back to List back

on this page

Offensive Mobile Reversing and Exploitation

post-event
price $4,800
Beginner / Intermediate
4 Days
Mobile, Pentesting
Sat 19 Nov - Tue 22 Nov
price$4,800
Topics:
  • Introduction to ARM64 and Mobile Browser Security [2 modules]
  • iOS Exploitation
  • Android Exploitation
Overview

After a sold-out course last year at Blackhat, we are back with an updated version of our course with additional coverage of ARM64, mobile browser security, and more in-depth coverage of Mobile apps and operating system security. The class starts with a basic introduction to the ARM instruction set and calling conventions followed by some reverse engineering exercises. 

We then learn how to write simple exploits for the ARM64 environment. Next, we move to Mobile browser security, understand some of the browser mitigations followed by writing some simple exploits for the mobile browser. We then cover iOS and Android internals in further detail. We then discuss some of the exploitation techniques using real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a walkthrough of how jailbreaks are written. We also discuss some of the common vulnerability types (Heap Overflows, Use-after-free, Uninitialized Stack variable, Race conditions). We will also look at how to build the Android kernel, customize it using Kernel tunables and then use a 1-day vulnerability to gain kernel r/w access.

The training then moves on to application security based on exploiting the Damn Vulnerable iOS app, Android-lnsecureBankv2, and lnsecurePass application written by the authors of this course in addition to a broad range of other real-world applications. We then cover a variety of mitigations deployed in real-world apps and discuss how to bypass them. Slides, videos and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the duration of the training course.

The course covers topics ranging from beginners to advanced topics. Basic Linux commands is the only requirement for the course.

Students are required to bring their own laptop that meets the following specs

  • Laptop with: 50+ GB free hard disk space, 8+ GB RAM , VirtualBox installed on the machine. For those who have an M1/M2 MacBook or any other machine that doesn't support virtualization, a cloud instance will be provided
  • Students will be provided with access to Corellium for iOS hands-on and as such do not need to carry iOS devices
  • Download and install the latest version of Xcode. Administrative access on the system
  • External USB access allowed

Detailed Course Setup instructions will be sent a few weeks prior to the class

What Students Will be Provided With

  • Videos for all the vulnerabilities shared in the class
  • Huge list of good reads and articles for learning mobile application security
  • Source code for vulnerable applications
  • Custom VM for hands-on pentesting
Who Should Take This Course
  • This course is for penetration testers, mobile developers or anyone keen to learn mobile application security.