Progress Report on the Penetration Analysis of Windows CE and 802.11b Wireless Networks
Author
Jared Crane, Seny Kamara, Pascal Meunier, Dan Noland, Sofie Nystrom
Tech report number
CERIAS TR 2001-04
Abstract
\\noindent The vulnerability assessment of Windows CE devices started with 3 Aero 1550 Pocket PC devices by Compaq. Halfway through the semester, the project received the remaining equipment needed for penetration testing: wireless and ethernet cards to be used with two PocketPC iPaq devices by Compaq. Preliminary results implicate the existence of several vulnerabilities (one compromise and several Denial-of-Service vulnerabilities) that the team has not been able to analyze precisely. A problem area is the need to reverse engineer ActiveSync in order to clearly demonstrate the impact of the compromise, and to explore more powerful ways in which it could be exploited. Moreover, the team has identified several areas and hypotheses that should be investigated if this project is continued in the Spring 2001 semester.
Acknowledgement
This research was funded by Microsoft. Thanks to Kent Wert for helping with VB scripting and more.
Publication Date
1900-01-01
Contents
-Pocket PC
-Windows CE
-ActiveSync
-802.11b Wireless Networks
-Vulnerabilities:
CAN-2001-0158
CAN-2001-0159
CAN-2001-0162
CAN-2001-0163
Keywords
WinCE, PocketPC, ActiveSync, Wireless, 802.11, Cisco