http://darkreading.com/security/attacks/showArticle.jhtml?articleID=219100135 By Kelly Jackson Higgins DarkReading Aug 05, 2009 It fits behind a coffee machine, inside a desk drawer, or in your pocket, and it doesn't arouse suspicion if you walk into a bank or office tapping away on it -- and that's why a security expert has turned an iPod Touch into a full-blown hacking tool. Thomas Wilhelm, associate professor of information system security at Colorado Technical University, showed attendees at last week's Defcon17 conference in Las Vegas how Apple's seemingly benign iPod Touch can be converted into a portable and stealthy penetration testing or attack tool. He outfitted the iPhone cousin with the popular Metasploit software for exploiting vulnerabilities, as well as password-cracking and Web app hacking applications he was able to easily download onto the device. "Because of its size and ability to connect back to a more robust attack platform, the iPod Touch can go anywhere and get us [penetration testers] into areas where we couldn't before," Wilhelm says. "If I walked into a bank with a laptop, people would be suspicious. If I were to walk in with something like an iPhone, people would accept it. I could hack for hours in a bank or coffee shop, and no one would [suspect]," he says. But like any security tool, this handy and stealthy iPod Touch hacking tool cuts both ways. "I know [the iPod Touch] has been abused, and I know it will be," he says. "But network administrators need to know what the potential threats are." [...] __________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Wed Aug 05 2009 - 23:31:46 PDT
This archive was generated by hypermail 2.2.0 : Wed Aug 05 2009 - 23:41:32 PDT