Platform Usage / IPA Symbol Table
Description
IPA symbol table (CWE-200) is a type of IT vulnerability that is associated with the usage of platforms such as iOS and mobile apps. This type of vulnerability allows attackers to gain access to sensitive information by using the symbol table of an iOS application. The symbol table contains information such as the names of the application's classes, methods, and variables. An attacker can use this information to gain access to the application's internals and the data stored within the application. According to the OWASP Testing Guide, IPA symbol table vulnerabilities can be avoided by using secure coding techniques and by avoiding the use of deprecated APIs.
Risk
IPA symbol table vulnerabilities can result in significant harm to an organization. The vulnerability allows attackers to gain access to sensitive information stored within the application, which can be used to gain further access to the organization's systems. Furthermore, the vulnerability can be used to exfiltrate sensitive information, or even modify the application. Such actions can result in a loss of data and reputation, and can lead to financial losses.
Solution
Organizations should take steps to ensure that their applications are properly secured against IPA symbol table vulnerabilities. This can be done by using secure coding techniques, and avoiding the use of deprecated APIs. Furthermore, applications should be regularly tested using static and dynamic analysis techniques to identify any potential vulnerabilities. Additionally, organizations should consider using tools such as obfuscators to reduce the risk of IPA symbol table exploitation.
Example
The following code example shows how an attacker can exploit the IPA symbol table to gain access to sensitive information (CVE-2017-2419):
public void foo() {
NSObject obj = new NSObject();
NSDictionary dict = obj.getSymbolTable();
if (dict.contains("SensitiveInformation")) {
// Sensitive information can be accessed here.
}
}