Root Your Phone
For this test we’re going to see if the app is securely transmitting data across the network, and we need to do a MITM attack to make sure it’s doing what we expect. In this section we’re going to show you how to double-check that your app is not going to be open to a MITM attack. We are going to need to root the phone in order to point the network traffic at a proxy. So, once again, we’re back to that question we raised in the Preface about white hats and black hats, because to do the test we have no other option than rooting the phone. Rooting the phone means being able to run apps as root or the Unix superuser. We’re definitely veering toward black hat territory, and we also run the risk of bricking the phone. We’re also showing ...
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
