IOS pentest Lab
IOS pentest Lab
here is a good IOS vulnerable application to do some tests on for those interested in mobiles
http://damnvulnerableiosapp.com/" onclick="window.open(this.href);return false;
I can t do it because I don t have an iphone or a macbook , unable to afford any of them so for those who have enjoy
By the way, many experts think this year is going to be the mobiles year ( both dev and sec) so have fun ^_^
http://damnvulnerableiosapp.com/" onclick="window.open(this.href);return false;
I can t do it because I don t have an iphone or a macbook , unable to afford any of them so for those who have enjoy
By the way, many experts think this year is going to be the mobiles year ( both dev and sec) so have fun ^_^
Re: IOS pentest Lab
I also believe mobiles will be a attack vector in 2014 and beyond - more and more people are using mobiles to connect to work and home networks. Mobiles are also replacing laptops - people use them to do all their banking and personals.
Mobiles are also 'new' in the sense that even some computer savvy people can't figure out what is running in the background of their mobiles.
I chose Android as the next study for these reasons.
IOS is second most popular.
I guess we will start a new forum section on mobile hacking
DNR
Mobiles are also 'new' in the sense that even some computer savvy people can't figure out what is running in the background of their mobiles.
I chose Android as the next study for these reasons.
IOS is second most popular.
I guess we will start a new forum section on mobile hacking
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: IOS pentest Lab
yeah that would be a great idea and if we win the race to this type of knowledge that will be even greater as said " knowledge is power "
Re: IOS pentest Lab
We study mobile security in school, and you are right in thinking it is the up-and-coming security/attack vector. In a lot of ways the threats are the same, but people don't seem to take the same measure of security with their mobile phone as they do with their laptops (and for those of you who are thinking that people don't protect their laptops, you're proving my point)
I don't think it's that people don't "know" that their phone is a huge point of failure to the safety of personal data, I think it's that they haven't quite realized the scope of the potential leak.
As I finish this up and app on my Android device asked if it could have access to Hardware:Camera. I wonder how many people just press ok.
I don't think it's that people don't "know" that their phone is a huge point of failure to the safety of personal data, I think it's that they haven't quite realized the scope of the potential leak.
As I finish this up and app on my Android device asked if it could have access to Hardware:Camera. I wonder how many people just press ok.
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: IOS pentest Lab
plenty. when I did my webmastering studies one docent said something I will never forget, simply because it's totally true. the lecture was about malware (especially reverse shells) and he said:lilrofl wrote:I wonder how many people just press ok.
you can send mass mails with the subject "warning, virus, do not open!" and attach a file with the name "virus.exe"...some people will still click on it.
Re: IOS pentest Lab
b_b you just gave me an idea what about making a virus and when they open emails it prompts warning do not open and when they press okay it executes not only you warned them but you did it too
Re: IOS pentest Lab
Getting network users to compromise a network is common - spam emails, crafted trojans - are a great way to penetrate a network. Network users also try to bypass the company wifi to avoid the boss catching them surfing porn - so you can set up a rogue wifi AP to backdoor a corporate network.
People are the flaw.
DNR
People are the flaw.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: IOS pentest Lab
That's true. Some simple html & php coding can also accomplish some things depending on what you're wanting to do. For instance I know one programmer who does nothing but design in html, and is trying to get the jist of php (which is basically the function within the realm of html) and comes up with some nice stuff that can execute any file from that. Some of the guys I know have looked into embedding an .exe file within a simple image file, but so far it's kinda been put on the back burner.
Re: IOS pentest Lab
yup the weakness is in humans but what about a ransomware for mobiles :p and written on java :p
Re: IOS pentest Lab
Last year I wrote a Denial of Service script for Android as PoC. I won't go into details, but I had been looking in to mobile a bit as well.
Here is a bit of research I had done and posted.
Here is a bit of research I had done and posted.
Code: Select all
http://www.suck-o.com/forums/viewtopic.php?f=7&t=11738
Re: IOS pentest Lab
maboroshi Do you mind sharing the code plz? just interested in having a look at the code and understand the concept u followed
Re: IOS pentest Lab
Not openly. You're a friend of DNR's correct?
Re: IOS pentest Lab
yes I am ^_^
Re: IOS pentest Lab
Scatter, have you done any mobile stuff? Because there's a whole bunch of people who've been railroaded by yahoo. The ceo of that company has done them real shitty and that ceo has ruined all their groups and stuff. If you'd like, we can talk offboard. I'd like to help these people get something back. Some are elderly people who've really come under great distress due to the total shitheadedness of that ceo and her minions.
Re: IOS pentest Lab
till now I didn t do any mobile stuff, I am working on learning mobile apps dev as one of the things am learning now but what s the relation between mobile and that yahoo