If you are interested in testing your iOS penetration skills in a legal environment then the Damn Vulnerable iOS Application (DVIA) is for you available here @ http://damnvulnerableiosapp.com/. The application covers the most common security vulnerabilities found in iOS applications aligning with the OWASP Mobile Top 10.
Vulnerabilities and Challenges
- Insecure Data Storage
- Jailbreak Detection
- Runtime Manipulation
- Piracy Detection
- Transport Layer Security
- Client Side Injection
- Information Disclosure
- Broken Cryptography
- Security Decisions via Untrusted input
- Side channel data leakage
- Application Patching
One of the ways to install the IPA is to use the IPA Installer Console
First download the IPA from the site here Download
Then copy the file over to your iOS device using sftp
sftp root@X.X.X.X
put DamnVulnerableIOSApp.ipa
Now run the command "ipainstaller DamnVulnerableIOSApp.ipa" or "installipa DamnVulnerableIOSApp.ipa" to install the application.
You should now see the application on the device
Happy Hacking :)
No comments:
Post a Comment