BlackhatUS2012 Georgia at Blackhat Arsenal 2012

Published on August 2nd, 2012 | by NJ Ouchn


Blackhat Arsenal 2012 Releases : Smartphone Pentesting Framework v0.1 in the wild

The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization. We will also show how to use the framework through a command line console, a graphical user interface, and a smartphone based app. Demonstrations of the framework assessing multiple smartphone platforms will be shown. Georgia at Blackhat Arsenal 2012

Georgia at Blackhat Arsenal 2012 during Interview Session

Georgia rocking the Arsenal Floor. Thousand people maybe more 😉

SPF Version 0.1 includes a text based management console, a web based GUI, and a management Android app.

  • SPF Console: The console is a text based Perl program that allows Smartphone Pentest Framework users to perform all the server functionality of SPF.
  • SPF Web based GUI: The GUI is a web based front end for SPF that allows users to perform all the server functionality. It is a set of Perl based webpages.
  • SPF Android App: The SPF Android App allows users to use the mobile modem of the Android smartphone with SPF to send SMS messages, gather information, etc. Users can also perform server functionality directly from Android smartphones using this  application.
  • SPF Android Agent: The SPF Android Agent is one of Smartphone Pentest Framework’s post exploitation options. It is transparent to the user and allows SPF users to perform post exploitation tasks such as privilege escalation, information gathering, and remote control on Android phones with the agent installed. Agents for iPhone and Blackberry platforms are currently in development.


Next ToolsTube with GeW about SPF. Stay Tuned

Tags: , , , , , , ,

About the Author

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"

Back to Top ↑