TLDR: I was able to enroll a jail broken device on a “major” MDM provider. Any vendor that says they can prevent jailbroken devices from enrolling in a MDM solution is not being 100% honest. Any resourceful person can get around jailbreak detections. Because of the client side nature of this problem it’s very difficult […]
Plug iPhone or iPad into Mac
User iExplorer or iFunbox to explore file system of apps
Export relevant directories to local box (Usually Library and *.app)
Search for files of interest
find . -name "*.db"
find . -name "*.plist"
find . -name "*.sql*"
Search inside the files for items of interest
find . -type f -exec grep -l -i "password" {} +
iExplorer can […]
One of the areas you need to focus on when performing security / penetration testing on iOS applications is what information is written to disk or stored locally. There are a number of things that can be written to disk (text files, config files, plist files, databases, etc). There are a handful of directories that […]