Events
Friday, June 20th, 8pm: Network/Mobile Sniffing, Protocol Deobfuscation, Reverse Engineering
FREE and open to the public!
Location: Crash Space
10526 Venice Blvd, Culver City CA 90232
Google Map
Samy Kamkar [email] will go over Network/Mobile Sniffing, Protocol Deobfuscation, Reverse Engineering
To go over some of the cross-over, I think what we'll do for this class is go through a real-world and step-by-step walk-through of an encrypted, obfuscated, undocumented protocol on the Android or iOS stack which was NOT open source (source was NOT in Android), yet binaries included in all Android installations (and similarly iOS). From reasons to investigate these funny packets and how I ultimately found Android (and iPhone, and Windows 8 mobile) were sending massive amounts of encrypted, obfuscated GPS/geolocation data and MAC addresses of all networks around you (correlated to GPS) and storing it all, from every single smartphone.
Even when you turned GPS off.
So we'll go over:
- top-down approach of trying to examine something undocumented
- wireless/network sniffing
- mobile sniffing
- packet injection
- man in the middle attacks (SSL and non-SSL)/decrypting SSL connections
- fuzzing
- unknown protocol investigation
By the end you should have a basic understanding of doing this process yourself, have a pretty good toolchain for this type of research, and also be able to use any of these a la carte for useful reasons in the future.
I'll try to use cross-platform software for the most part (OS X [my weapon of choice typically], Loonix and Windows) and provide any tools I've developed to make these easier.
Our google calendar (shown above) is also available HERE!