Mobile Application Pentesting

# Android OS and Android Security Architecture

Android architecture contains a different number of components to support any Android device’s needs.
Android software contains an open-source Linux Kernel having a collection of a number of C/C++
libraries which are exposed through application framework services. Among all the components Linux
Kernel provides the main functionality of operating system functions to smartphones and Dalvik Virtual
Machine (DVM) provide a platform for running an Android application.

Components of Android Architecture

The main components of Android architecture are the following:-

• Applications

• Application Framework

• Android Runtime

• Platform Libraries

• Linux Kernel

Pictorial representation of Android architecture with several main components and their sub-
components Understanding Android’s architecture is essential for building efficient applications. For
those looking to master this structure and move from beginner to advanced skills in Kotlin, the Android
Mastery with Kotlin: Beginner to Advanced course offers a comprehensive guide

1. Applications

Applications is the top layer of android architecture. The pre-installed applications like home, contacts,
camera, gallery etc and third party applications downloaded from the play store like chat applications,
games etc. will be installed on this layer only. It runs within the Android run time with the help of the
classes and services provided by the application framework.
2. Application framework

Application Framework provides several important classes which are used to create an Android
application. It provides a generic abstraction for hardware access and also helps in managing the user
interface with application resources. Generally, it provides the services with the help of which we can
create a particular class and make that class helpful for the Applications creation. It includes different
types of services activity manager, notification manager, view system, package manager etc. which are
helpful for the development of our application according to the prerequisite.

3. Application runtime

Android Runtime environment is one of the most important part of Android. It contains components like
core libraries and the Dalvik virtual machine(DVM). Mainly, it provides the base for the application
framework and powers our application with the help of the core libraries. Like Java Virtual Machine
(JVM), Dalvik Virtual Machine (DVM) is a register-based virtual machine and specially designed and
optimized for android to ensure that a device can run multiple instances efficiently. It depends on the
layer Linux kernel for threading and low-level memory management. The core libraries enable us to
implement android applications using the standard JAVA or Kotlin programming languages.

4. Platform libraries

The Platform Libraries includes various C/C++ core libraries and Java based libraries such as Media,
Graphics, Surface Manager, OpenGL etc. to provide a support for android development.

• Media library provides support to play and record an audio and video formats.

• Surface manager responsible for managing access to the display subsystem.

• SGL and OpenGL both cross-language, cross-platform application program interface (API) are used for
2D and 3D computer graphics.

• SQLite provides database support and FreeType provides font support.

• Web-Kit This open source web browser engine provides all the functionality to display web content and
to simplify page loading.

• SSL (Secure Sockets Layer) is security technology to establish an encrypted link between a web server
and a web browser.
5. Linux Kernel

Linux Kernel is heart of the android architecture. It manages all the available drivers such as display
drivers, camera drivers, Bluetooth drivers, audio drivers, memory drivers, etc. which are required during
the runtime. The Linux Kernel will provide an abstraction layer between the device hardware and the
other components of android architecture. It is responsible for management of memory, power, devices
etc. The features of Linux kernel are:

• Security: The Linux kernel handles the security between the application and the system.

• Memory Management: It efficiently handles the memory management thereby providing the freedom
to develop our apps.

• Process Management: It manages the process well, allocates resources to processes whenever they
need them.

• Network Stack: It effectively handles the network communication.

• Driver Model: It ensures that the application works properly on the device and hardware
manufacturers responsible for building their drivers into the Linux build.

# IOS and IOS Security Architecture

IOS is a mobile operating system that Apple Inc. has designed for its iPhones, iPads, and Apple mobile
devices. IOS is a mobile operating system and is the second most popular and widely used after Android.

The structure of the iOS operating system is Layered based. Its communication doesn’t occur directly.
The layers between the Application Layer and the Hardware layer will help with Communication. The
lower level gives basic services on which all applications rely and the higher-level layers provide graphics
and interface-related services. Most of the system interfaces come with a special package called a
framework.

Core OS Layer
All the IOS technologies are built under the lowest level layer i.e. Core OS layer. These technologies
include:

 Core Bluetooth Framework

 External Accessories Framework

  Accelerate Framework

 Security Services Framework

 Local Authorization Framework etc

It supports 64 bit which enables the application to run faster.

Core Sercices Layer

Some important frameworks are present in the CORE SERVICES Layer which helps the iOS operating
system to cure itself and provide better functionality. It is the 2nd lowest layer in the Architecture as
shown above. Below are some important frameworks present in this layer:

 Address Book Framework: The Address Book Framework provides access to the contact details
of the user.

 Cloud Kit Framework: This framework provides a medium to transfer data between your app
and iCloud.

 Core Data Framework: It is the technology used to handle the data model of a Model View
Controller app.

 Core Foundation Framework: This framework offers data management and service features for
iOS applications.

 Core Location Framework: This framework helps in delivering location and heading information
to the application.

 Core Motion Framework: All the motion-based data on the device is accessed with the help of
the Core Motion Framework.

 Foundation Framework: Objective C covering too many of the features found in the Core
Foundation framework.

 HealthKit Framework: This framework handles the health-related information of the user.

 HomeKit Framework: This framework is used for talking with and controlling connected devices
with the user’s home.

Media Layer
By taking the media layer’s help, we will enable all graphics video, and audio technology of the system.
This is the second layer in the architecture. The different frameworks of MEDIA layers are:

 ULKit Graphics: This framework provides support for designing images and animating the view
content.
  Core Graphics Framework: This framework support 2D vector and image-based rendering and it
is a native drawing engine for iOS.

 Core Animation: This framework provides the optimum animation experience of the apps in iOS.

 Media Player Framework: This framework supports the playing of the playlist. It enables the
user to use their iTunes library.

 AV Kit: This framework offers a number of easy-to-use interfaces for video presentation and
recording, and even playback of audio and video.

 Open AL: This framework is also an Industry Standard Technology for Audio provision.

 Core Images: This framework offers advanced support for motionless images.

 GL Kit: This framework manages advanced 2D and 3D rendering by hardware-accelerated

interfaces.

Cocoa Touch
COCOA Touch is also known as the application layer which acts as an interface for the user to work with
the iOS Operating system. It supports touch and motion events and many more features. The COCOA
TOUCH layer provides the following frameworks :

 EvenKit Framework: This framework shows a standard system interface using view controllers
for viewing and changing events.

 GameKit Framework: This framework even allows users to share game related data online via a
Game Center.

 MapKit Framework: This framework provides a scrollable map that may be inserted into the
user interface of the app.

 PushKit Framework: This framework provides for registration.

Features of iOS operating System

Let us discuss some features of the iOS operating system-

 It is Highly Securer than other operating systems.

 iOS provides the facility of multitasking like while working in one application we can switch to
another application easily.

 The user interface of iOS’s includes multiple gestures like swipe, tap, pinch, Reverse pinch.

 iBooks, iStore, iTunes, Game Center, and Email are user-friendly.

  It provides Safari as a default Web Browser.

 It has powerful API and Camera.

 It has deep hardware and software integration.

Applications of IOS Operating System

Here are some applications of the iOS operating system-

 iOS Operating System is the Commercial Operating system of Apple Inc., and it’s very famous for
its security features.

 It comes with a lot of pre-installed apps from Apple, including Mail, Map, TV, Music, Wallet,
Health, etc.

 Swift is a language for programming that is used for developing apps to run on an IOS operating
system.

 We can do multitasking—like chatting and surfing on the internet—side by side in an iOS

operating system.

Advantages of IOS Operating System

The iOS operating system has some advantages over other operating systems available in the market
especially the Android operating system. Here are some of them-

 More secure than other operating systems

 Fluid responsive with a great UI

 Most Suitable for Business and Professionals

 Produce less heat compared to Android

Disadvantages of IOS Operating System

Let us have a look at some disadvantages of the iOS operating system-

 More Expensive.

 Less User Friendly than the Android Operating System.

 Not Flexible remain to support only IOS devices.

 Battery Performance Decreases.

# Mobile Pentest Process and Tools

Mobile penetration testing is a security assessment process focused on identifying and addressing
vulnerabilities in mobile applications, operating systems, and the device's network communication. It
aims to ensure that mobile applications are secure and don’t expose sensitive user data or critical
functionality to unauthorized access.

Mobile Penetration Testing Process

1. Reconnaissance and Information Gathering: Gather information about the application, such as
platform (iOS or Android), application architecture, and intended functionalities. Understanding
the app’s scope and dependencies is essential for planning the testing approach.

2. Threat Modeling: Identify potential threats by mapping out sensitive data flows, APIs, and third-
party libraries. Determine possible attack vectors, like unauthorized access to APIs, insecure
storage, or exposed communications.

3. Static Analysis: Analyze the app’s code, configuration files, and resources without executing it.
Static analysis tools decompile the application to inspect code for vulnerabilities such as
hardcoded credentials, unencrypted data, or misconfigured permissions.

4. Dynamic Analysis: Run the application in a test environment and interact with it to observe real-
time behavior. Dynamic analysis involves testing for issues like weak authentication, insecure
data transmission, or improper session handling.

5. Network Communication Testing: Intercept and analyze network traffic to identify insecure data
transmission. Testing tools allow testers to inspect traffic for issues like plaintext transmission,
weak SSL/TLS implementation, or unprotected API endpoints.

6. Reverse Engineering: Decompile and inspect the app to understand its logic, identify
vulnerabilities in its code, or bypass certain security measures. Reverse engineering is often used
to identify sensitive information stored in the app.

7. Exploit Development: Based on identified vulnerabilities, attempt to exploit them in a controlled

environment. This step aims to understand the real-world impact of the vulnerabilities and
confirm findings.

8. Post-Exploitation and Reporting: Document findings, their impact, and remediation steps.
Provide developers with actionable insights on fixing security gaps.

Tools for Mobile Penetration Testing

Several tools assist in the various stages of mobile pentesting:

Reconnaissance and Information Gathering

 MobSF (Mobile Security Framework): An all-in-one tool for automated static analysis, dynamic
analysis, and malware analysis.

 AppMon: Useful for analyzing app permissions, extracting metadata, and gathering initial
information.

Static Analysis Tools

 ApkTool: For decompiling Android APKs to inspect resources and manifest files.

 Jadx: A decompiler that allows reverse engineering of APK files to readable Java code.

 Frida: A dynamic code instrumentation tool that helps in intercepting and modifying function
calls.

Dynamic Analysis Tools

 Burp Suite: An essential web proxy tool for intercepting HTTP/S requests. It’s useful for
inspecting network traffic between the app and server.

 OWASP ZAP (Zed Attack Proxy): Another proxy tool for testing HTTP/S requests, useful for
finding insecure transmissions.

 Drozer: A security testing tool for Android that focuses on finding vulnerabilities in Android apps
and configurations.

Network Traffic Analysis

 Wireshark: A packet analyzer for inspecting data packets over the network, especially helpful for
finding unencrypted or sensitive information.

 MITMProxy: A powerful proxy tool for intercepting and modifying network traffic, allowing
testers to examine API requests and responses.

Reverse Engineering Tools

 Radare2: A command-line reverse engineering tool for binary files.

 Binary Ninja: A reverse engineering platform that allows binary analysis, although it’s more
popular for advanced analysis.

 Objection: A runtime mobile exploration tool that allows testers to modify an app at runtime
without needing to jailbreak or root the device.

Exploit Development Tools

 Metasploit: While commonly associated with network pentesting, it also supports modules for
Android and iOS.

 AndroBugs Framework: Specifically designed to find vulnerabilities in Android applications,

generating reports that categorize risks by severity.
Device Emulators and Virtualization Tools

 Android Studio Emulator: Google’s official Android emulator for testing Android applications.

 Genymotion: A fast and configurable emulator for Android that’s useful for testing in various
Android environments.

 Apple’s iOS Simulator: Part of Xcode, used for testing iOS applications without a physical device.

Reporting Tools

 Dradis: A collaborative reporting tool that helps organize findings and generate reports.

 Faraday: An Integrated Multiuser Pentesting Environment for managing pentest data, useful for
larger security teams.

Best Practices in Mobile Pentesting

1. Use Test Devices or Emulators: Avoid testing on a personal device to prevent data corruption.

2. Secure the Testing Environment: Ensure the network used for testing is isolated to prevent
unintentional data leaks.

3. Document Findings Thoroughly: Provide detailed descriptions, screenshots, and remediation

steps for developers.

4. Follow Platform-Specific Guidelines: Both Android and iOS have security guidelines that outline
best practices for secure development.