Mobile Security Testing Hands-On - iOS Edition

beginner
hands-on

iOS App Security Workshop

This course teaches you how to analyse an iOS app for security vulnerabilities, by going through the different phases of testing, including dynamic testing, static analysis and reverse engineering. The instructors will share their experiences and many small tips and tricks to attack mobile apps.

At the beginning of the course we start by giving an overview of the iOS Platform and it’s Security Architecture (Hardware Security, Code Signing, Sandbox, Secure Boot, Security Enclave etc.). After explaining what an IPA container is and the iOS file system structure we start creating an iOS testing environment and make a deep dive into various topics and techniques, including:

TARGET AUDIENCE

According to the feedback we have collected from our previous trainings, students who have mobile application development and application penetration testing experience enjoyed and benefited the most from the course.

DELIVERABLES

  • Training Slides
  • Access to Private Github repo that contains
  • Tools and Scripts used during the training
  • Several Android Apps that are used for the exercises

REQUIREMENTS

  • Laptop with minimum 30 GB Hard Disk Space & 8 GB RAM with administrative privileges
  • Updated Virtual-box installed
  • iOS jailbroken device with atleast iOS 11

Topics will be covered

  • Analyzing iOS applications that use non-HTTP traffic
  • Frida crash course to kick-start with dynamic instrumentation for iOS apps
  • Bypassing SSL Pinning with SSL Kill Switch and Objection
  • Evaluate different implementations of Touch ID / Face ID and ways to bypass them
  • Testing methodology without a jailbroken device by repackaging an IPA with the Frida Gadget
  • Testing stateless authentication mechanisms such as JWT in an iOS Application
  • Using Frida for Runtime Instrumentation of iOS Apps to bypass
  • Anti-Jailbreaking mechanisms
  • Frida detection mechanism
  • Other client side security controls
At the end of the day small groups will be created (2-3 students) and time will be given to investigate an app with the newly learned skills. Every team is then encouraged to make a short presentation about the analysed vulnerability.

What you will get from this session :

After successful completion of this course, students will have a better understanding of how to test for vulnerabilities in iOS apps, how to mitigate them and how to execute tests consistently. The course is based on the OWASP Mobile Security Testing Guide (MSTG) and the OWASP Mobile AppSec Verification Standard (MASVS) and is conducted by one of the authors himself. The OWASP MSTG is a comprehensive and open source guide about mobile security testing for both iOS.

About Trainer :

Sven made several stops at big consultant companies and small boutique firms in Germany and Singapore and became specialised in Application Security and has supported and guided software development projects for Mobile and Web Applications during the whole SDLC. Besides his day job Sven is one of the core project leaders and authors of the OWASP Mobile Security Testing Guide and OWASP Mobile Application Security Verification Standard and has created the OWASP Mobile Hacking Playground. Sven is giving talks and workshops about Mobile and Web Application Security worldwide to different audiences, ranging from developers to students and penetration testers.