 |
| click to enlarge |
Screenshot of Proof of Concept approach with truncated Output of revealed Password
Scientists at the Fraunhofer Institute for Secure Information Technology (SIT) test laboratory in Germany have shown how someone who steals or finds an iPhone or iPad can use existing software to “jailbreak” the device and gain access to the command shell. A secure shell (SSH) server can then be installed to enable them to run their own software on the device. Both procedures can be carried out even if the device is locked.
The attackers can then upload a script to the device to use the device’s own tools to give them access to the keychain, which is Apple’s password management system. The keychain entries can then be downloaded to the attacker’s computer.
The attack is successful because in the current operating system in “i” devices (iOS) large parts of the file system are accessible even if the device is locked, and the cryptographic key is not protected by the passcode.
The demonstration showed the researchers were able to retrieve passwords in the keychain but not in other protection classes. They were able to access and decrypt passwords for Google Mail (as an MS Exchange account), voicemail, virtual private network (VPN), WiFi, some Apps, various MS Exchange accounts and Lightweight Directory Access Protocol (LDAP) accounts.
The researchers said with the SIM card removed from the device they could also access email passwords and access codes for corporate WLANs and VPNs. Having access to email passwords gives the attacker even more passwords since many passwords are reset simply by requesting a reset and providing the email address.
 |
| click to enlarge |
Credit: research paper (see link below)
More information: http://www.sit.fra … 02-80443.pdf
physorg.com
No comments:
Post a Comment