As of ActiveSync 4.0, Microsoft has incorporated the Remote Network Driver Interface Specification (RNDIS) into creation of a syncing session between a Windows Mobile device and its host PC. While the implementation of this technology has numerous advantages, it also creates an exploitable situation by which a host PC can be attacked. White Wolf Labs has researched out this issue and designed a proof of concept that illustrates how this vulnerability can be exploited. For more details on this work, check out the article titled Exploiting Systems through ActiveSync. We have provided a short video demonstration showing how the vulnerability can be used against a host PC, along with a proof of concept executable (ActiveSink), and the packet captures used to exploit the host PC.
Source code for the tool is available to any interested. Please contact firstname.lastname@example.org.