CircleCityCon 6.0 - What the Frida Gave Me: A Novel Take on E-Ticket Forging and E-Ticket Stealing

Date & Time: May 31, 2019 at 10:00 - 11:00
Location: The Westin - 241 West Washington St, Indianapolis, IN, 46204
Speaker: Priyank Nigam

Millions of people rely on mobile e-ticketing applications to get from Point A to Point B every day. These applications serve as vital components for mass transit and essentially power America’s major cities.

But thanks to Frida – a well-known but not very popular dynamic instrumentation framework – you can easily reverse engineer mobile e-ticketing applications. In this talk, we’ll explore new application-specific attack avenues using Frida. We will be leaving the jailbreak bypasses and SSL pinning bypasses of yesteryear by the wayside as we explore a new attack vector. We’ll use Frida’s code injection and module loading capabilities to demonstrate e-ticket forging and e-ticket “stealing.” (And your commute just became that much less of a pain).

Expect to learn the analysis of intermediate-level obfuscation measures such as encrypted HTTP body and encrypted application storage in mobile applications, which can be instrumental in uncovering security vulnerabilities.

Senior Security Analyst Priyank Nigam will present What the Frida Gave Me: A Novel Take on E-Ticket Forging and E-Ticket Stealing at CircleCityCon 6.0 in Indianapolis.  

 

Topics:CircleCityConSpeaking Engagements

Comments

Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com

More...

More...

Subscribe to Updates