Penetration Testing mailing list archives
Re: Iphone pen test?
From: Todd Haverkos <infosec () haverkos com>
Date: Mon, 21 Jun 2010 15:39:35 -0500
yasser.alruhaily () gmail com writes:
Hi all, i have an assignment to pentest iphone application. how can I intercept the data before send it out to the server? Is there any application could run in iphone as intercepting proxy? how can i check buffer over flow errors? thanx YassEr
The authors of this talk from Blackhat usa last year might be able to point you in the right direction if no one else here can help you out. Collin and Charlie fuzzed (and broke) SMS on the iPhone directly: https://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Iphone pen test? yasser . alruhaily (Jun 21)
- RE: Iphone pen test? Adam Richards (Jun 21)
- Re: Iphone pen test? Adam Mooz (Jun 21)
- RE: Iphone pen test? Steve Armstrong (Jun 22)
- Re: Iphone pen test? Todd Haverkos (Jun 21)
- Re: Iphone pen test? Pietro Riva (Jun 22)
- Re: Iphone pen test? Chris Clymer (Jun 30)
- RE: Iphone pen test? Adam Richards (Jun 21)