Book Image

Learning iOS Penetration Testing

By : Yermalkar
Book Image

Learning iOS Penetration Testing

By: Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (11 chapters)
10
Index

Installing utilities on iDevice

To perform iOS app pentesting, we require many utilities. You may have to add the latest repositories in Cydia sources in order to install the mentioned utilities. You can simply search required repositories online and add them in sources. In this section, we will set up most required utilities.

Therefore, we will need to search these utilities on Cydia and then use options such as Install. We need to install the following utilities:

  • Erica Utilities: It's a collection of command-line utilities, such as plutil, appSearch, and so on.

    You can install Erica Utilities by performing the following step. Search for Erica Utilities in Cydia and then use the Install option, as shown in the following screenshot:

    Installing utilities on iDevice

    You can use same technique to install almost all the other utilities. You may have to update source list by referring to the Adding sources to Cydia section in order to install all the required utilities.

  • class-dump-z: In iOS app pentesting, it's important...