and more.  Mallory is the tool you need for testing any mobile app fully!

The best tool to clone hard drives, is free!

1
Filed under Linux
Tagged as ,

While not a security related post…I thought I would let everyone know about a really good open source hard drive cloning software that I recently discovered when I needed to clone and image multiple Linux systems. It’s called Clonezilla and works just like Symantec Ghost but faster and free.

From the Clonezilla web site:

“Clonezilla, based on DRBL, Partition Image, ntfsclone, and udpcast, allows you to do bare metal backup and recovery. Two types of Clonezilla are available, Clonezilla live and Clonezilla server edition. Clonezilla live is suitable for single machine backup and restore. While Clonezilla server edition is for massive deployment, it can clone many (40 plus!) computers simultaneously. Clonezilla saves and restores only used blocks in the harddisk. This increases the clone efficiency. At the NCHC’s Classroom C, Clonezilla server edition was used to clone 41 computers simultaneously. It took only about 10 minutes to clone a 5.6 GBytes system image to all 41 computers via multicasting!”

Yeah, it’s fast alright! I have been using the Clonezilla Live to image hard drives and it has been working great. You can also run it off of a USB thumb drive if you are so inclined. So, don’t fork over $$ to that evil empire called “Symantec”…give Clonezilla a try if you want to clone a drive or multiple drives. :-)

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • Digg
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS