Chapter 8: Hacking Mobile Devices: iOS and Android
Rooting Android
Tools to root Android
KingoRoot
OneClickRoot
TunesGo
NTK Droid
Jailbreaking iOS
Tools to jailbreak iOS
Cydia
Pangu
GeekSn0w, Redsn0w
Absinthe
Techniques for Jailbreaking
- Untethered – the kernel will stay jailbroken after reboot
- Semi-tethered – a reboot reverts to a non-jailbroken kernel, but a jailbreak took is installed on the device for immediate re-jailbreaking
- Tethered – jailbreaking is done while tethered to a computer, but a reboot removes removes the jailbreak, and the mobile device may be hard to recover
Types of Jailbreaking
- Userland exploit – breaks out of many user controls, but doesn’t get you root/Admin
- iBoot exploit – cracks the high-level iBoot boot loader and allows installation of unsigned apps, but will be removed if iBoot is updated/reinstalled
- BootROM exploit – cracks the low-level SecureRom bootloader, and can’t be removed by an update/patch
MDM
Mobile devices as security testing platforms
DroidSheep
Fing
Kali Nethunter