The document discusses the results of analyzing over 15,000 iOS finance apps. Several common security issues were found, including hardcoded credentials in 4% of apps that could give access to user data and backend systems. Tests revealed unencrypted private keys, authentication secrets, and development environment details. Many apps also contained SMS gateway configurations and open VPN profiles.
2. Who am I?
• Work hard on defense
• Have fun in offensive
• Break things
Alexey Troshichev
@pl0lq
pl0lq@hackapp.com
#ZeroNights2013
hackapp.com
2
3. What’s wrong with an App ?
Insecure transfer
Injections
Insecure storage
Architecture flaws
Mobile OWASP for bla-bla-bla …
#ZeroNights2013
hackapp.com
3
5. On-device analysis ?
Unlock Device
Remove DRM
Setup research environment
Dynamic analysis
Time & Brains
#ZeroNights2013
hackapp.com
5
6. App is dangerous for user, but
what’s about vendor ?
Why should we waste time attacking
one user, when we can just break into
backend to get them all ?
Why always just binary file?
#ZeroNights2013
hackapp.com
6
7. What App can tell us?
Testing environment disclosure
Third party services authentication data
Built-in accounts
Something you can’t even imagine =)
#ZeroNights2013
hackapp.com
7
8. Why it’s interesting?
Installation is not important
Finally, we are just searching strings…
…and it could be automated =)
#ZeroNights2013
hackapp.com
8
9. Let’s build a Grinder !
#ZeroNights2013
hackapp.com
9
10. AWK, STRINGS, GREP ?
Not suitable for binary containers
Too many garbage
#ZeroNights2013
hackapp.com
10
21. Access to user data
AWS-secret:eyH0aw7IW7wdL8z2eSyK/A8q7rIF7uEMVpvQkbwC
You “publish” your contacts and photos by installing the app…
=(
#ZeroNights2013
hackapp.com
21