Completed
Hacking Mobile Apps: Examples
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Seven Deadly Sins of Mobile Application Development - Unlocking Mobile Hacking Vulnerabilities
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Overview
- 3 Hacking Mobile Apps: WiFi Pineapple
- 4 Hacking Mobile Apps: The ideal setup
- 5 Hacking AMF: Raw traffic AMF is a binary format
- 6 Trusting the client
- 7 Not requiring encryption • Mobile traffic is easy to hijack & sniff . Most mobile apps are not using SSL - A gasp of horror is appropriate • Many of the ones that use SSL do it wrong!
- 8 Allowing lifetime sessions
- 9 Not keeping secrets • Session tokens/cookies are sent with each request - Easy to steal • Mobile app can store local data unlike web browser - Web browsers always send their cookies in each request
- 10 Allowing repeat requests
- 11 No curfew for requests As discussed, sessions last a long time • Individual requests allowed to stay out partying too long
- 12 Failing to prevent altered requests
- 13 Hacking Mobile Apps: Fantasy Football
- 14 Hacking Mobile Apps: Examples
- 15 Avoiding the 7 Deadly Sins
