objection - Runtime Mobile Exploration

Новости информационной безопасности




objection - Runtime Mobile Exploration

objection.png

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.

The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.

Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of the restrictions imposed by the applicable sandbox you are facing.

features

Supporting both iOS and Android and having new features and improvements added regularly as the tool is used in real world scenarios, the following is a short list of only a few key features:

For all supported platforms, objection allows you to:

iOS specific features in objection include the ability to:

Android specific features in objection include the ability to:


screenshots
The following screenshots show the main objection repl, connected to a test application on both an iPad running iOS 10.2.1, and Samsung Galaxy S5 running Android 6.

A file system listing of the iOS applications main bundle

objection_1_ios_ls.png

A file system listing of the Android applications bundle
objection_2_android_ls.png

iOS Keychain dumped for the current application, and later written to a file called keychain.json
objection_3_ios_keychain.png

Inline SQLite query tool
objection_4_sqlite_example.png

SSL Pinning bypass running for an iOS application
objection_5_ios_ssl_pinning_bypass.png

SSL Pinning bypass running for an Android application
objection_6_android_ssl_pinning_bypass.png

sample usage
A sample session, where objection version 0.1 is used to explore the applications environment. Newer versions have the REPL prompt set to the current applications name, however usage has remained the same:
8O6fjDHOdVKgPYeqITHXPp6HV.png

prerequisites
To run objection, all you need is the python3 interpreter to be available. Installation via pip should take care of all of the dependencies needed. For more details, please see the prerequisites section on the project wiki.
As for the target mobile applications though, for iOS, an unencrypted IPA is needed and Android just the normal APK should be fine. If you have the source code of the iOS application you want to explore, then you can simply embed and load the FridaGadget.dylib from within the Xcode project.

installation
Installation is simply a matter of pip3 install objection. This will give you the objection command.
For more detailed update and installation instructions, please refer to the wiki page here.

Дата: 2017-10-20 13:11:05

Источник: http://www.kitploit.com/2017/10/objection-runtime-mobile-exploration.html

android,database,ios,ipad,jailbreak,objection,python3,reporting,runtime,samsung,sandbox,sqlite