Book Image

Learning iOS Penetration Testing

By : Swaroop Yermalkar
Book Image

Learning iOS Penetration Testing

By: Swaroop Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (17 chapters)
Learning iOS Penetration Testing
Foreword – Why Mobile Security Matters
About the Author
About the Reviewer

Insecure storage in keychain

Keychain is a secure location in an iOS where data is encrypted and tied to the device locking/unlocking. The keychain database is in an encrypted format and the encryption happens with a unique hardware-specific key. The hardware key that is used for the encryption is at a secure location and can't be extracted from the device. Keychain items are classified into five classes, as follows:

  • Generic passwords (kSecClassGenericPassword)

  • Internet passwords (kSecClassInternetPassword)

  • Certificates (kSecClassCertificate)

  • Keys (kSecClassKey)

  • Digital identities (kSecClassIdentity, identity=certificate + key).

Data protection mechanism has been implemented by iOS, in which the keychain having sensitive data is protected with another layer of encryption and is tied to the user's passcode. Data protection mechanism is designed to protect the user's data in case a device is lost or stolen. So the encryption offered by the data protection API is dependent on the strength of the...