Hacking
GithubTwitter
Search…
Hacking
Hacking, Bug Bounties & Penetration Testing
The Hacker Lab
Methodologies
Basic Buffer Overflow
Basic Internal Network test
Basic Mobile Testing guide
Basic Subdomain Enumeration guide
Guides
Build A Raspberry Pi Dropbox
Hack The Box last updated - 2019
Legacy
Devel
Optimum
Popcorn
Beep
Tenten
Arctic
Cronos
Grandpa
Granny
October
Lazy
Sneaky
Holiday
Blocky
Shrek
Blue
Joker
Europa
Haircut
Bank
SolidState
Mantis
Shocker
Tally
Sense
Jeeves
Stratosphere
Inception
Bashed
Fluxcapacitor
Canape
Rabbit
Chatterbox
Nibbles
Sunday
Aragog
Valentine
Silo
Olympus
Poison
Celestial
Waldo
Jerry
Access
Active
Netmon
Powered By GitBook
Basic Mobile Testing guide
Guide for setting up a mobile app test

Download IPA from IOS

Install app from the app store.
Login via ssh to the jailbroken iphone
1
cd /var/containers/Bundle/Application
Copied!
Find the application on the phone
1
ls * | grep -B 2 -i 'applicationname'
2
cd long-string
Copied!
Now install zip
1
apt update
2
apt install zip
Copied!
Now compress the app folder as a zip file and name it .ipa
1
mkdir Payload
2
cp applicationname.app Payload/
3
zip -r /tmp/applicationname.ipa /var/containers/Bundle/Application/longstring/Payload/applicationname.app/
Copied!
Then copy to your attacker machine
1
~# scp [email protected]:/tmp/applicationname.ipa .
Copied!
Unzip and review the contents
1
unzip applicationname.zip
Copied!
Now you are free to send through mobSF etc.

Static Analysis

Check for bad strings

1
grep -iRf thickclient-basic.txt /root/Downloads/_decompileapkname_
Copied!

Docker

First install docker on whichever system you are using.
1
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
2
echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list
3
apt-get update
4
apt-get install docker-ce
Copied!
Install MOBSF
1
docker pull opensecurity/mobile-security-framework-mobsf
2
docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
Copied!
Upload .ipa/.apk and review results.
Check permissions and review all MOBSF findings
  • Review static files
  • Review permissions

Dynamic Analysis

Android

Open burpsuite
Add proxy listener on all interfaces
Modify the proxy settings on the Android device to point to your Burp listening machine.
Ensure you save the settings.
Now you can intercept traffic to and from the app.
  • Walk the app and capture all of the traffic, once completed review proxy history and test accordingly.
  • Review data storage of app.

Endpoint Analysis

Review proxy history and follow typical API/ web application methodology to test.

Reverse Engineering IOS

Reverse Engineering iOS Apps
White Hack
1
$ strings appname | grep “<?xml”
2
$ strings appname | grep “SELECT” (or select, insert, update… etc)
3
$ strings appname | grep “http”
4
$ strings appname | grep “cydia” (and others, to check for jailbreak tests)
5
$ strings appname | grep “.com” (you never know, email addresses might be interesting)
6
$ strings appname | grep “Crypt” (this will also show AESCrypt, for example)
Copied!
Methodologies - Previous
Basic Internal Network test
Next - Methodologies
Basic Subdomain Enumeration guide
Last modified 2yr ago
Copy link
Contents
Download IPA from IOS
Static Analysis
Dynamic Analysis
Android
Endpoint Analysis
Reverse Engineering IOS