mobile arsenal
Post on 13-Apr-2017
236 Views
Preview:
TRANSCRIPT
3
Disclaimer: this talk don’t pretend to show all the toolsrelated to mobile security assessment nor all vulnerabiltiescould affect a mobile app, but how to start.
7
§iOS Device with Jailbreak
§Android Device rooted
§Some Alternatives
(with their limitations):
− Android Emulator
− “iPhone simulator”
8
§ Binary Analysis
−Lack of binary protections
−Poor authorization and authentication§ File Analysis
−Insecure data Storage§ Configuration
−Improper permission usage§ Libraries and API information
−Insecure API usage
9
§Network analysis
−Weak server-side controls
−Insufficient Transport Layer
−Unintended data leakage§Runtime analysis
−Improper session handling
−Broken cryptography
13
Classes.dex
Apk Downloader
Smali files
Source codeClass files
AndroidManifest.xml
Unzip
Apktool d
dex2jarjadx
16
You need to decrypt the iOS App
Application
EncryptedCode
Decrypt.bin
cryptoff
cryp
tszi
e
__TEXT offset
17
You need to decrypt the iOS App
Application
EncryptedCode
Decrypt.bin
cryptoff
cryp
tszi
e
__TEXT offset
21
§Modifying the application from memory
−Android
§Xposed
−iOS
§Cycript
−Both
§Mobile Substrate
§Frida
22
§ https://www.owasp.org/index.php/OWASP_Mobile_Security_Project_-_Android
§ https://www.owasp.org/index.php/IOS_Application_Security_Testing_Cheat_Sheet
§ https://mobilesecuritywiki.com
23
§ iOS Jailbreak: https://theiphonewiki.com/wiki/Jailbreak
§ SSH Over USB: http://iphonedevwiki.net/index.php/SSH_Over_USB
§ Direct APK Downloader (Chrome): https://chrome.google.com/webstore/detail/direct-apk-downloader/
§ Installing certificate on android device: https://support.portswigger.net/customer/portal/articles/1841102-Mobile%20Set-up_Android%20Device%20-%20Installing%20CA%20Certificate.html
top related