![]() |
CNIT 128: Hacking Mobile DevicesSpring 2021 Sam Bowne
Schedule · Slides · Projects · Links · Grading |
|
Catalog DescriptionMobile devices such as smartphones and tablets are now used for making purchases, emails, social networking, and many other risky activities. These devices run specialized operating systems have many security problems. This class will cover how mobile operating systems and apps work, how to find and exploit vulnerabilities in them, and how to defend them. Topics will include phone call, voicemail, and SMS intrusion, jailbreaking, rooting, NFC attacks, malware, browser exploitation, and application vulnerabilities. Hands-on projects will include as many of these activities as are practical and legal.Advisory: CNIT 113 and 123, or equivalent familiarity with hacking computers and operating mobile devices Upon successful completion of this course, the student will be able to:
Textbook"The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell, Wiley; 1 edition (February 24, 2015), ISBN-10: 1118958500 ISBN-13: 978-1118958506QuizzesThe quizzes are multiple-choice, online, and open-book. However, you may not ask other people to help you during the quizzes. You will need to study the textbook chapter before the lecture covering it, and take the quiz before that class. Each quiz is due 30 min. before class. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. If you take the quiz twice, the higher score counts. Discussion BoardEach CCSF student must contribute to the Discussion Board in Canvas. There are dates listed in the schedule with Discussion assignment due. For class-related questions, please emailcnit.128sam@gmail.com |
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Quiz & Proj | Topic | ||
Wed 1-20 | The Worst Mobile Apps
| |||
Wed 1-27 | Quiz Ch 1 & Ch 6a due * (M 101 & M103) or (M 104 & M 106) due * |
1. Mobile Application (In)security & 6. Analyzing Android Applications (Part 1)
| ||
Wed 2-3 | Quiz Ch 6b * M 105 due * Discussion 1 * |
6. Analyzing Android Applications (Part 2)
| ||
Wed 2-10 | Quiz Ch 6c M 107 & M 108 due Discussion 2 |
6. Analyzing Android Applications (Part 3)
| ||
Wed 2-17 | Quiz Ch 7a M 201 or M 203 due Discussion 3 |
7. Attacking Android Applications (Part 1)
| ||
Wed 2-24 | Quiz Ch 7b M 204 & M 207 due Discussion 4 |
7. Attacking Android Applications (Part 2)
| ||
Wed 3-3 | No Quiz |
| ||
Wed 3-10 | Quiz Ch 7c M 302 due Discussion 5 |
7. Attacking Android Applications (Part 3)
| ||
Wed 3-17 | Quiz Ch 8a M 401 due Discussion 6 |
8. Android Implementation Issues (Part 1)
| ||
Wed 3-24 | Quiz Ch 8b M 501 due Discussion 7 |
8. Android Implementation Issues (Part 2)
| ||
Wed 3-31 | Holiday -- No Class | |||
Wed 4-7 | Quiz Ch 8c M 402 & M 404 due Discussion 8 |
8. Android Implementation Issues (Part 3)
| ||
Wed 4-14 | Quiz Ch 9 M 503 due Discussion 10 |
9. Writing Secure Android Applications
| ||
Wed 4-21 | Quiz Ch 2a Discussion 11 |
2. Analyzing iOS Applications (Part 1)
| ||
Wed 4-28 | Quiz Ch 2b Discussion 12 |
2. Analyzing iOS Applications (Part 2)
| ||
Wed 5-5 | Quiz Ch 3a |
3. Attacking iOS Applications (Part 1)
| ||
Wed 5-12 | Quiz Ch 3b All Extra Credit Projects Due |
Last class: 3. Attacking iOS Applications (Part 2)
| ||
Wed 5-19 - Wed 5-26 |
Final Exam available online throughout the week. You can only take it once. | |||
All Quizzes due 30 min. before class * Not counted as late until 2-10 |
SlidesMotivationThe Worst Mobile Apps (DEF CON 28, 2020)Introduction1. Mobile Application (In)security · PDF · KeynoteAndroid
iOS
|