See your app through a hacker's eyes to find the real sources of vulnerability The Mobile Application Hacker's Handbook is a comprehensive guide to securing all mobile applications by approaching the issue from a hacker's point of view. Heavily practical, this book provides expert guidance toward discovering and exploiting flaws in mobile applications on the iOS, Android, Blackberry, and Windows Phone platforms. You will learn a proven methodology for approaching mobile application assessments, and the techniques used to prevent, disrupt, and remediate the various types of attacks. Coverage includes data storage, cryptography, transport layers, data leakage, injection attacks, runtime manipulation, security controls, and cross-platform apps, with vulnerabilities highlighted and detailed information on the methods hackers use to get around standard security.
Mobile applications are widely used in the consumer and enterprise markets to process and/or store sensitive data. There is currently little published on the topic of mobile security, but with over a million apps in the Apple App Store alone, the attack surface is significant. This book helps you secure mobile apps by demonstrating the ways in which hackers exploit weak points and flaws to gain access to data.
Understand the ways data can be stored, and how cryptography is defeated
Set up an environment for identifying insecurities and the data leakages that arise
Develop extensions to bypass security controls and perform injection attacks
Learn the different attacks that apply specifically to cross-platform apps
IT security breaches have made big headlines, with millions of consumers vulnerable as major corporations come under attack. Learning the tricks of the hacker's trade allows security professionals to lock the app up tight. For better mobile security and less vulnerable data, The Mobile Application Hacker's Handbook is a practical, comprehensive guide.
Introduction xxxi
Chapter 1 Mobile Application (In)security 1
The Evolution of Mobile Applications 2
Mobile Application Security 4
Summary 15
Chapter 2 Analyzing iOS Applications 17
Understanding the Security Model 17
Understanding iOS Applications 22
Jailbreaking Explained 29
Understanding the Data Protection API 43
Understanding the iOS Keychain 46
Understanding Touch ID 51
Reverse Engineering iOS Binaries 53
Summary 67
Chapter 3 Attacking iOS Applications 69
Introduction to Transport Security 69
Identifying Insecure Storage 81
Patching iOS Applications with Hopper 85
Attacking the iOS Runtime 92
Understanding Interprocess Communication 118
Attacking Using Injection 123
Summary 131
Chapter 4 Identifying iOS Implementation Insecurities 133
Disclosing Personally Identifi able Information 133
Identifying Data Leaks 136
Memory Corruption in iOS Applications 142
Summary 146
Chapter 5 Writing Secure iOS Applications 149
Protecting Data in Your Application 149
Avoiding Injection Vulnerabilities 156
Securing Your Application with Binary Protections 158
Summary 170
Chapter 6 Analyzing Android Applications 173
Creating Your First Android Environment 174
Understanding Android Applications 179
Understanding the Security Model 206
Reverse-Engineering Applications 233
Summary 246
Chapter 7 Attacking Android Applications 247
Exposing Security Model Quirks 248
Attacking Application Components 255
Accessing Storage and Logging 304
Misusing Insecure Communications 312
Exploiting Other Vectors 326
Additional Testing Techniques 341
Summary 351
Chapter 8 Identifying and Exploiting Android Implementation Issues 353
Reviewing Pre-Installed Applications 353
Exploiting Devices 365
Infiltrating User Data 416
Summary 426
Chapter 9 Writing Secure Android Applications 427
Principle of Least Exposure 427
Essential Security Mechanisms 429
Advanced Security Mechanisms 450
Slowing Down a Reverse Engineer 451
Summary 455
Chapter 10 Analyzing Windows Phone Applications 459
Understanding the Security Model 460
Understanding Windows Phone 8.x Applications 473
Developer Sideloading 483
Building a Test Environment 484
Analyzing Application Binaries 506
Summary 509
Chapter 11 Attacking Windows Phone Applications 511
Analyzing for Data Entry Points 511
Attacking Transport Security 525
Attacking WebBrowser and WebView Controls 534
Identifying Interprocess Communication Vulnerabilities 542
Attacking XML Parsing 560
Attacking Databases 568
Attacking File Handling 573
Patching .NET Assemblies 578
Summary 585
Chapter 12 Identifying Windows Phone Implementation Issues 587
Identifying Insecure Application Settings Storage 588
Identifying Data Leaks 591
Identifying Insecure Data Storage 593
Insecure Random Number Generation 601
Insecure Cryptography and Password Use 605
Identifying Native Code Vulnerabilities 616
Summary 626
Chapter 13 Writing Secure Windows Phone Applications 629
General Security Design Considerations 629
Storing and Encrypting Data Securely 630
Secure Random Number Generation 634
Securing Data in Memory and Wiping Memory 635
Avoiding SQLite Injection 636
Implementing Secure Communications 638
Avoiding Cross-Site Scripting in WebViews and WebBrowser Components 640
Secure XML Parsing 642
Clearing Web Cache and Web Cookies 642
Avoiding Native Code Bugs 644
Using Exploit Mitigation Features 644
Summary 645
Chapter 14 Analyzing BlackBerry Applications 647
Understanding BlackBerry Legacy 647
Understanding BlackBerry 10 652
Understanding the BlackBerry 10 Security Model 660
BlackBerry 10 Jailbreaking 665
Using Developer Mode 666
The BlackBerry 10 Device Simulator 667
Accessing App Data from a Device 668
Accessing BAR Files 669
Looking at Applications 670
Summary 678
Chapter 15 Attacking BlackBerry Applications 681
Traversing Trust Boundaries 682
Summary 691
Chapter 16 Identifying BlackBerry Application Issues 693
Limiting Excessive Permissions 694
Resolving Data Storage Issues 695
Checking Data Transmission 696
Handling Personally Identifiable Information and Privacy 698
Ensuring Secure Development 700
Summary 704
Chapter 17 Writing Secure BlackBerry Applications 705
Securing BlackBerry OS 7.x and Earlier Legacy Java Applications 706
General Java Secure Development Principals 706
Making Apps Work with the Application Control Policies 706
Memory Cleaning 707
Controlling File Access and Encryption 709
SQLite Database Encryption 710
Persistent Store Access Control and Encryption 711
Securing BlackBerry 10 Native Applications 716
Securing BlackBerry 10 Cascades Applications 723
Securing BlackBerry 10 HTML5 and JavaScript (WebWorks) Applications 724
Securing Android Applications on BlackBerry 10 726
Summary 726
Chapter 18 Cross-Platform Mobile Applications 729
Introduction to Cross-Platform Mobile Applications 729
Bridging Native Functionality 731
Exploring PhoneGap and Apache Cordova 736
Summary 741
Index 743
