CNIT 128: Hacking Mobile Devices
Moved to SCIE 37Spring 2019 Sam BowneSchedule · Slides · Projects · Links · Home Page |
Catalog DescriptionMobile devices such as smartphones and tablets are now used for making purchases, emails, social networking, and many other risky activities. These devices run specialized operating systems have many security problems. This class will cover how mobile operating systems and apps work, how to find and exploit vulnerabilities in them, and how to defend them. Topics will include phone call, voicemail, and SMS intrusion, jailbreaking, rooting, NFC attacks, malware, browser exploitation, and application vulnerabilities. Hands-on projects will include as many of these activities as are practical and legal.Advisory: CNIT 113 and 123, or equivalent familiarity with hacking computers and operating mobile devices Upon successful completion of this course, the student will be able to:
Textbook"The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell, Wiley; 1 edition (February 24, 2015), ISBN-10: 1118958500 ISBN-13: 978-1118958506QuizzesThe quizzes are multiple-choice, online, and open-book. Study the textbook chapter and take the quiz before that class. Each quiz is due 30 min. before class. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. Live StreamingTo join the livestream, use this Zoom link: For class-related questions, please emailcnit.128sam@gmail.com |
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Quiz & Proj | Topic | ||
Wed 1-16 | Is Your Mobile App Secure?
| |||
Wed 1-23 | Quiz Ch 1 * Proj 1 due * |
1. Mobile Application (In)security
| ||
Wed 1-30 | Quiz Ch 6a * Proj 2 & 3 due * |
6. Analyzing Android Applications (Part 1)
| ||
Fri 2-3 | Last Day to Add Classes | |||
Wed 2-6 | Quiz Ch 6b * Proj 4 due |
6. Analyzing Android Applications (Part 2)
| ||
Wed 2-13 | Quiz Ch 6c * Proj 4 due |
6. Analyzing Android Applications (Part 3)
Live testing of mobile apps | ||
Wed 2-20 | Quiz Ch 7a * Proj 5 & 6 due |
7. Attacking Android Applications (Part 1)
| ||
Wed 2-27 | Quiz Ch 7b * Proj 7 due |
7. Attacking Android Applications (Part 2)
| ||
Wed 3-6 | Proj 8 due | 7. Attacking Android Applications (Part 3)
| ||
Wed 3-13 | Quizzes Ch 7c & Ch 8a * Proj 9 & 10 due |
8. Android Implementation Issues (Part 1)
| ||
Wed 3-20 | Quiz Ch 8b * Proj 11 & 12 due |
8. Android Implementation Issues (Part 2)
| ||
Wed 3-27 | Holiday -- No Class | |||
Wed 4-3 | No Quiz No Proj Due |
| ||
Wed 4-10 | Quiz Ch 8c * Proj 14 & 15 due |
8. Android Implementation Issues (Part 3)
| ||
Wed 4-17 | Quiz Ch 9 * Proj 16 due |
9. Writing Secure Android Applications
| ||
Wed 4-24 | No Quiz No Proj due |
| ||
Wed 5-1 | No Quiz No Proj Due |
| ||
Wed 5-8 | Proj 17 due |
2. Analyzing iOS Applications (Part 1)
| ||
Wed 5-15 | No Quiz All Extra Credit Projects Due |
Last class 2. Analyzing iOS Applications (Part 2)
| ||
Thu 5-16 - Wed 5-22 |
Final Exam available online throughout the week. You can only take it once. | |||
* Quizzes due 30 min. before class Nothing is consided late until 2-6 |
SlidesGrading PolicyMotivationIs Your Mobile App Secure? (DEF CON 23, 2015) · PDF · KeynotePasswords on a Phone (DEF CON 25, 2017) · PDF · Keynote Introduction1. Mobile Application (In)security · PDF · KeynoteAndroid
iOS
|
Links |
---|
Apple Platform Security Apple Platform Security PDF DVIA (Damn Vulnerable iOS App) | A vulnerable iOS app for pentesting OWASP/owasp-masvs: The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security. 2019-12-29: Hybrid App Developers: Don't Store Your User's Passwords Passwords are the biggest threat to GDPR compliance (Mar. 2019) Chat app Knuddels fined 20 k Eurosunder GDPR regulation (Nov 24, 2018) Remote logging for mobile apps (April, 2019) From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13 -- spaceraccoon.dev Project Zero: Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641 (Jan. 2019) Project Zero: Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass (Jan. 2019) Project Zero: Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution (Jan. 2019) Reverse-Engineering-and-Tampering iOS Apps OWASP GDB to LLDB command map -- The LLDB Debugger Google Maps Platform--Protecting API Keys We reverse engineered 16k apps, here's what we found Hands On Mobile API Security: Get Rid of Client Secrets Why OAuth API Keys and Secrets Aren't Safe in Mobile Apps Hey Developer, Give me your API keys.!! HOW TO EXTRACT AN API KEY FROM A MOBILE APP BY STATIC BINARY ANALYSIS Ch 2b: Hack in the (sand)Box Android App Reverse Engineering 101 | Learn to reverse engineer Android applications! DJI Privacy Analysis Validation--GOOD ANDROID PROJECT Oversecured detects dangerous vulnerabilities in the TikTok Android app--USE FOR PROJECT AndroGoat: Vulnerable Android App Ch 6a: Encryption | Android Open Source Project Ch 6b: Android versions market share Ch 7a: Android activity manager "am" command help 2021-02-22: Virtual iPhones with Free Trial! pidcat: Colored logcat script which only shows log entries for a specific application package. Ch 7b: Service vs IntentService in Android Can I Jailbreak? - Home Jailbreaking iOS for Mobile Security Assessments (March 2021 Edition) - SANS Institute Ch 8a: What happens if you enter the wrong PIN for many times in an Android phone? - Quora Ch 8b: How to reset your Android lock screen password/PIN/pattern - TechRepublic Ch 8c: Android WebView addJavascriptInterface Code execution Vulnerability MOBISEC - Mobile Security Course iOS Hooking With Objection - HackTricks ZipperDown Vulnerability--Path Traversal in iOS and Android ANDROID PT / Path Traversal Vulnerability Ch 6c: Android OS version market share over time | AppBrain Drozer / needle - is it still alive? 2022-10-04: Releases · abhi-r3v0/EVABS EVABSv4 Walkthrough Android Studio Emulator (AVD) Rooting with Magisk using rootAVD - YouTube EVABSv4 (Part 2) - ITZone Troubleshooting Android Studio - Android Emulator Wifi Connected with No Internet Registers in smali Ch 2a: Cachegrab sttack exposes secrets from ARM TrustZone Ch 2c Citigroup says its iPhone app puts customers at risk Ch 2d: Citi Discloses Security Flaw in Its iPhone App - WSJ How to Reverse Engineer and Patch an iOS Application for Beginners: Part I Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains Heap Overflows on iOS ARM64: Heap Spraying, Use-After-Free (Part 3) How to instrument system applications on Android stock images with Frida and Magisk Security of runtime process in iOS and iPadOS - Apple Support Xamarin | Open-source mobile app platform for .NET, with iOS -- USE FOR PROJECTS |