Book Image

Learning iOS Penetration Testing

By : Yermalkar
Book Image

Learning iOS Penetration Testing

By: Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (11 chapters)
10
Index

Need for jailbreaking


As studied in the previous chapter, iOS itself has a lot of security features. Neither installing any app outside of App Store nor accessing its filesystem by default is allowed by iOS.

To conduct a security assessment of an iOS application, we will need to access the iDevice's filesystem and keychain data, hook debuggers to applications, and so on. It's not possible to perform iOS app pentesting with so many restrictions and this is the point where we need to jailbreak the iDevice in order to bypass security restrictions provided by iOS.

What is jailbreak?

Jailbreaking is the privilege escalation from mobile user to root user.

Jailbreaking is exploiting the iOS vulnerability and maintaining root access on the device by installing utilities on it. Finding a jailbreak is itself an in-depth topic and beyond the scope of this book. We will only learn how to jailbreak iDevices with the available jailbreaking utilities.

Jailbreaking allows us to do the following:

  • Access complete...