Book Image

Learning iOS Penetration Testing

By : Yermalkar
Book Image

Learning iOS Penetration Testing

By: Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (11 chapters)
10
Index

Dynamic analysis using Cycript


Cycript is one the most popular tools used for runtime analysis of iOS apps. It's a JavaScript interpreter that also understands Objective-C syntax. The idea is to hook Cycript in the target application's process ID and perform actions using JavaScript or Objective-C or both. I would encourage you to go through its documentation in order to understand its functionality in depth.

In dynamic analysis, the important aspect is method swizzling. Method swizzling is changing the behavior/functionality of a method at runtime. To perform method swizzling, we require information about the methods that are used in backend for the application. The idea is as follows:

  • Reverse engineer the application using techniques that we studied in the previous chapters and understand the source code/methods

  • Call the appropriate method that is responsible for authentication

We will use the Dynamic Analysis Demo app provided with this chapter in order to demonstrate the runtime analysis...