Inspection of Windows Phone applications (Доклад с BlackHat Abu Dhabi 2012)
Дмитрий Евдокимов и Андреем Часовских
The market share of Windows Phone devices continues to grow and so grows the number of WP applications: from simple games and social apps to complex business apps. WP security model is considered to be secure; nevertheless, the application themselves may have potential vulnerabilities.
In this presentation, we want to show the techniques we use to analyze the security of WP applications. We will introduce a new tool that makes analysis much easier. This tools allows using both static and dynamic (code instrumentation) techniques. In fact, it is an environment for WP application analysis. We will also show on real examples how to find vulnerabilities with this tool and exploit them.