Overview
Explore inter-app communication mechanisms in iOS and their potential security vulnerabilities in this 15-minute video from HackerOne's iOS application hacking series. Dive deep into the iOS pasteboard, URL schemes, and universal links, learning how these widely-used features can be exploited when implemented insecurely. Discover techniques for using Frida to trace and test inter-app communication functionality. Gain insights into pasteboard sharing, URL scheme queries, and associated vulnerabilities, as well as methods for testing input validation and understanding universal links. Enhance your iOS hacking skills and learn to identify potential security risks in app-to-app interactions.
Syllabus
Intro
Inter-app communication
Pasteboard sharing
URL schemes
URL scheme queries
URL scheme issues
URL scheme vulnerabilities
Testing input validation
Universal Links
Taught by
HackerOne