Talk With an Expert

iPhone Backup Files. A Penetration Tester's Treasure

iPhone Backup Files. A Penetration Tester's Treasure (PDF, 13.18MB)Published: 07 Feb, 2012
Created by
Darren Manners

In a penetration test it is usually impossible to acquire permission to attack the CEO's cell phone. But what if the CEO's workstation is in scope and the CEO has an iPhone synced with a workstation? What if the CEO's iPhone backup files are resident on this workstation? Would that be in scope? The answer is probably yes. The information that can be gleaned from an iPhone backup file is amazing and extremely useful to a penetration tester. We will discuss how to hunt for possible targets with iPhone backup files using Wireshark, Tcpdump and Metasploit. This paper will show how to view the contents of the IOS 5 backup file and extract useful information for the penetration test. We will discuss various mitigation techniques and the new IOS5 iCloud initiative and what this means for the future.