PhoneBoy Speaks Ep 802: Hijacking URL Schemes
URL Schemes are a pretty nifty way to share information between applicationa on iOS. Unfortunately there is no way to ensure the app you expect to process said scheme actually does, which when paired with Enterprised-signed apps, creates a potential security vulnerability.
Links:
- iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking « Threat Research
Visit https://phoneboy.com/ps for more information about PhoneBoy Speaks and to find past episodes.
Donations of audio processing time from Auphonic are welcome!
PhoneBoy Speaks Ep 802: Hijacking URL Schemes
