Mobile Application Security Labs 
Time Trap

In this challenge, you will explore the vulnerabilities in an internally used application named Time Trap, focusing on Command Injection. 

Outline
Time Trap is a fictional application that showcases insecure practices commonly found in internal applications.

Objective
Your objective is to get access to another users account and trigger the command injection vulnerability to run commands on the device.

Skills required
  • Command Injection understanding
  • Understanding of using man in the middle proxies like Burp Suite to intercept HTTP requests
  • Basic knowledge of iOS application architecture

Course Lessons