O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

iOS Hacker's Handbook

iOS Hacker's Handbook

by Dion Blazakis, Vincenzo Iozzo, Dino DaiZovi, Stefan Esser, Charlie Miller, Ralf-Philipp Weinmann
Publisher: John Wiley & Sons
Release Date: May 2012
ISBN: 9781118240755
View table of contents
Start reading

Book Description

Discover all the security risks and exploits that can threaten iOS-based mobile devices

iOS is Apple's mobile operating system for the iPhone and iPad. With the introduction of iOS5, many security issues have come to light. This book explains and discusses them all. The award-winning author team, experts in Mac and iOS security, examines the vulnerabilities and the internals of iOS to show how attacks can be mitigated. The book explains how the operating system works, its overall security architecture, and the security risks associated with it, as well as exploits, rootkits, and other payloads developed for it.

  • Covers iOS security architecture, vulnerability hunting, exploit writing, and how iOS jailbreaks work

  • Explores iOS enterprise and encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks

  • Also examines kernel debugging and exploitation

  • Companion website includes source code and tools to facilitate your efforts

iOS Hacker's Handbook arms you with the tools needed to identify, understand, and foil iOS attacks.

Table of Contents

  1. Cover
  2. Chapter 1: iOS Security Basics
    1. iOS Hardware/Device Types
    2. How Apple Protects the App Store
    3. Understanding Security Threats
    4. Understanding the iOS Security Architecture
    5. A Brief History of iOS Attacks
    6. Summary
  3. Chapter 2: iOS in the Enterprise
    1. iOS Configuration Management
    2. Mobile Device Management
    3. Summary
  4. Chapter 3: Encryption
    1. Data Protection
    2. Attacking Data Protection
    3. Summary
  5. Chapter 4: Code Signing and Memory Protections
    1. Understanding Mandatory Access Control
    2. How Provisioning Works
    3. Understanding Application Signing
    4. Inside Entitlements
    5. How Code Signing Enforcement Works
    6. Discovering Dynamic Code Signing
    7. Breaking Code Signing
    8. Summary
  6. Chapter 5: Sandboxing
    1. Understanding the Sandbox
    2. Sandboxing Your Apps
    3. Understanding the Sandbox Implementation
    4. Summary
  7. Chapter 6: Fuzzing iOS Applications
    1. How Fuzzing Works
    2. The Recipe for Fuzzing
    3. Fuzzing Safari
    4. Adventures in PDF Fuzzing
    5. Quick Look Fuzzing
    6. Fuzzing with the Simulator
    7. Fuzzing MobileSafari
    8. PPT Fuzzing Fun
    9. SMS Fuzzing
    10. Summary
  8. Chapter 7: Exploitation
    1. Exploiting Bug Classes
    2. Understanding the iOS System Allocator
    3. Taming the iOS Allocator
    4. Understanding TCMalloc
    5. Taming TCMalloc
    6. ASLR Challenges
    7. Case Study: Pwn2Own 2010
    8. Testing Infrastructure
    9. Summary
  9. Chapter 8: Return-Oriented Programming
    1. ARM Basics
    2. ROP Introduction
    3. What Can You Do with ROP on iOS?
    4. Examples of ROP Shellcode on iOS
    5. Summary
  10. Chapter 9: Kernel Debugging and Exploitation
    1. Kernel Structure
    2. Kernel Debugging
    3. Kernel Extensions and IOKit Drivers
    4. Kernel Exploitation
    5. Summary
  11. Chapter 10: Jailbreaking
    1. Why Jailbreak?
    2. Jailbreak Types
    3. Understanding the Jailbreaking Process
    4. Executing Kernel Payloads and Patches
    5. Summary
  12. Chapter 11: Baseband Attacks
    1. GSM Basics
    2. Setting up OpenBTS
    3. RTOSes Underneath the Stacks
    4. Vulnerability Analysis
    5. Exploiting the Baseband
    6. Summary
  13. Appendix: Resources
  14. Introduction