Penetration Testing mailing list archives
RE: Iphone pen test?
From: "Steve Armstrong" <stevearmstrong () logicallysecure com>
Date: Mon, 21 Jun 2010 21:02:39 +0100
YassEr,
I notice the new IOS4 gives the user the ability to disable cellular
data (under Settings --> General --> Network). By doing this and then
connecting the device to a wireless Access Point that you control you
can see and modify traffic to and from the device using normal TCP/IP
tools. I would recommend using an encrypted link to prevent passers buy
joining your wireless hacker LAN.
By doing this you do not require a jailbroken phone. The only downside
is if they have hardcoded any 'cellular only' data flows to prevent such
an attack you will not get to see all the potential traffic (worth a
note in your report), however, given most apps are written for user
functionality rather than security, I think you would be unlucky to find
the app stonewalls you via a wifi link.
If the iphone is not IOS4 then you can achieve the same thing by another
route. You can invoke 'Airplane Mode' and then re-enable the Wireless
(weird I know) but it seems to disable the cellular link but allow the
wifi traffic. This was you can test IOS3.1.3 and as far back as 2.2 if
my memory serves me correctly.
Have fun!
Steve A
Logically Secure
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Adam Richards
Sent: 21 June 2010 20:34
To: yasser.alruhaily () gmail com; pen-test () securityfocus com
Subject: RE: Iphone pen test?
Is the iPhone Jailbroken? If so you can use tcpdump and ssh or mobile
terminal to capture the traffic and scp it back to your workstation.
If it's stock you can connect it to you AP and sniff the wireless
traffic. If you have an AP that you can create a span port on it from
the wireless to a wired port you could also sniff the traffic off of it.
Adam Richards, CISSP | CEH
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of yasser.alruhaily () gmail com
Sent: Monday, June 21, 2010 1:57 AM
To: pen-test () securityfocus com
Subject: Iphone pen test?
Hi all,
i have an assignment to pentest iphone application. how can I intercept
the data before send it out to the server?
Is there any application could run in iphone as intercepting proxy?
how can i check buffer over flow errors?
thanx
YassEr
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board
Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board
Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the
intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in
this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject
to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or
incorporates a formal Purchase Order. For persons other than the intended recipient any disclosure, copying,
distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be
unlawful.
Registered in England and Wales No: 05967368. Registered Office: Festival House, Jessop Avenue, Cheltenham,
Gloucestershire, GL50 3SH
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT
and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
Current thread:
- Iphone pen test? yasser . alruhaily (Jun 21)
- RE: Iphone pen test? Adam Richards (Jun 21)
- Re: Iphone pen test? Adam Mooz (Jun 21)
- RE: Iphone pen test? Steve Armstrong (Jun 22)
- Re: Iphone pen test? Todd Haverkos (Jun 21)
- Re: Iphone pen test? Pietro Riva (Jun 22)
- Re: Iphone pen test? Chris Clymer (Jun 30)
- RE: Iphone pen test? Adam Richards (Jun 21)