Guided Access Mode Bypass

As a penetration tester who specialises in mobile apps, I get good visibility of how the enterprise is adopting/using/misusing various iOS capabilities and MDM features. One trend I’ve seen increasingly, is the use of ‘Guided Access Mode‘ to lock down devices. Guided-Access Mode (GAM), for the unfamiliar, locks the device into a single app. It’s […]

Much Badoo About Nothing

This is just a short post about toying with the Badoo app for iOS, but also touches on something ever-so-slightly useful about testing the app-upgrade mechanisms of mobile apps. “Urghh more dating app hacking” I hear you say. I know, I know, this is getting old. At some point i’ll get a real hobby, I promise.

Ready the Anti-BEAM Beam! Breaking the Virgin BEAM app in 12 minutes

I’ve been travelling on Virgin trains a lot recently and finally decided to take a look at their free movie-streaming app “BEAM”. Super-excited to  be about to watch Forest Gump on my journey, I found that whenever I hit play, the app’s custom video-player decided to freeze and eventually crash the app on my device of […]

Threema Revisited.

So the Treema bug I found a few years ago was fairly cool in my opinion, something a bit different anyway. So it was disappointing that Threema didn’t respond to me at all and then released a patched/updated Threema to the AppStore with something like “general improvements’ in the change-log.. lovely.. very general. Well, anyway… process this for a second […]

Threema Local Authentication Bypass

I sent Threema an email disclosing this and got an auto-reply saying that they commonly take a week to reply to customer messages. Since I hate waiting for things and its not a total remote RCE flaw, lets just put it here for now. The flaw allows gaining local access to a user’s Threema application, […]