Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

MASTG-TECH-0083: Sandbox Inspection

On iOS, each application gets a sandboxed folder to store its data. As per the iOS security model, an application's sandboxed folder cannot be accessed by another application. Additionally, the users do not have direct access to the iOS filesystem, thus preventing browsing or extraction of data from the filesystem. In iOS < 8.3 there were applications available which can be used to browse the device's filesystem, such as iExplorer and iFunBox, but in the recent version of iOS (>8.3) the sandboxing rules are more stringent and these applications do not work anymore. As a result, if you need to access the filesystem it can only be accessed on a jailbroken device. As part of the jailbreaking process, the application sandbox protection is disabled and thus enabling an easy access to sandboxed folders.

Refer to Accessing App Data Directories to learn abour the contents of an application's sandboxed folder and get an overview of the folder structure and which directories you should analyze.

© OWASP Foundation 2024. This work is licensed under CC-BY-4.0. For any reuse or distribution, you must make clear to others the license terms of this work.
OWASP ® is a registered trademark of the OWASP Foundation, Inc. This website uses cookies to analyze our traffic and only share that information with our analytics partners. Learn more.
Made with Material for MkDocs | Website and covers designed by Carlos Holguera.