Android/iOS Hacking and Securing Application Security Training Datasheet
Security Compass 2012. Application Security Training Datasheet. Android/iOS Hacking and Securing 1
Android/iOS Hacking and Securing Students will discover mobile hacking techniques for Android and iOS. They will understand the platform security models, device security models, app analysis, file system analysis and runtime analysis for these popular mobile operating systems.
COURSE OVERVIEW
This course will provide students with the knowledge necessary to assess mobile app security including what hackers look for in mobile apps. Hacking apps themselves will equip them with the skills required to protect their own apps from attacks. Students will come out with an understanding of the pitfalls to mobile device security and the importance of developing mobile apps securely. They will learn the concepts necessary to securely develop mobile in your organization.
LEARNING OBJECTIVES
• Perform attacks against sample mobile apps to understand the weaknesses that exist in the current device security models • Implement secure coding techniques into your mobile development lifecycle to protect your mobile apps from high risk attacks •
Communicate mobile device security threats and the risks associated with mobile devices from an enterprise perspective
COURSE DETAILS Audience • Mobile Developers • QA / Analysts • Security Testers Duration • 2 Day(s)
Delivery • Instructor led delivery with interactive labs Content • Exploit our vulnerable app ExploitME Mobile • Learn mobile assessment techniques and tools • Secure Coding techniques for Android and iOS • Numerous videos showing exploits
Security Compass 2012. Application Security Training Datasheet. Android/iOS Hacking and Securing 2
Outline, at a glance Introduction •
The mobile landscape
1. Device Security Model • • • • • •
Mobile OS security models App distribution models Sandboxing and permissions structure Differences from iPhone/Android platforms The risk of users who trust apps too much Common attack vectors in mobile security
2. A Hacker’s Toolset • • •
• • • •
Android Tools LAB: Setting up the emulator Understanding AVD o ARM vs x86 Emulation o AVD parameters o Understanding ADB o Connecting to the emulator o Accessing the file system iOS XCode basics o Using the iOS simulators o File access with simulator Jailbreaking iOS Working with iOS DRM
3. Physical Access Security •
•
•
Android o Normal vs Root access o Unlocked bootloaders iOS o Normal vs Jailbreak o DataProtection API o What’s safe when you lock iOS? LAB: Physical Access with SU
4. Protocol Analysis •
• • • • •
Proxying Android / iPhone o Handling SSL certificate trust Emulator & simulator proxying Physical device proxying Tools required for intercepting traffic LAB: Proxying mobile app traffic LAB: Mobile traffic manipulation
5. Device File System Analysis •
• • • • • •
Android file system analysis o Using android debugging bridge o Retrieving files from the device iPhone file system analysis o SSH access to iPhone o SCP to retrieve files from device LAB: Insecure file storage Common data storage types for mobile OS’ Logging for developers Assessing logs on Android/iPhone LAB: Insecure Logging
6. Mobile App Decompilation •
• • •
Android APK packaging o Application layout o Android manifest and permissions o Disassembly and decompilation LAB: Basic encryption iPhone IPA packaging o Handling plists o Assessing the binary LAB: Advanced encryption
Security Compass 2012. Application Security Training Datasheet. Android/iOS Hacking and Securing 3
7. Mobile Run-time Analysis • • • • • •
Why runtime analysis? Debugging as an attack vector Rooting and Jailbreak of devices Accessing Android memory at runtime o DDMS and MAT LAB: Dumping memory iPhone debugging
10. Device API Weaknesses • • •
8. Multi-platform Development • • •
• • • • •
Why multiplatform? How wrapper APIs work HTML5 codebase concerns o PhoneGap example Implications to JavaScript bridging Native features through JS JS to Native API in iOS/Android Dynamic loading and minification LAB: HTML at Rest
9. Mobile HTML5 Web • • • • •
•
HTML5 Mobile apps Clickjacking o Framebusting o X-FRAME-OPTIONS Tapjacking o Android defenses SQL Injection (Local vs Mobile) o Parameterized SQL XSS o Existing XSS mobile exploits o JS bridging concerns o Safe output encoding o Securing WebView Localstorage o Use of local storage o Securing localstorage
•
• • • •
•
SSL
o Android / iOS SSL best practice o Weak ciphers XML Parsing o Prevalence in Andriod/iOS o External entity references Virtual Keyboards o iOS Keyboard cache o Android 3rd party keyboards o Programmed PIN entry Copy and Paste o iOS UIPasteboard o Android ClipboardManager o Trouble with WebView iOS Snapshots o Preventing insecure snapshots o Good backgrounding Geolocation o iOS / Android Geolocation management Address Book API o Privacy URL Handlers / IPC o iOS URL schemes o Skype vulnerability o Android Intent Filters / IPC LAB: URLs Handlers to XSS
11. Other Mobile Topics •
• • • • •
Endpoint Security o Weak SSL o Securing Cookies Mobile Cryptography o Password based key derivation LAB: Password complexity Jailbreak detection State of Mobile malware Mobile malware defense
Security Compass 2012. Application Security Training Datasheet. Android/iOS Hacking and Securing 4
What can we do for you?
We understand application security. We breathe it. We strive to provide you with the best training experience for your staff. Our experience helping our clients research and manage real world security risks allows us to drive our training material with the latest threats and vulnerabilities seen in every day engagements. What does that mean? It means that your staff is ready to respond to with forward thinking concepts to securing your business’ most sensitive applications.
Here to help.
Reach out to Security Compass’ advisors who can help. Oliver Ng Director of Training
[email protected] 1-888-777-2211 ext. 125 Sahba Kazerooni Director of Professional Services
[email protected] 1-888-777-2211 ext. 103
Security Compass 2012. Application Security Training Datasheet. Android/iOS Hacking and Securing 5
