Mobile Application Security Labs 
Gotham Times

The challenge is built around the fictional newspaper Gotham Times, an iOS application providing users with the latest news and updates about events happening in Gotham City.  

Outline

This challenge focuses on the potential vulnerabilities in the deeplink feature, emphasising how attackers can exploit it to gain unauthorised access to sensitive information, particularly authentication tokens.

Objective
Craft a deeplink exploit to steal an authentication token

Skills Required
  • Deeplink exploitation understanding
  • Basic knowledge of iOS reverse engineering

Course Lessons