Via dei Gracchi 32, Roma
During our Mobile Application Penetration Testing a multitude of attacks are simulated, both application attacks and more specific attacks dedicated to mobile devices. The test simulates a real attacker and allows you to have a detailed overview of the risks and impacts on the business following the compromise of the application and any sensitive / critical data managed by it.
Our MAPT consists of four phases: Static Analysis, Dynamic Analysis, Network Flow Analysis and Reporting. Everything starts with the complete installation of the application package (the binary of the mobile application: for example, app.apk, app.ipa, etc.) and then performs a complete check of all the various application features available.
It begins by analyzing all the metadata of the application package and a reverse engineering of the mobile application binary is then performed (where possible) in order to obtain the pseudo source code and identify any sensitive data stored within it.
The activity continues by analyzing where sensitive data is required, how they move within the application, how they are used and so on. In particular, we will examine where and how the application handles sensitive information, whether the application is correctly using native APIs and whether user credentials, session tokens, personal information and / or any other sensitive data are stored securely. As part of this analysis, checks will be carried out that will examine the memory to ensure that sensitive data is properly deleted from the application. During this testing phase, we will attempt to access hidden features, as well as attempt to escalate privileges. Another point of observation of great importance will be the validation of the data: any open port, interface, IPC channel and any other input method that can be exploited by an attacker will be identified and verified. A diagram is constructed of how these components work together; a diagram that will be used during the rest of the assessment.
In addition, the communication between the mobile application and all remote systems / services will be examined. Traffic analysis will focus on uncovering vulnerabilities related to information disclosure, tampering with data in transit, authentication, session management and other related vulnerabilities.
The test is performed on physical mobile devices, as well as through the use of emulators – depending on the type of application and functionality. The activity uses as a reference point what is defined by the OWASP Top 10 Mobile Vulnerabilities.
At the end of the MAPT a detailed report is drawn up containing the identified vulnerabilities (with relative details of the software / service concerned, screenshot, type of vulnerability, level of criticality, and possible remediation actions).