Top Banner
24

Mobile arsenal

Apr 13, 2017

Download

Technology

Ackcent
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Mobile arsenal
Page 2: Mobile arsenal

2

§Alex Soler (@as0ler)

§Red Team Officer @ Ackcent

§[email protected]

Page 3: Mobile arsenal

3

Disclaimer: this talk don’t pretend to show all the toolsrelated to mobile security assessment nor all vulnerabiltiescould affect a mobile app, but how to start.

Page 4: Mobile arsenal

4

People thinks mobile applications are always secure…

Page 5: Mobile arsenal

5

Page 6: Mobile arsenal

6

Page 7: Mobile arsenal

7

§iOS Device with Jailbreak

§Android Device rooted

§Some Alternatives

(with their limitations):

− Android Emulator

− “iPhone simulator”

Page 8: Mobile arsenal

8

§ Binary Analysis

−Lack of binary protections

−Poor authorization and authentication§ File Analysis

−Insecure data Storage§ Configuration

−Improper permission usage§ Libraries and API information

−Insecure API usage

Page 9: Mobile arsenal

9

§Network analysis

−Weak server-side controls

−Insufficient Transport Layer

−Unintended data leakage§Runtime analysis

−Improper session handling

−Broken cryptography

Page 10: Mobile arsenal

10

Page 11: Mobile arsenal

11

Page 12: Mobile arsenal

12

Classes.dexjavac

Other class files

Source code

Class files

AndroidManifest.xml

dx

Page 13: Mobile arsenal

13

Classes.dex

Apk Downloader

Smali files

Source codeClass files

AndroidManifest.xml

Unzip

Apktool d

dex2jarjadx

Page 14: Mobile arsenal

14

Android Source Code

Page 15: Mobile arsenal

15

Smali

Page 16: Mobile arsenal

16

You need to decrypt the iOS App

Application

EncryptedCode

Decrypt.bin

cryptoff

cryp

tszi

e

__TEXT offset

Page 17: Mobile arsenal

17

You need to decrypt the iOS App

Application

EncryptedCode

Decrypt.bin

cryptoff

cryp

tszi

e

__TEXT offset

Page 18: Mobile arsenal

18

Clutch2

Page 19: Mobile arsenal

19

Class-dump Get Obj-C classes

Page 20: Mobile arsenal

20

§Burp

HTTP/HTTPs

Page 21: Mobile arsenal

21

§Modifying the application from memory

−Android

§Xposed

−iOS

§Cycript

−Both

§Mobile Substrate

§Frida

Page 22: Mobile arsenal

22

§ https://www.owasp.org/index.php/OWASP_Mobile_Security_Project_-_Android

§ https://www.owasp.org/index.php/IOS_Application_Security_Testing_Cheat_Sheet

§ https://mobilesecuritywiki.com

Page 23: Mobile arsenal

23

§ iOS Jailbreak: https://theiphonewiki.com/wiki/Jailbreak

§ SSH Over USB: http://iphonedevwiki.net/index.php/SSH_Over_USB

§ Direct APK Downloader (Chrome): https://chrome.google.com/webstore/detail/direct-apk-downloader/

§ Installing certificate on android device: https://support.portswigger.net/customer/portal/articles/1841102-Mobile%20Set-up_Android%20Device%20-%20Installing%20CA%20Certificate.html

Page 24: Mobile arsenal

24

Questions?


Related Documents
Literary Arsenal

Literary Arsenal

Category: Documents
Catálogo - Arsenal

Catálogo - Arsenal

Category: Documents
Milan Arsenal Report

Milan Arsenal Report

Category: Documents
Arsenal FC

Arsenal FC

Category: Sports
Topps - UEFA Champions League Match Attax 2015/16 (08 ... · Mesut Özil (Arsenal) 13. Santi Cazorla (Arsenal) 14. Mikel Arteta (Arsenal) - Captain 15. Olivier Giroud (Arsenal) 15.

Topps - UEFA Champions League Match Attax 2015/16 (08...

Category: Documents
Licencjat ARSENAL

Licencjat ARSENAL

Category: Documents
ARSENAL LONDYN

ARSENAL LONDYN

Category: Documents
The Arsenal Tool Chain for the GreenDroid Mobile ...escholarship.org/uc/item/1d22306v.pdf · UNIVERSITY OF CALIFORNIA, SAN DIEGO The Arsenal Tool Chain for the GreenDroid Mobile Application

The Arsenal Tool Chain for the GreenDroid Mobile...

Category: Documents
ARSENAL TERAPEUTICO

ARSENAL TERAPEUTICO

Category: Documents
ARSENAL herbicide

ARSENAL herbicide

Category: Documents
Arsenal 004

Arsenal 004

Category: Documents
Python Arsenal for Reverse Engineering2012.zeronights.org/includes/docs/Evdokimov - Python arsenal for RE... · Python Arsenal for Reverse Engineering Dmitry “D1g1″ Evdokimov

Python Arsenal for Reverse...

Category: Documents