My current assignment as a penetration tester for a mobile project requires me to root a phone to perform specific tests that are more tedious or impossible on a non-rooted device. As I’ve never done this before, I’m registering here to have contact with experienced peers.
I come from a web and server pentesting background and this is my first mobile assignment which has some overlap with what I’m used to but also differs a lot due to the very specific security models of mobile devices.
Info online tends to focus on one-click-rooting (which I’m not interested in; I want to know how it works from a technical perspective) and/or requires custom software (which, if used, has to be validated by the IT department, which I want to avoid as much as possible).
I’ll post questions in the appropriate forum boards and hope to be able to help any of you back in return if you would have any questions regarding cyber security.