sawks Posted July 8, 2012 Share Posted July 8, 2012 (edited) Ive seen people doing page redirects for password harvesting, but has anyone seen/done harvesting of mobile app username/password like iphone facebook app. Ive seen mobile site redirection , but wondered if it was possible to MITM app traffic. Cheers Steve (New HAK5 watcher) (Old sysadmin) Edited July 8, 2012 by sawks Quote Link to comment Share on other sites More sharing options...
RebelCork Posted July 9, 2012 Share Posted July 9, 2012 Short answer - no, unless you can create a duplicate app and install that on the victims phone. Long answer: This is theoretically possible on Android, but not so far on Apple. (Barring the foobar this week) There have been MITM attacks on Android devices, the most common ones being redirects and click-through insertions. If you remember, WhatsApp was hacked last year, because details were sent in plain text. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.