Chapter 2. Snooping Around the Architecture

Architecture is the art of carefully designing the structure of something.

In electronics engineering, mobile architecture is the conceptual design and fundamental operational structure of a system or product. Applications are among the most crucial elements of any mobile platform. In this chapter, we will snoop around or take a deep pe into aspects of the Android and iOS architectures, which will help you harvest vulnerabilities. We will also cover the following:

Android:

• Understanding Android components
• How Android components communicate with each other, that is, inter-process communication (IPC)
• Building our knowledge of the Dalvik virtual machine and Android runtime
• How the Android security model works
• The difference between the DEX and OAT file formats

iOS:

• How to navigate through an iOS application's directory structure
• The different programming languages in iOS – Objective C and Swift
• How the iOS security model is designed
• How to inspect a Mach-O binary
• How iOS process isolation works
• How to inspect property lists

By the end of this chapter, you should walk away with the knowledge of how IPC works within Android, the difference between Dalvik and ART executables, and also understand how to navigate through an iOS application and understand how to identify important files and items of information that will help you in the process of identifying vulnerabilities.