Now, Let's start with real penetration testing techniques in this post.
Penetration Testing
- Client Application
- A client software package is installed locally on the mobile device which acts as the front-end for the user. Client application can be downloaded from app store or Google market. To perform penetration testing on the application we require rooted device or jailbroken or emulator. While performing testing we have to pay more attention to check presence of controls for vulnerabilities like
- Files (temporary, cached, configuration, databases, etc.) on the local file system.
- Insecure file permissions.
- Application authentication & authorization.
- Error handling & session management.
- Business logic testing.
- Decompiling, analysing and modifying the installation package.
- Client-side injections.
- Tools Requirement:
- Mobile device / Mobile device emulator
- It’s always better to use the original (jailbroken) mobile device for performing penetration testing activities. But in the case of unavailability we can also use Emulator as an alternative.
- Examples of popular mobile client systems are Google Android Emulator, MobiOne, iPhoney, and the Blackberry Simulator.
- Decompiler
- Get an appropriate decompiler in order to decompile the binary application files. During black-box engagements, decompilation is essential in order to have a good understanding of how the application internals work.
- Example decompilers for mobile applications are Reflector.NET (Windows Mobile), otool and class-dump-x (iPhone), dex2jar and JD-Gui (Android), Coddec (Blackberry).
- Code analysis tools
- Once the application code has been successfully decompiled, we can consider using a code analysis tool in order to identify vulnerabilities in the application source code.
- Examples of such tools are Klocwork Solo, Flawfinder, Clang.
- A client software package is installed locally on the mobile device which acts as the front-end for the user. Client application can be downloaded from app store or Google market. To perform penetration testing on the application we require rooted device or jailbroken or emulator. While performing testing we have to pay more attention to check presence of controls for vulnerabilities like
- Files (temporary, cached, configuration, databases, etc.) on the local file system.
- Insecure file permissions.
- Application authentication & authorization.
- Error handling & session management.
- Business logic testing.
- Decompiling, analysing and modifying the installation package.
- Client-side injections.
- Mobile device / Mobile device emulator
- It’s always better to use the original (jailbroken) mobile device for performing penetration testing activities. But in the case of unavailability we can also use Emulator as an alternative.
- Examples of popular mobile client systems are Google Android Emulator, MobiOne, iPhoney, and the Blackberry Simulator.
- Decompiler
- Get an appropriate decompiler in order to decompile the binary application files. During black-box engagements, decompilation is essential in order to have a good understanding of how the application internals work.
- Example decompilers for mobile applications are Reflector.NET (Windows Mobile), otool and class-dump-x (iPhone), dex2jar and JD-Gui (Android), Coddec (Blackberry).
- Code analysis tools
- Once the application code has been successfully decompiled, we can consider using a code analysis tool in order to identify vulnerabilities in the application source code.
- Examples of such tools are Klocwork Solo, Flawfinder, Clang.
No comments:
Post a Comment