Mobile applications may transmit sensitive information over insecure networks, which may lead to serious attacks. It is very common in coffee shops and airports to access open Wi-Fi where malicious attackers can actually perform MITM attacks to steal sensitive data from the users on the network.
When pentesting mobile apps, there could be scenarios where the application may pass credentials or session tokens over the network. So it is always a good idea to analyze app traffic to see if it is passing sensitive information over the network.
There is another important scenario where the majority of apps are vulnerable. If an application is performing authentication over HTTPS and sending authentication cookies over HTTP, the application is vulnerable since an attacker can easily get the authentication cookies being passed over HTTP, and these cookies are as powerful as username and password to login to the app. Lack of certificate verification and weak handshake negotiation are also common problems with Transport Layer Security.
Such flaws or vulnerabilities expose individual users’ data and can lead to account theft. If an admin account was compromised, the entire site could be exposed. Poor SSL setup can also facilitate phishing and man in the middle attacks.
