CNIT 128: Hacking Mobile Devices
Spring 2020 Sam BowneSchedule · Slides · Projects · Links · Grading |
San Francisco orders residents to stay inside
All my classes are cancelled |
Catalog DescriptionMobile devices such as smartphones and tablets are now used for making purchases, emails, social networking, and many other risky activities. These devices run specialized operating systems have many security problems. This class will cover how mobile operating systems and apps work, how to find and exploit vulnerabilities in them, and how to defend them. Topics will include phone call, voicemail, and SMS intrusion, jailbreaking, rooting, NFC attacks, malware, browser exploitation, and application vulnerabilities. Hands-on projects will include as many of these activities as are practical and legal.Advisory: CNIT 113 and 123, or equivalent familiarity with hacking computers and operating mobile devices Upon successful completion of this course, the student will be able to:
Textbook"The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell, Wiley; 1 edition (February 24, 2015), ISBN-10: 1118958500 ISBN-13: 978-1118958506QuizzesThe quizzes are multiple-choice, online, and open-book. Study the textbook chapter and take the quiz before that class. Each quiz is due 30 min. before class. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. Live StreamingTo join the livestream, use this Zoom link: For class-related questions, please emailcnit.128sam@gmail.com |
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Quiz & Proj | Topic | ||
Wed 1-15 | Is Your Mobile App Secure?
| |||
Wed 1-22 | Quiz Ch 1 & Ch 6a due * (M 101 & M103) or (M 104 & M 106) due * |
1. Mobile Application (In)security & 6. Analyzing Android Applications (Part 1)
| ||
Wed 1-29 | Quiz Ch 6b * M 105 due * |
6. Analyzing Android Applications (Part 2)
| ||
Wed 2-5 | Quiz Ch 6c * M 107 & M 108 due * |
6. Analyzing Android Applications (Part 3)
| ||
Wed 2-12 | Quiz Ch 7a M 201 or M 203 due |
7. Attacking Android Applications (Part 1)
| ||
Wed 2-19 | Quiz Ch 7b M 204 & M 207 due |
7. Attacking Android Applications (Part 2)
| ||
Wed 2-26 | Quiz Ch 7c M 301 & M 302 due |
7. Attacking Android Applications (Part 3)
| ||
Wed 3-4 | Quiz Ch 8a M 401 due |
8. Android Implementation Issues (Part 1)
| ||
Wed 3-11 | Quiz Ch 8b M 402 & M 501 due |
8. Android Implementation Issues (Part 2)
| ||
Wed 3-25 | Holiday -- No Class | |||
Wed 4-1 | Quiz Ch 8c | 8. Android Implementation Issues (Part 3)
| ||
Wed 4-8 | Quiz Ch 9 | 9. Writing Secure Android Applications
| ||
Wed 4-15 | Quiz Ch 2ae | 2. Analyzing iOS Applications (Part 1)
| ||
Wed 4-22 | Quiz Ch 2b | 2. Analyzing iOS Applications (Part 2)
| ||
Wed 4-29 | Quiz Ch 3a |
3. Attacking iOS Applications (Part 1)
| ||
Wed 5-6 | Quiz Ch 3b |
3. Attacking iOS Applications (Part 2)
| ||
Wed 5-13 | No Quiz All Extra Credit Projects Due |
Last class: ATT&CK CTF
| ||
Wed 5-13 - Wed 5-20 |
Final Exam available online throughout the week. You can only take it once. | |||
All Quizzes due 30 min. before class * Not counted as late until 2-12 |
SlidesMotivationIs Your Mobile App Secure? (DEF CON 23, 2015) · PDF · KeynotePasswords on a Phone (DEF CON 25, 2017) · PDF · Keynote Introduction1. Mobile Application (In)security · PDF · KeynoteAndroid
iOS
|