2. Who Am I?
12 Years in IT and Information
Security
• Help Desk
• System Administrator
• Security Operations
• Application Security Analyst
(Purple Team)
• Mobile Application
Penetration Tester
27. Jailbreak Bypass
Screen Shot 2023-03-23 at 7.57.25 PM
Liberty Lite
https://www.ios-repo-updates.com/repository/ryley-s-
repo/package/com.ryleyangus.libertylite.beta/
30. adb shell - Connect to device
adb push - PC to device
adb pull - Device to PC
adb install - sideload apks
adb (Android Debug Bridge)
31. The priority is one of the following character values
V: Verbose (lowest priority)
D: Debug
I: Info
W: Warning
E: Error
F: Fatal
S: Silent (highest priority, on which nothing is ever
printed)
Adb logcat
34. Fridump - What are we looking for?
Credentials / Usernames / Passwords / Email addresses
Private keys/ IP addresses
URLs that the app normally can't talk to
36. •Supports both iOS and Android.
•Inspect and interact with container file systems.
•Bypass SSL pinning.
•Dump keychains.
•Perform memory related tasks
•Explore and manipulate objects on the heap
Objection
https://github.com/sensepost/objection
43. Original APK - /data/app/<pkg>*/base.apk
Application Storage -data/data/package name
• Databases/
• lib/: libraries and helpers for the app files
• shared_prefs/
• settings cache/
Local Storage Android
44. External storage can be accessed in:
• /storage/emulated/0
• /sdcard
• /mnt/sdcard
External Storage Android
46. Applications can create sqlite databases
May store sensitive data on them and
often our unencrypted.
• find . -type f -exec file '{}' ; | grep
'SQLite 3.x database’
• find ./ -name "*.sqlite" -or -name
"*.db"
SQLite Databases
47. • plist files are structured XML files that
contains key-value pairs.
• Way to store persistent data
• You may find sensitive information in
these files..
Plist iOS
48. To find all the plist of used by the
application you can access to
/private/var/mobile/Containers/Data/Appl
ication/{APPID} and run:
Command - find ./ -name "*.plist"
Plist iOS
49. To find all the plist of used by the
application you can access to
/private/var/mobile/Containers/Data/Appl
ication/{APPID} and run:
Command - find ./ -name "*.plist"
Plist iOS
50. To convert the plist into a readable format
Command - $ plutil -convert xml1
Info.plist
Plist iOS