I usually wonder how my iPhone apps communicate with their servers. I had a debate with my ex-coworker about the security of app communication. He thinks we can use simple HTTP protocol for app communication, including authentication. But I insist that we should use more secure way for transmission in apps.
Let me use an example to demonstrate how little an app protects the content and how easy it is to monitor the traffic of an iPhone app.
This app provides coupon for Starbucks. I want to get the content of this coupon.
- Connect your iPhone to your Mac via USB.
- use rvictl to connect your device via UUID (20 characters, you can find it in iTunes or organizer in XCode)
>rvictl -s UUID
> rvictl -l
sudo tcpdump -n -t -i rvi0 -q -A tcp
sudo tcpdump -t -i rvi0 -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip&0xf)<<2)) - ((tcp&0xf0)>>2)) != 0)'
sudo tcpdump -t -i rvi0 -s 0 -A 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420'
sudo tcpdump -t -i rvi0 -s 0 -A 'tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)'
The result will be like this
IP XXXXXXXX.61956 > static-ip-38-69-56-61.rev.dyxnet.com.http
Now you can get the Christmas discount(Buy 1 get 1 free) without downloading the app.
Then you can use Chrome Developer Tool and inspect the image for you
Don’t use simple web view to protect your content. HTTPs and session based authentication could be a better solution.
This article can be only used for education. All rights of images belong to original company