Book Image

Learning iOS Security

Book Image

Learning iOS Security

Overview of this book

Table of Contents (13 chapters)

App communications


Up until now, this chapter focused on viewing data on devices, obtaining logs, and making changes to devices themselves. Since listening to network traffic is the basis of most of the reconnaissance that is done on devices, we'll look at how to obtain more information about devices that are based on what goes over the network medium. This is done by first identifying the iOS devices on a network and then listening to raw network traffic using common tools such as Wireshark.

Identifying devices

For starters, you can identify all iOS devices easily as they listen on port 62078, which is a unique port. To verify that an iOS device is occupying an IP on a network, scan the IP address for that port. For example, here we use the built-in port scanner in OS X to scan an IP address on the network with an iPhone:

/System/Library/CoreServices/Applications/Network\ Utility.app/Contents/Resources/stroke 192.168.0.12 62078 62078

Listening to network communications

OS X has a command called...