SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Spring Training 2016 - Mobile Application Exploitation (iOS and Android)"

Difference between revisions of "Spring Training 2016 - Mobile Application Exploitation (iOS and Android)"

From BruCON 2016

Jump to: navigation, search
(Course contents)
Line 9: Line 9:
  
 
= Course contents =
 
= Course contents =
Module 1 : Getting Started with iOS Pentesting
+
* Module 1 - Getting Started with iOS Pentesting
========================
+
** iOS security model
A.iOS security model
+
*** App Signing, Sandboxing and Provisioning
App Signing, Sandboxing and Provisioning
+
*** Setting up XCode
Setting up XCode
+
*** Changes in iOS 8
Changes in iOS 8
+
*** Exploring the iOS filesystem  
Exploring the iOS filesystem  
+
** Intro to Objective-C and Swift
Intro to Objective-C and Swift
+
** Setting up the pentesting environment
B. Setting up the pentesting environment
+
*** Jailbreaking your device
Jailbreaking your device
+
*** Cydia, Mobile Substrate
Cydia, Mobile Substrate
+
*** Getting started with Damn Vulnerable iOS app
Getting started with Damn Vulnerable iOS app
+
*** Binary analysis
Binary analysis
+
*** Finding shared libraries
Finding shared libraries
+
*** Checking for PIE, ARC
Checking for PIE, ARC
+
*** Decrypting IPA files  
Decrypting ipa files  
+
*** Self signing IPA files
Self signing IPA files
+
** Android Exploitation
[Coffee Break]
+
*** Android Security Architecture
Part 2 - Android Exploitation
+
*** Permission Model Flaws
-Android Security Architecture
+
*** API level vulnerabilities
-Permission Model Flaws
+
*** Rooting for Pentesters Lab
-API level vulnerabilities
+
*** Android ART and DVM Insecurities  
-Rooting for Pentesters Lab
+
* Module 2 Android App for Security professionals
-Android ART and DVM Insecurities  
+
** Reverse Engineering for Android Apps
Module 2 :
+
** Smali Labs for Android
##Android App for Security professionals
+
** Dex Analysis and Obfuscation
-Reverse Engineering for Android Apps
+
** Android App Hooking  
-Smali Labs for Android
+
* Module 3 - Application Specific vulnerabilities
-Dex Analysis and Obfuscation
+
** Attack Surfaces for Android applications
-Android App Hooking  
+
** Exploiting Side Channel Data Leakage
Module 3 :
+
** Exploiting and identifying vulnerable IPCs
##Application Specific vulnerabilities
+
** Exploiting Backup and Debuggable apps
-Attack Surfaces for Android applications
+
** Exploiting Exported Components
-Exploiting Side Channel Data Leakage
+
** Dynamic Analysis for Android Apps
-Exploiting and identifying vulnerable IPCs
+
** Analysing Proguard, DexGuard and other Obfuscation Techniques
-Exploiting Backup and Debuggable apps
+
* Module 4 - Fuzzing for Android
-Exploiting Exported Components
+
** Platform setup for Android fuzzing
-Dynamic Analysis for Android Apps
+
** Identifying vulnerable endpoints
-Analysing Proguard, DexGuard and other Obfuscation Techniques
+
** Fuzzing Android components
Module 4 :
+
** Crash to Exploit
##Fuzzing for Android
+
* Module 5 - ARM for Android Exploitation
-Platform setup for Android fuzzing
+
** Getting familiar with Android ARM
-Identifying vulnerable endpoints
+
** Exploit Mitigation and Protections
-Fuzzing Android components
+
** Heap Manipulation
-Crash to Exploit
+
** ROP Labs for Android
Module 5 :
+
** Writing your own reliable exploit
##ARM for Android Exploitation
+
** Race Condition vulnerabilities
-Getting familiar with Android ARM
+
** Hardware Exploitation Techniques
-Exploit Mitigation and Protections
 
-Heap Manipulation
 
-ROP Labs for Android
 
-Writing your own reliable exploit
 
-Race Condition vulns
 
-Hardware Exploitation Techniques
 
  
 
= Target audience =
 
= Target audience =

Revision as of 17:02, 7 December 2015

Mobile Application Exploitation (iOS and Android)

Course Description

This will be a completely hands on training on exploiting mobile applications for the iOS and Android platform. The training will be based on exploiting Damn Vulnerable iOS app and other vulnerable apps which are written by the trainer in order to make people understand the different kinds of vulnerabilities in mobile applications.

This course will also discuss how a developer can secure their applications using secure coding and obfuscation techniques. After the workshop, the students will be able to successfully penetration test and secure mobile applications. All the students will get a PDF presentation with all the slides, vulnerable apps used for training, sample source code and all the necessary tools used to pentest mobile applications.

The training will also include a CTF challenge in the end where the attendees will use their skills learnt in the training to solve the CTF challenges.

Course contents

  • Module 1 - Getting Started with iOS Pentesting
    • iOS security model
      • App Signing, Sandboxing and Provisioning
      • Setting up XCode
      • Changes in iOS 8
      • Exploring the iOS filesystem
    • Intro to Objective-C and Swift
    • Setting up the pentesting environment
      • Jailbreaking your device
      • Cydia, Mobile Substrate
      • Getting started with Damn Vulnerable iOS app
      • Binary analysis
      • Finding shared libraries
      • Checking for PIE, ARC
      • Decrypting IPA files
      • Self signing IPA files
    • Android Exploitation
      • Android Security Architecture
      • Permission Model Flaws
      • API level vulnerabilities
      • Rooting for Pentesters Lab
      • Android ART and DVM Insecurities
  • Module 2 Android App for Security professionals
    • Reverse Engineering for Android Apps
    • Smali Labs for Android
    • Dex Analysis and Obfuscation
    • Android App Hooking
  • Module 3 - Application Specific vulnerabilities
    • Attack Surfaces for Android applications
    • Exploiting Side Channel Data Leakage
    • Exploiting and identifying vulnerable IPCs
    • Exploiting Backup and Debuggable apps
    • Exploiting Exported Components
    • Dynamic Analysis for Android Apps
    • Analysing Proguard, DexGuard and other Obfuscation Techniques
  • Module 4 - Fuzzing for Android
    • Platform setup for Android fuzzing
    • Identifying vulnerable endpoints
    • Fuzzing Android components
    • Crash to Exploit
  • Module 5 - ARM for Android Exploitation
    • Getting familiar with Android ARM
    • Exploit Mitigation and Protections
    • Heap Manipulation
    • ROP Labs for Android
    • Writing your own reliable exploit
    • Race Condition vulnerabilities
    • Hardware Exploitation Techniques

Target audience

This course is for penetration testers, mobile developers or anyone keen to learn mobile application security

Requirements

Hardware/software Requirements

  • Bring your own laptop. A Macbook Air or Pro is preferable for running Xcode. Genymotion should be installed on the laptop
  • 20+ GB free hard disk space
  • 3+ GB RAM
  • Xcode installed on the laptop to save time during training

  • A jailbroken iPhone/iPad/iPod for iOS testing if possible.

Trainer Biography

File:.jpg
125px



300px-twitter-icon.jpg @corelanc0d3r Links :

Mon. 20 - 22 April 2016 (09:00 - 17:00) (3-day)

Register.jpg

Back to Training Overview