MOBILE DEVICE PENETRATION TESTING

Service Description

CAG's Mobile Device Penetration Testing offering evaluates the deployment of mobile devices to determine their security posture. This assessment is an offensive look at the security of the mobile device and custom developed applications to gain access to sensitive data.

Our Methodology

As part of this test, CAG will perform the following activities: 

Reconnaissance 
We identify the types of mobile devices used in the target environment and the applications used. We then review security-related configuration settings.

Scanning 
For local mobile device attacks, CAG will identify the wireless networks sought by the mobile device through network probe inspection. CAG will leverage common weak network names that are easy targets to impersonate in an attempt to lure a victim into a hostile network, then identify insecure software components. Finally, CAG will determine if malicious code can be installed and analyze network traffic originating from the device.

Exploitation 
Where possible, CAG will use man-in-the-middle attacks to intercept and inspect network protocols, traffic insertion attacks to deliver client-side exploits to vulnerable devices, or manipulate captured traffic to exploit supporting back-end mobile application servers. If you have physical possession of a device, we will attempt to bypass device passcodes used by physically connecting the device to an attack workstation to root or jailbreak the device, exposing the file system data.

Post-Exploitation 
Following exploitation, CAG will inspect common sensitive data areas on mobile devices for information such as the Notes, SMS and browser history databases. We will look for stored passwords in third-party applications and opportunities to extract saved passwords from keychain storage. If it is within scope, we may consider adding a backdoor to the mobile device and returning to the end-user, giving you remote access to trusted networks. Finally, we will determine if sensitive information can be accessed.

Our Deliverables

In addition to the usual status updates and meetings, CAG will deliver written drafts of the following material:
  • Summary of the attack and results of that activity
  • Summary of your identification and response to attack, if any
  • List of recommendations for improving your mobile device security
REQUEST MEETING