Book Image

Learning iOS Penetration Testing

By : Swaroop Yermalkar
Book Image

Learning iOS Penetration Testing

By: Swaroop Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (17 chapters)
Learning iOS Penetration Testing
Foreword – Why Mobile Security Matters
About the Author
About the Reviewer

Installing third-party applications

In Chapter 2, Setting up Lab for iOS App Pentesting, we already studied how to install third-party iOS applications. To demonstrate different vulnerabilities, we will use apps that are provided with this book. Now, follow the given steps to install the ContactDetails.ipa, Core Data.ipa, and KeychainDemo.ipa apps that are provided with the code bundle of this chapter:

  1. Your iDevice should be jailbroken and have AppSync and Installipa installed in order to use these apps on the device.

  2. Then transfers these apps to the /tmp directory of your iDevice. You can use SFTP to transfer the files. We have already studied this in Chapter 2 so we will not repeat how to use the SFTP connection to transfer the files.

  3. Once you have all the apps in the /tmp directory, make use of Installipa to install the applications as shown in the following:

  4. Once you install all the apps, application icons will appear and it will look similar to the following:

Congratulations! You are now...