The Evildroid presented at BsideSLisbon 2013

by Renato Rodrigues, Leandro Braguês,

Summary : Smartphones are an increasingly important part of everyday life, delivering personalized services and generating information. This enormous potential is inevitably qualified by a wide variety of challenges.This talk will look specifically at the potential of using an Android within an infrastructure such as a company or a campus. It will focus on the kind of information that can be gathered from a mobile device, dealing with physical data (photos, videos and audio) and network (network mapping and data dump).The discussion will include the presentation of a security tool aimed at handling collected data and infiltrating the infrastructure – Pwn Mode. Considering the key role of privacy in this context, some strategies will be given in what regards keeping the mobile device undetected. Additionally, a close-up look at the tool and exploration of the Pwn Mode will uncover security risks, processes of exploitation and mitigation.With the generalized use of mobile devices come new responsibilities and challenges for professionals and consumers alike especially in a world of BYOD. It is expected that this talk will provide a new insight into the use of mobile devices by considering tangible opportunities of exploring their potential.