kdlsw Posted December 9, 2017 Posted December 9, 2017 I do not have too much experience with ios. For Android, a simple social engineering to let the victim install the malware apk would be sufficient. But from my understanding, all APPs on ios are required to be installed via AppStore, if I cannot poison the traffic of the victim, what's the usual way to deliver a trojan or malware to a target? Or if there is any good articles/books I can look into? thanks! Quote
digip Posted December 9, 2017 Posted December 9, 2017 8 hours ago, kdlsw said: I do not have too much experience with ios. For Android, a simple social engineering to let the victim install the malware apk would be sufficient. But from my understanding, all APPs on ios are required to be installed via AppStore, if I cannot poison the traffic of the victim, what's the usual way to deliver a trojan or malware to a target? Or if there is any good articles/books I can look into? thanks! With Android, users need to allow unknown sources, which is not always on by default, an don some developer mode to be on, although it's probably a lot easier to get them on Android than iOS. If they jailbreak their iOS, then it's possible to do much the same with 3rd party apps. If you can social engineer someone to click something, on any OS, that's often all you need though, regardless of what is turned on or not. If an exploit takes control of the system, you can run nearly anything, even when not rooted, although in most cases, you won't get full control of the device, or root without something specific, and possibly a reboot, you should be able to sniff or gather info from the device and certain levels of communications. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.