My task was: “To find out Mr.YellowGlasses phone OS,
including version.”
Did I accomplish it? Yes, iOS 10.3
I don’t have evidence to confirm this because we had verbal
conversation.
I approached this with a casual conversation about my phone
and how big it is. Then I asked my fellow hacker what type of phone they have
because it was much smaller than mine and they told me it was an Iphone 6
(regular version, not the 6 plus version) and from there I deducted that the OS
version is 12.3.4 because that’s the latest version of iOS and Apple pushes
their updates automatically in most phones and of course Apple’s users are
known to want to be as much up to date as possible.
Application: Finding out the type of phone and version of OS
allows the attacker to target vulnerabilities for that version of OS and phone.
Ethical reflection: After knowing what type of phone and OS a
company gives its employees; the ethical hacker can plan better and design a
plan to protect the company assets based on what vulnerabilities this system
has. A negative way to apply this knowledge is to target a phone that belongs
to the attacker’s target company network and infiltrate the network, run
malware or even work its way to wipe out the phones remotely.
No comments:
Post a Comment