The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Progress Report on the Penetration Analysis of Windows CE and 802.11b Wireless Networks

Download

Download PDF Document
PDF

Author

Jared Crane, Seny Kamara, Pascal Meunier, Dan Noland, Sofie Nystrom

Tech report number

CERIAS TR 2001-04

Entry type

techreport

Abstract

\\noindent The vulnerability assessment of Windows CE devices started with 3 Aero 1550 Pocket PC devices by Compaq. Halfway through the semester, the project received the remaining equipment needed for penetration testing: wireless and ethernet cards to be used with two PocketPC iPaq devices by Compaq. Preliminary results implicate the existence of several vulnerabilities (one compromise and several Denial-of-Service vulnerabilities) that the team has not been able to analyze precisely. A problem area is the need to reverse engineer ActiveSync in order to clearly demonstrate the impact of the compromise, and to explore more powerful ways in which it could be exploited. Moreover, the team has identified several areas and hypotheses that should be investigated if this project is continued in the Spring 2001 semester.

Download

PDF

URL

https://www.cerias.purdue.edu/papers/archive/2001-04.pdf

Acknowledgement

This research was funded by Microsoft. Thanks to Kent Wert for helping with VB scripting and more.

Affiliation

CERIAS

Publication Date

1900-01-01

Contents

-Pocket PC -Windows CE -ActiveSync -802.11b Wireless Networks -Vulnerabilities: CAN-2001-0158 CAN-2001-0159 CAN-2001-0162 CAN-2001-0163

Keywords

WinCE, PocketPC, ActiveSync, Wireless, 802.11, Cisco

Language

English

Subject

none

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.