Book Image

Learning iOS Penetration Testing

By : Swaroop Yermalkar
Book Image

Learning iOS Penetration Testing

By: Swaroop Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (17 chapters)
Learning iOS Penetration Testing
Foreword – Why Mobile Security Matters
About the Author
About the Reviewer

Bypassing SSL pinning

Many times, you will not be able to intercept an application's HTTPS traffic, even after installing Burp Suite CA certificate on the device. Nowadays, many applications implement SSL pinning, where an application checks the server's certificate against a known copy of that certificate. This prevents the usage of any untrusted certificate that is being used for man-in-the-middle (MITM) attacks.

You can bypass SSL pinning by using tools such as SSL Kill Switch. However, note that this is available only for jailbroken devices. I would encourage you to go further and study from its wiki on how it helps in bypassing SSL verification.

It comes as a Debian package and once you install it on iDevice, you will need to enable the switch, as shown in the following:

I would encourage you to download popular apps from App Store and check whether you can view the application's traffic in plain text. Make sure that you just observe the traffic and not perform any attacks, as legal permission...