The recently discovered master key vulnerability in Android has given a jolt to the Android team and other parties involved. This vulnerability allows attackers to inject malicious code into legitimate Android applications without invalidating the digital signature. It’s very easy for hackers and attackers to take advantage of this […]
In the previous article, we looked at how we can boot a device using a custom ramdisk using Sogeti Data protection tools. In this article, we will look at how we can use some of their tools to gather information from the device like fetching the keychain information, dumping […]
In the previous article, we looked at how we can use Keychain-Dumper and Snoop-it to analyze and dump the contents of the Keychain from an IOS device. In this article, we will look at how we can boot a non-jailbroken device using a custom ramdisk and analyze the contents […]
In this paper I’ll show you how to find an Android’s user pattern lock. I assume that the technique that I’ll demonstrate can work only on a rooted device. Actually, this article will be based on a problem given on a web-based CTF (Capture the Flag, a computer security […]
My OUYA has finally arrived and I have had some fun tinkering with it, but we will not be talking about OUYA today. In this article, we will continue enumerating other cool embedded devices that can be used for home automation, physical security locks, retro gaming consoles, penetration testing, […]
In the previous article, we looked at the different ways in which we could analyze the network traffic and the api calls being made through an IOS application. In this article, we will look at how we can dump the contents of the Keychain from an IOS device.
In the previous article, we looked at IOS filesystem and forensics. In this article, we will be looking at how we can analyze the network traffic flowing across an IOS device. Analyzing the network traffic for an application could be helpful in many ways. It could help us deduce […]
While security of mobile operating systems is one of the most researched topics today, exploiting and rootkitting ARM-based devices gets more and more interesting. This article will focus on the exploitation of TEEs (Trusted Execution Environments) running in ARM TrustZone to hide a TrustZone-based-rootkit.
First let’s take a look over […]
In this article, we will be looking at the IOS filesystem, understand how the directories are organized, look at some important files, and look at how we can extract data from database and plist files. We will look at how applications store their data in their specific directories (sandbox) […]
Wikipedia defines Mobile Device Management (MDM) solutions as solutions that secure, monitors and supports mobile devices, deployed across various Mobile service providers and operators. This domain of technology sweeps its charms over Smartphones, Tablets, Tablet Computers, mobile printers and various other devices dependent on On-The-Air (OTA) technology. The primary […]
In some of the previous articles, we have looked at how we can dump class information of IOS apps using class-dump-z, hook into the runtime using Cycript and perform runtime manipulation and method swizzling, analyze the flow of the app using gdb etc. However, there could be a much […]
In the previous article, we looked at how we can install custom apps on our device without a developer certificate. In this article, we will look at how we can perform method Swizzling using Cycript on a sample application.
The first thing is to download the sample Xcode project. You […]
IOS Application Security Part 7 – Installing and Running Custom Applications on Device without a registered developer account
Usually, to test apps on a device, you need to be a registered developer which costs about $99/year. For people who want to learn IOS Application security, it is very important that they should be able to run applications on device so that they can perfom tests on them. […]
As we all know, Apple recently introducted its new version of IOS at WWDC 2013 with a completely redesinged User Interface. If you haven’t seen it yet, check out this video from WWDC 2013.
This article will be a small deviation from the other parts in this series. In this […]
In 2013 OWASP completed its most recent regular three-year revision of the OWASP Top 10 Web Application Security Risks. The Top Ten list has been an important contributor to secure application development since 2004, and was further enshrined after it was included by reference in the in the Payment […]
IOS Application security Part 5 – Advanced Runtime analysis and manipulation using Cycript (Yahoo Weather App)
In the previous article, we learnt how to setup Cycript on your idevice, hook into a running process and obtain information about its properties in runtime. In this article, we will look at some advanced runtime analysis techniques. We will look at how we can obtain information about a […]
In the previous article of this series, we gained an understanding of the assembly loading process, its format and anatomy. This article looks at advanced concepts of assemblies, such as their classification in the form of private and shared assemblies, strong names, security, and global assembly caches. We’ll also […]
In this article, you’ll drill deeper into the details of how an assembly is hosted by the CLR and come to understand the relationship between the application domain (appdomain) and processes. The appdomain, in a nutshell, comprises logical segments within a given process that host a set of related […]
In the previous article, we learnt about the runtime capabilities of an IOS App written in Objective-C which uses the Cocoa framework. In this article, we will look at how we can use a very essential tool named Cycript to analyze and modify the runtime of an IOS […]
Traditional intrusion detection systems have always relied on protocol specific analysers to extract the context of the traffic stream. Basically, an intrusion detection system checks for the pattern of packets running inside the network, checking for any anomalous behaviour in the stream of packets running within the network. Traditional […]