In a recent assignment, I was asked to do an IT security audit of a Samsung Smart-TV app. It took me some time to find the (for me) ideal solution to do the audit with my usual setup of tools. Since Smart-TV apps are based on javascript, they run on a fancy browser in the Smart-TV device. Consequently, using the same auditing techniques for Smart-TV apps as for web applications makes sense. So the goal was to get all the requests and responses from the emulator through a proxy – in my case BurpSuite. I hope to help fellow IT security auditors to save some time with this little write-up.
more here.........http://mherfurt.wordpress.com/2014/10/10/auditing-samsung-smart-tv-apps/
more here.........http://mherfurt.wordpress.com/2014/10/10/auditing-samsung-smart-tv-apps/