Chapter 3. Identifying the Flaws in Local Storage

	"A false sense of security is worse than being unsure"
	--Anonymous

In the previous chapter, we set up a lab to perform pentesting on iOS applications. We now have a good understanding of how to install third-party iOS apps, transfer files, and various other concepts about tools and utilities that are required to pentest. In this chapter, we will take a look at the insecure data storage vulnerability of iOS applications.

We will look at the following topics:

Introduction to insecure data storage
Installing third-party applications
Insecure data in the plist files
Insecure storage in the NSUserDefaults class
Insecure storage in SQLite database
SQL injection in iOS applications
Insecure storage in Core Data ...

Get Learning iOS Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning iOS Penetration Testing by Swaroop Yermalkar

Chapter 3. Identifying the Flaws in Local Storage

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly