How to Hack an App Video Series
Do you know how to hack an app? Well if not, it’s easier than you may think. With just a
few readily available tools, today’s hackers are able to exploit a mobile app in just a
matter of minutes.
So, why are so many apps susceptible to attack? Often times, with so much pressure to
get the app to market, many developers overlook application protection as being a vital
part in protecting their app against hackers. Among the most vulnerable area of attack,
is the application’s binary code. For those who don’t know, binary code is the code that
machines read to execute an application – It’s what you download when you access
mobile applications from an app store like Google Play. Hackers can easily reverse-
engineer an app’s binary code back to its original source code. From there, a hacker is
able to modify security controls, alter run-time behavior, and inject malicious code.
Watch Jonathan Carter, from Arxan Technologies, explain just how easy it is for hackers
to perform the following attack vectors and exploit sensitive user information.
iTunes Code Encryption Bypass
See how easy it is for hackers to bypass iOS encryption to progress a mobile app attack.
Android APK Reverse Engineering
Algorithm Decompilation and Analysis
See how “Hopper” is leveraged to initiate a static, springboard attack for counterfeiting
and stealing information
Baksmali Code Modification
Learn how hackers can easily crack open and disassemble (Baksmali) mobile code.
Reverse Engineering String Analysis
Watch how hackers use strings analysis as a core element for reverse engineering
Swizzle with Code Substitution
Learn how hackers leverage infected code to attack critical class methods of an
application to intercept API calls and execute unauthorized code, leaving no trace with
the code reverting back to original form
Understanding application internal structures and methods via Class Dumps
Learn how hackers use this widely available tool to analyze the behavior of an app as a
form of reverse engineering and as a springboard to method swizzling
إرسال تعليق