Gxry

Building a Vulnerable iOS App for Fun and… (no?) Profit

Okay so depending on your perspective of profit, this may or may yield some. I’ll build working, non-working, ‘secure’ and vulnerable applications for various platforms to help further understand the fundamentals and inner workings. So for me, building a vulnerable app to hack it gives me profit in the form of knowledge. If you have the same view, I encourage you to do the same!

My current project focuses on building an iOS applications that presents different challenges to the user. These challenges all follow a similar structure:

  • A ‘type’ of vulnerability that can be abused
  • A specific ‘goal’ to complete the challenge
  • Various steps that need to be completed to finish the challenge
  • Optional, depending on the challenge:
    • Input field, expecting a specific value
    • Trigger-able features to fire a payload/exploit a vulnerability
    • etc

So far…

As of right now, the application is in its early stages. I have put together a working Swift application, which currently holds 4 challenges. 3 challenges focus on jailbreak bypasses, ranging from easy to hard. These are selected from a “challenges” view, which opens up each challenge in it’s own view with it’s own controller. The 4th challenge focuses on XSS within mobile applications. As on right now, it isn’t completed. The current step of development is to ensure user’s can send and ‘trigger’ the XSS payloads within the same context of the application so they don’t have to keep going backwards and forwards.

Application States and Views

The two screenshots below show the appearance and limitations of the app if it cannot identify that the device is jailbroken. If the user has a very ‘clever’ anti jailbreak detection, then this might cause a blocker. So I plan to just add an override feature so it doesn’t block functionality. This is a future tasks. For now, it just checks common artefacts and locations on the device to see if the device is jailbroken.

These next screenshots show the same application states as above, but with a detected jailbreak. As you can see, the challenges are unlocked now and they can be attempted.

What’s Next?

  • More challenges, ranging in difficulty.
  • A sense of progression:
    • Points for each completion (level? titles? achievements?)
    • Flags? These could be abused and dumped by the user
  • Some form of releasable app for others to try and mess with
, ,