CEH 17- Hacking Mobile Platforms

Everyone interested in hacking mobile. 

But it is illegal to hack a mobile without the permission of the owner. 

Here hacking mobiles, just to bring awareness on mobile hacking and protect yourself.

Before hacking mobiles, first we need to know some basics of mobiles and its working. So let's get started.

Disclaimer: The articles provided on HackWithV is purely for informational and educational purpose only, and for those who are willing and curious to know & learn about Ethical Hacking, Security and Penetration Testing. Anytime the word "Hacking" that is used on this site shall be regarded as Ethical Hacking.

What is Mobile Phone?

  • A mobile phone, cellular phone, cell phone, cellphone or hand phone, sometimes shortened to simply mobile, cell or just phone.
  • It is a portable telephone that can make and receive calls over a radio frequency link while the user is moving within a telephone service area.
  • Mobiles Phone uses operating system like Android OS, iPhone OS / iOS, Windows OS etc.

Mobile Operating System:

  • A mobile operating system is an OS that is specifically designed to run on mobile devices such as mobile phones, smartphones, PDAs, tablet computers and other handheld devices. 
  • Mobile operating systems combine features of a personal computer operating system with other features useful for mobile or handheld use. 


List of Mobile OS:

  1. Android OS
  2. iPhone OS / iOS
  3. BlackBerry OS
  4. Windows Mobile
  5. Palm OS
  6. Symbian OS

1. Android OS: 

  • Android is a mobile operating system developed by Google. 
  • Based on a modified version of the Linux kernel and other open source software and designed primarily for touchscreen mobile devices such as smartphones and tablets. 

Android Architecture: 

  • Android Architecture is implemented in the form of a software stack.
  • Architecture consisting of a Linux kernel, a run-time environment and corresponding libraries, an application framework and a set of applications.

2. iPhone OS (IOS): 

  • iOS is a mobile operating system created and developed by Apple Inc. 
  • It is distributed exclusively for Apple hardware. 
  • It is a proprietary operating system which runs on Apple mobile devices (iPhone, iPad, and iPod touch).

iOS Architecture: 

  • The architecture of iOS is a layered architecture. 
  • At the uppermost level iOS works as an intermediary between the underlying hardware and the applications running on the device. 
  • Apps communicate with the hardware through a collection of well-defined system interfaces instead of directly interacting with hardware. 
  • Interfaces make it simple to write apps that constantly work on devices having various hardware abilities. 

Hacking Mobile Platforms

Basic Terms in Mobile Hacking:

1. Stock ROM: 

  • It is the default ROM (operating system) of an Android Device. 

2. Rooting: 

  • Rooting is the process of allowing users of smartphones, tablets and other devices running the Android mobile operating system to attain privileged control (known as root access) over various Android subsystems. 

3. Lineage OS: 

  • Lineage OS is a free and open-source operating system for smartphones and tablet computers, based on the Android mobile platform. 
  • It is the successor to the custom ROM Cyanogen Mod. 

4. Bricking Mobile: 

  • A device that does not turn on and function normally. 

  • The bricked device cannot be fixed through normal procedures. 

  • Devices are bricked due to overwriting of the Firmware or low-level system software. 

5. Bring Your Own Device (BYOD): 

  • Bring your own device (BYOD) is a business policy that allows employees to bring their mobile devices to their workplace. 

Mobile Platform Vulnerabilities and Risks: 

  • Malicious Apps in Store. 

  • Mobile Malware. 

  • Jail-breaking or Rooting. 

  • Mobile Application Vulnerabilities. 

  • Weak Data Security and App Encryption. 

  • Excessive Permissions. 

  • Weak Communication Security

Hacking Android Device:

1. Hacking Android By using Malicious App Infection. 

  • Dendroid
  • Droid Jack
  • AndroRAT

2. Using Kernel Level Vulnerabilities to Exploit Mobile Devices. 

  • Stage Fright

Mitigations: 

  • Do not directly download Android Package Files from untrusted websites. 
  • Install applications from trusted application stores.
  • Update the operating system regularly.
  • Deploy only trusted third-party applications on iOS devices. 
  • Use iOS devices on a secured and protected WiFi network.
  • Configure ‘Find My iPhone’ and utilize it to wipe a lost or stolen device. 
  • Never root your Android device.
  • Do not load too many applications and avoid auto-upload of photos to social networks.
  • Securely wipe or delete the data disposing of the device.
  • Turn of Bluetooth if it is not necessary.
  • Do not share the information within GPS-enabled apps unless they are necessary.
  • In the case of IT companies, it is important to educate employees in the organization about the BYOD policy. 

Be Aware, Be Secure.

Thank You 🙏

Comments

Post a Comment

Popular posts from this blog

Demo 1- How to Track Location by a Link

Snyk - Ubuntu 20.04 (Linux)

Cracking VNC Password Using Hydra