O'Reilly logo

The Mobile Application Hacker's Handbook by Dominic Chell, Tyrone Erasmus, Shaun Colley, Ollie Whitehouse

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 3Attacking iOS Applications

In Chapter 2 you learned a great deal about iOS applications, how they function, how they are distributed, and how they are built. This knowledge provides a foundation with which to explore this chapter, which focuses on the following scenarios for attacking iOS applications:

  • Attacking from the network, including using tainted data originating from server-side applications
  • Attacking an application with physical access to the device
  • Attacking an application with interactive access to a device, including from the perspective of another application on the device

When conducting an assessment of any mobile application, consider these three attack surfaces so you can make informed decisions when identifying and exploiting different attack vectors.

Introduction to Transport Security

Almost all mobile applications have to perform network communication. The ability to transmit and receive data enables applications to offer more than static apps offer. For example, they allow data to be continually updated and enable users to interact with server-side components and with each other to provide a feature-rich experience. However, due to the nature of mobile devices this communication may often occur over untrusted or insecure networks such as hotel or café Wi-Fi, mobile hotspots, or cellular data connections. Consequently, performing communications in a secure manner is imperative. This section walks through the types of vulnerabilities that can ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required