After my talk at 0sec I had an interesting short conversation with Roberto from Zone-H about attacking PDAs and especially smartphones trough XSS. Now here are some ideas I had about it. Because this are only ideas, I don’t know if it’s really possible to lunch such kind of attack at all

An idea of an attack scenario:
An attacker has a PDA which’s running a webserver. The webserver is so configured, that all requests will be forwarded to one simple page and the PDA looks like an accesspoint for others. This forewarding-page includes some tools for get information about the user (cookies, history, …) which are written in Javascript.

Now the attacker can take his PDA and go to a trainstation, a business center or an airport with his portable honeypot. If a user with his notebook or PDA finds the “PDA-Accesspoint” and try to access the Internet trough, all the information he sends will be cached there.

Of course it would also be possible to set up a working connection to the so you can use your PDA as a portable sniffer and catch all the data users put and get through the Internet. You can do this for example when you set up an Internet connection trough GPRS or UMTS.

As I said, this is only an idea and I don’t know if it works but I think attacking also portable devices with XSS will be one of the next steps of this attack class. I’ll do some more research on this topic and you’ll hear when I’ve found something interesting