Mobile Device Exploitation Cookbook（Paperback）

Over 75 recipes to master mobile device penetration testing with open source tools

About This Book

• Learn device and application exploitation for popular mobile platforms
• Improve the current security architecture design for mobile systems
• Discover tricks of the trade with the help of code snippets and screenshots

Who This Book Is For

This book is intended for mobile security enthusiasts and penetration testers who wish to secure mobile devices to prevent attacks and discover vulnerabilities to protect devices.

What You Will Learn

• Introduction to Android and iOS security and rooting
• Explore mobile malwares, reverse engineering, and code your own malware
• Audit mobile applications via static and dynamic analysis
• Create custom RAMs and disk images and learn about mobile forensics
• Attack mobile applications by playing around with traffic and SSL certificates
• Employ ARM exploits such as buffer overflow, R2ZP, ROP, and other kernel attacks
• Set up an exploitation lab
• Set up a BlackBerry and Windows Phone development environment and simulator
• Configure traffic interception settings for Windows and BlackBerry phones

In Detail

Mobile attacks are on the rise. We are adapting ourselves to new and improved smartphones, gadgets, and their accessories, and with this network of smart things, come bigger risks. Threat exposure increases and the possibility of data losses increase. Exploitations of mobile devices are significant sources of such attacks.

Mobile devices come with different platforms, such as Android and iOS. Each platform has its own feature-set, programming language, and a different set of tools. This means that each platform has different exploitation tricks, different malware, and requires a unique approach in regards to forensics or penetration testing. Device exploitation is a broad subject which is widely discussed, equally explored by both Whitehats and Blackhats.

This book takes you through a wide variety of exploitation techniques across popular mobile platforms. The journey starts with an introduction to basic exploits on mobile platforms, malware analysis, and reverse engineering for Android and iOS platforms. You'll learn more about mobile devices, static and dynamic analysis, and other attacks.

You'll explore mobile device forensics and see how you can create custom RAMs and disk images. You'll learn how to attack mobile application traffic and SSL, before moving on to penetration testing and ARM exploitation.

The book covers the use of debuggers, custom fuzzers, and other similar tools, before you discover how to conduct buffer overflows and Kernel attacks, and also how to write shell codes. Finally, you'll go through basic exploit tricks on BlackBerry and Windows platforms.