iOS: “I just snapshotted your credit card… I did it for you!”

Does your application have a page containing sensitive data such as personal or business information? Credit card numbers? Any financial or legal information? You should be aware that when the user presses the iPhone’s home button, and your application performs backgrounding, iOS takes a snapshot of the current page and stores it insecurely on the device. Why? To create an “animation” when the application shrinks into the background and to expand back to the screen, when the user selects it again. If the last page contained sensitive information, this information could be easily stolen. Violation of the user’s privacy and business information leakage are just two of the security impacts it may cause.

This is how its done:
1. The user launches your app, and goes to a page containing sensitive information.
2. The user receives a call, or decided himself to press the home button, and send your app into the background.
3. iOS takes a snapshot of the last pages, for animation… this is how it looks:

stage1 stage2 stage3

Now, lets take a look at the application folder on the device. We’ll go to:
There we can see the file: UIApplicationAutomaticSnapshotDefault-Portrait@2x.png.
Opening it, will reveal all the data that appeared on the last page visited in our app, before going into background.

What can we do about it?

Well… I’m glad you asked! There are a few ways to deal with this issue. Here,I will explain four of them:
Read more

Wardriving? Apple? Really ??

Advanced iPhone Hacking with iNalyzer

The slides from my OWASP Israel 2012 talk “Advanced iPhone Hacking with iNalyzer” have been uploaded and are available here.

iNalyzer iPhone testing tool that was presented in the talk can be downloaded directly from Here (You will need Graphviz Dot and Doxygen installed on your PC/Laptop )
Here is an Installation Video (currently no Sound..)
iNalyzer Installation and usage

Here is a small demo of iNalyzer Vs. iSafePlay
iNalyzer Vs. iSafePlay