You are previewing Mobile Device Exploitation Cookbook.
O'Reilly logo
Mobile Device Exploitation Cookbook

Book Description

Over 40 recipes to master mobile device penetration testing with open source tools

About This Book

  • Learn application exploitation for popular mobile platforms

  • Improve the current security level for mobile platforms and applications

  • Discover tricks of the trade with the help of code snippets and screenshots

  • Who This Book Is For

    This book is intended for mobile security enthusiasts and penetration testers who wish to secure mobile devices to prevent attacks and discover vulnerabilities to protect devices.

    What You Will Learn

  • Install and configure Android SDK and ADB

  • Analyze Android Permission Model using ADB and bypass Android Lock Screen Protection

  • Set up the iOS Development Environment - Xcode and iOS Simulator

  • Create a Simple Android app and iOS app and run it in Emulator and Simulator respectively

  • Set up the Android and iOS Pentesting Environment

  • Explore mobile malware, reverse engineering, and code your own malware

  • Audit Android and iOS apps using static and dynamic analysis

  • Examine iOS App Data storage and Keychain security vulnerabilities

  • Set up the Wireless Pentesting Lab for Mobile Devices

  • Configure traffic interception with Android and intercept Traffic using Burp Suite and Wireshark

  • Attack mobile applications by playing around with traffic and SSL certificates

  • Set up the Blackberry and Windows Phone Development Environment and Simulator

  • Setting up the Blackberry and Windows Phone Pentesting Environment

  • Steal data from Blackberry and Windows phones applications

  • In Detail

    Mobile attacks are on the rise. We are adapting ourselves to new and improved smartphones, gadgets, and their accessories, and with this network of smart things, come bigger risks. Threat exposure increases and the possibility of data losses increase. Exploitations of mobile devices are significant sources of such attacks.

    Mobile devices come with different platforms, such as Android and iOS. Each platform has its own feature-set, programming language, and a different set of tools. This means that each platform has different exploitation tricks, different malware, and requires a unique approach in regards to forensics or penetration testing. Device exploitation is a broad subject which is widely discussed, equally explored by both Whitehats and Blackhats.

    This cookbook recipes take you through a wide variety of exploitation techniques across popular mobile platforms. The journey starts with an introduction to basic exploits on mobile platforms and reverse engineering for Android and iOS platforms. Setup and use Android and iOS SDKs and the Pentesting environment. Understand more about basic malware attacks and learn how the malware are coded. Further, perform security testing of Android and iOS applications and audit mobile applications via static and dynamic analysis.

    Moving further, you'll get introduced to mobile device forensics. Attack mobile application traffic and overcome SSL, before moving on to penetration testing and exploitation.

    The book concludes with the basics of platforms and exploit tricks on BlackBerry and Windows Phone. By the end of the book, you will be able to use variety of exploitation techniques across popular mobile platforms with stress on Android and iOS.

    Style and approach

    This is a hands-on recipe guide that walks you through different aspects of mobile device exploitation and securing your mobile devices against vulnerabilities. Recipes are packed with useful code snippets and screenshots.

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

    Table of Contents

    1. Mobile Device Exploitation Cookbook
      1. Mobile Device Exploitation Cookbook
      2. Credits
      3. About the Authors
      4. About the Reviewer
      5. www.PacktPub.com
        1. eBooks, discount offers, and more
          1. Why subscribe?
      6. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Sections
          1. Getting ready
          2. How to do it…
          3. How it works…
          4. There's more…
          5. See also
        5. Conventions
        6. Reader feedback
        7. Customer support
          1. Downloading the example code
          2. Errata
          3. Piracy
          4. Questions
      7. 1. Introduction to Mobile Security
        1. Introduction
        2. Installing and configuring Android SDK and ADB
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        3. Creating a simple Android app and running it in an emulator
          1. Getting ready
          2. How to do it...
          3. See also
        4. Analyzing the Android permission model using ADB
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        5. Bypassing Android lock screen protection
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        6. Setting up the iOS development environment - Xcode and iOS simulator
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        7. Creating a simple iOS app and running it in the simulator
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        8. Setting up the Android pentesting environment
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        9. Setting up the iOS pentesting environment
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        10. Introduction to rooting and jailbreaking
          1. Getting ready
          2. How to do it...
            1. Rooting
            2. Jailbreaking
          3. How it works...
            1. Rooting
            2. Jailbreaking
      8. 2. Mobile Malware-Based Attacks
        1. Introduction
        2. Analyzing an Android malware sample
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Using Androguard for malware analysis
          1. Getting ready
          2. How to do it...
          3. There's more...
        4. Writing custom malware for Android from scratch
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        5. Permission model bypassing in Android
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        6. Reverse engineering iOS applications
          1. Getting ready
          2. How to do it...
          3. How it works...
        7. Analyzing malware in the iOS environment
          1. Getting ready
          2. How to do it...
          3. How it works...
      9. 3. Auditing Mobile Applications
        1. Introduction
        2. Auditing Android apps using static analysis
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        3. Auditing Android apps a using a dynamic analyzer
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        4. Using Drozer to find vulnerabilities in Android applications
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        5. Auditing iOS application using static analysis
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        6. Auditing iOS application using a dynamic analyzer
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        7. Examining iOS App Data storage and Keychain security vulnerabilities
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        8. Finding vulnerabilities in WAP-based mobile apps
          1. Getting ready
          2. How to do it...
          3. There's more...
          4. See also
        9. Finding client-side injection
          1. Getting ready
          2. How to do it...
          3. There's more...
          4. See also
        10. Insecure encryption in mobile apps
          1. Getting ready
          2. How to do it...
          3. How it works...
            1. An example of weak custom implementation
          4. There's more...
          5. See also
        11. Discovering data leakage sources
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        12. Other application-based attacks in mobile devices
          1. Getting ready
          2. How to do it...
          3. How it works...
            1. M5: Poor Authorization and Authentication
            2. M8: Security Decisions via Untrusted Inputs
            3. M9: Improper Session Handling
          4. See also
        13. Launching intent injection in Android
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
      10. 4. Attacking Mobile Application Traffic
        1. Introduction
        2. Setting up the wireless pentesting lab for mobile devices
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        3. Configuring traffic interception with Android
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        4. Intercepting traffic using Burp Suite and Wireshark
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        5. Using MITM proxy to modify and attack
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        6. Configuring traffic interception with iOS
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        7. Analyzing traffic and extracting sensitive information from iOS App traffic
          1. Getting ready
          2. How to do it...
          3. There's more...
          4. See also
        8. WebKit attacks on mobile applications
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        9. Performing SSL traffic interception by certificate manipulation
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        10. Using a mobile configuration profile to set up a VPN and intercept traffic in iOS devices
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        11. Bypassing SSL certificate validation in Android and iOS
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
      11. 5. Working with Other Platforms
        1. Introduction
        2. Setting up the Blackberry development environment and simulator
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        3. Setting up the Blackberry pentesting environment
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        4. Setting up the Windows phone development environment and simulator
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        5. Setting up the Windows phone pentesting environment
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        6. Configuring traffic interception settings for Blackberry phones
          1. Getting ready
          2. How to do it...
            1. Case 1 - Using MDS server and Blackberry simulator
            2. Case 2 - Blackberry 10 simulators
            3. Case 3 - Blackberry 10 phones
          3. How it works...
          4. There's more...
          5. See also
        7. Stealing data from Windows phones applications
          1. Getting ready
          2. How it works...
          3. There's more...
          4. See also
        8. Stealing data from Blackberry applications
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        9. Reading local data in Windows phone
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        10. NFC-based attacks
          1. Getting ready
          2. How to do it...
          3. How it works...
            1. Eavesdropping
            2. Data tampering
            3. Data fuzzing
          4. There's more...
          5. See also