본문 바로가기

40./42. iOS

Damn Vulnerable iOS Application(DVIA)

Damn Vulnerable iOS Application(DVIA)


iOS 모의해킹 스킬을 테스트  가능한 취약한 앱


 name

 Damn Vulnerable iOS Application (DVIA)

 Author

 prateekg147

 Site

 http://damnvulnerableiosapp.com/

 License type

 - 

 Download

 - 



About


Damn Vulnerable iOS Application was born from the need to have a tool where a user can test their iOS penetration testing skills in a safe and legal environment. Also, this application can be used by mobile security enthusiasts and students to learn or review the basics of mobile application security.


Damn Vulnerable iOS Application은 

- Insecure Data Storage 불안전한 암호 저장

- Jailbreak Detection 탈옥 탐지

- Runtime Manipulation 런타임 조작

- Piracy Detection 침해 탐지

- Transport Layer Security 안전한 전송 구간

- Client Side Injection 사용자 측면 인젝션

- Information Disclosure 정보 노출

- Broken Cryptography 암호화 취약점

- Security Decisions via Untrusted input 신뢰하지 않은 입력정보를 통한 

- Side channel data leakage 주변 채널에 의한 데이터 누수

- Application Patching : 어플리케이션 패치


해당 취약점과 해결책은 iOS 버전 7.0.6에서 테스트하였습니다.


The app also contains a section on iOS Application Security Tutorials for those who want to learn iOS Application Pentesting. Every challenge/vulnerability has a link for a tutorial that users can read to learn more on that topic.


This app will only run on devices running iOS 7 or later. Users can download the source code and run the application on previous versions of iOS as well.