You know how all those apps on your phone talk to stuff on the web? All of that is easily discovered, intercepted and manipulated. How's a walkthrough of how to get started and the sort of stuff you can find just by looking at how your apps are talking to the web. This is part of a blog post that you can find here: http://www.troyhunt.com/2014/10/find-crazy-stuff-in-mobile-app.html
wwemario12345 (1 year ago)
20 minutes to download 70mb?
linkviii (2 years ago)
I was just wondering how this is done and I've come across this video without looking for it. nice.
Heinrich Christiansen (3 years ago)
That is just one of the reasons I never use mobile device for banking and other high risk activities ;) It's so totally insecure.
Adam Burgess (3 years ago)
The 'index.manifest' file at 14:00 is actually a HTML5 cache manifest file, used for telling the browser what files to cache offline - the user agent should automatically download the files listed in the background. It's absurd that it's included within the zip though, as it's just even more wasted data...
Adam Demasi (3 years ago)
I actually exploited exactly this issue with a textbook viewer. It's a slow Flash program (both served from the publisher's website and from their offline version), so I watched requests with Fiddler and it turned out that it downloads the book pages without authentication. Needless to say I wrote my own fast viewer that friends and I have been using all year - I just thought I was really lucky, but it's crazy to hear that this happens as often as you say it does. One nitpick - the .manifest isn't actually proprietary; it's part of HTML5: https://developer.mozilla.org/en-US/docs/Web/HTML/Using_the_application_cache. 
HandyAndy Tech Tips (3 years ago)
Excellent as always, Troy!
Jesse Fielder (3 years ago)
What are your internet speeds? 20 minutes for a 72mb file seems kind of ridiculous. Is there any particular reason it took so long?
Nectarino Mochachino (3 years ago)
Well Australian internet speeds aren't the best, especially outside the cities, we are ranked about 58th by average country speeds.
Jack Makin (3 years ago)
Troy your amazing love your vids will you be doing more
XNAforyou (3 years ago)
Great vid Troy! Really interesting
Not an ALT (3 years ago)
I didn't even want to know about this hut your videos are do well done I couldn't stop watching
Darth Peachy (3 years ago)
I am so glad you are one of the good guys Troy.
Se7eN (3 years ago)
Really inspiring.

