下载  >  移动开发  >  iOS  > Hacking and Securing iOS Applications

Hacking and Securing iOS Applications 评分

Chapter 1. Everything You Know Is Wrong Part I: Hacking Chapter 2. The Basics of Compromising iOS Chapter 3. Stealing the Filesystem Chapter 4. Forensic Trace and Data Leakage Chapter 5. Defeating Encryption Chapter 6. Unobliterating Files Chapter 7. Manipulating the Runtime Chapter 8. Abusing the R
Hacking and securing ios Applications V兴om-93日 Jonathan Zaziarski O REILLY Beijing· Cambridge· Farnham·Koln· Sebastopol· Tokyo Hacking and Securing iOS Applications by Jonathan Zdziarski Copyright o 2012 Jonathan Zdziarski. All rights reserved Printed in the United States of america Published by O Reilly Media, Inc, 1005 Gravenstein Highway North, Sebastopol, CA 95472 O'Reilly books may be purchased for educational, business, or sales promotional use. Online editions arealsoavailableformosttitles(http://my.safaribooksonline.com).Formoreinformationcontactour corporate/institutionalsalesdepartment:(800)998-9938orcorporate@oreilly.com Editor: Andy Oram Cover Designer: Karen Montgomery Production Editor: Melanie Yarbrough Interior Designer: David Futato lustrator robert romano Revision History for the First Edition: 2012-01-13 First release Seehttporeillycom/catalog/errata.csp?isbn=9781449318741forreleasedetails Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc. Hacking and Securing iOS Applications, the cover image of a skunk, and related trade dress are trademarks of o Reilly media, Inc Many of the designations used by manufacturers and sellers to distinguish their products are claimed as rademarks. Where those designations appear in this book, and O Reilly Media, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information con tained herein ISBN:978-1-449-31874-1 1326485037 Steve: The coolest cat. We loved the chase Hackers and tinkerers everywhere Table of contents Preface XI 1. Everything You Know Is Wrong................ The myth of a monoculture The iOS Security Model Components of the iOS Security Model Storing the key with the lock 557 Passcodes equate to weak Security Forensic Data Trumps Encryption 10 External Data is at risk. Too 11 Hijacking Traffic Data Can Be stolen. Quickly Trust No One, Not Even Your Application 13 Physical Access Is Optional Summa Part Hacking 2. The Basics of Compromising iOS 19 Why It's Important to Learn How to Break Into a device Jailbreaking explained 20 Developer tools d User Jailbreaks Jailbreaking an iphone DFU Mode 25 Tethered Versus Untethered 26 Compromising Devices and Injecting Code 26 Building Custom Code 28 Analyzing Your Binary Testing your Binar 32 Demonizing Code 34 Deploying Malicious Code with a Tar archive Deploying Malicious Code with a RAM Disk 38 Exercises 50 Summary 51 3. Stealing the Filesystem.……53 Full Disk encryption 53 Solid state nand 54 Disk Encryption 54 Where iOS Disk Encryption Has Failed You 56 Copying the live filesystem 56 The Data Theft payload Customizing launchd Preparing the ram disk 70 Imaging the filesystem 71 Copying the raw filesystem The Raw Theft Payload Customizing launchd 78 Preparing the ram disk 79 Imaging the filesystem Exercises The role of Social Engineering 81 Disabled device de 81 Deactivated Device Decoy 2 Malware Enabled decoy 83 Password Engineering Application ummary 84 4. Forensic Trace and data leakage 87 Extract re geot 88 Consolidated gps cache SQLite databa 91 Connecting to a database 91 SQLite Built-in Commands 92 Issuing SQL Queries Important Database Files Address book contacts 93 Address Book images 95 Google maps data 97 Calendar events 101 Call histo 103 Email database 103 otes 105 I Table of Contents Photo metadata 105 SMS Messages 105 Safari bookmarks 106 SMS Spotlight cache 106 Safari Web Caches 107 Web Application Cache 107 WebKit Storage 107 Voicemail 107 Reverse engineering remnant Database Fields 108 SMS Drafts 110 Property lists Important Property List Files Other Important Files 115 ummary 117 5. Defeating Encryption∴…,19 ge ti's data protection tool Installing Data Protection Tools 120 Building the brute Forcer 120 Building Needed Python Libraries 121 Extracting encryption Keys 122 The Key theft payload 122 Customizing launchd 123 Preparing the ram disk 124 Preparing the Kernel 125 Executing the Brute Force 125 Decrypting the Keychain 128 Decrypting Raw Disk 130 Decrypting iTunes Backups 131 Defeating Encryption Through Spyware 132 The spy theft payload 133 Demonizing spy 137 Customizing launchd 137 Preparing the ram disk 138 Executing the Payload 139 Exercises 139 Summa ary 140 6. Obliterating Files ,141 Scraping the hes journal 142 Carving Empty Space 144 Commonly Recovered Data 144 pplication sc creenshots 144 Table of contents|ⅶi Deleted Property lists 146 Deleted Voicemail and Voice Recordings 146 Deleted Keyboard Cache 146 Photos and other personal information 146 Summa 147 7. Manipulating the Runtime................ 149 Analyzing Binaries 150 The mach-O Format 150 Introduction to class-dump-z 154 Symbol table 155 Encrypted binaries Calculating offsets 158 Dumping memory 159 Copy Decrypted Code Back to the File 161 Resetting the cryptid 161 Abusing the runtime with cycript 163 Installing Cycript 164 Using Cycript 164 Breaking Simple Locks 166 Replacing methods 172 Trawling for Data 174 Logging d 177 More Serious implications 177 Exercises 185 Spring Board animations 185 Call Tapping.Kind Of 186 Making screen shots 187 ummar 187 8. Abusing the runtime Library ...................... 189 Breaking Objective-C Down 189 Instance variables 191 Method cache 192 Disassembling and Debugging 193 Eavesdropping 197 The Underlying Objective-C Framework 199 Interfacing with Objective-C 201 Malicious Code injection 203 The Code Theft payload 203 Injection Using a debugger 204 Injection Using Dynamic Linker Attack 206 ⅶ ii Table of Contents

...展开详情
所需积分/C币:6 上传时间:2019-08-19 资源大小:9.95MB
举报 举报 收藏 收藏 (1)
分享 分享
Hacking and Securing iOS Applications

Hacking and Securing iOS Applications ,主要介绍了ios方面安全与防护方面的问题,主要是分为两个部分: 1.如何hack; 2.如何防护

立即下载
Hacking and Securing Ios Applications

Jonathan Zdziarski作品 Hacking and Securing Ios Applications电子书

立即下载
Hacking and Securing iOS Applications 无水印pdf

Hacking and Securing iOS Applications 英文无水印pdf pdf所有页面使用FoxitReader和PDF-XChangeViewer测试都可以打开 本资源转载自网络,如有侵权,请联系上传者或csdn删除 本资源转载自网络,如有侵权,请联系上传者或csdn删除

立即下载
Hacking and Securing iOS Applications.pdf

高清文字版,带目录 完整版; ios开发者必看书籍,国外经典书籍

立即下载
iOS逆向系列:Hacking and Securing iOS Applications

iOS逆向系列:Hacking and Securing iOS Applications

立即下载
Hacking.and.Securing.iOS.Applications

Hacking.and.Securing.iOS.Applications

立即下载
【Hacking.and.Securing.iOS.Applications】[PDF+源代码] [iPhone/iPad/iOS]

【Hacking.and.Securing.iOS.Applications】[PDF+源代码] [iPhone/iPad/iOS]

立即下载
Securing-Optimizing-Linux-The-Hacking-Solution-v3.0.pdf

This 3rd edition of the very popular title "Securing & Optimizing Linux" looks for security measures that go beyond firewalls and intrusion detection systems to anticipate and protect against upcoming threats. Securing & Optimizing Linux: The Hacking Solution: A hacker's guide to protect your Linux

立即下载
Securing Your Business with Cisco ASA and PIX Firewalls

<br>The easy-to-use guide for learning how to secure networks with the world-class PIX Firewall Ideal for network administrators with little or no firewall experience Easily explains how to implement a security system in small and medium businesses or at home using graphical PIX Device Manager (PDM

立即下载
Hacking Windows® XP

E文版 Part I: Customizing Your System . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 1: Customizing the Look of the Startup . . . . . . . . . . . . . . . . . . . . . . . 3 Chapter 2: Customizing User Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Chapter 3: Hacking the Des

立即下载
How to Cheat at Securing a Wireless Network

Product Description Wireless connectivity is now a reality in most businesses. Yet by its nature, wireless networks are the most difficult to secure and are often the favorite target of intruders. This book provides the busy network administrator with best-practice solutions to securing the wireless

立即下载
Python Penetration Testing Essentials, 2nd Edition

Title: Python Penetration Testing Essentials, 2nd Edition Author: Mohit Length: 230 pages Edition: 2nd Revised edition Language: English Publisher: Packt Publishing Publication Date: 2018-05-30 ISBN-10: 1789138965 ISBN-13: 9781789138962 This book gives you the skills you need to use Python for pene

立即下载
Hands-On Penetration Testing on Windows - 2018 pdf 5分

Hands-On Penetration Testing on Windows pdf 页数:454 来源: https://itbooks.ctfile.com/fs/18113597-302639985 Master the art of identifying vulnerabilities within the Windows OS and develop the desired solutions for it using Kali Linux. Book Description Windows has always been the go-to platform for u

立即下载
Basic Security Testing with Kali Linux (2014)

With computer hacking attacks making headline news on a frequent occasion, it is time for companies and individuals to take a more active stance in securing their computer systems. Kali Linux is an Ethical Hacking platform that allows good guys to use the same tools and techniques that a hacker wou

立即下载
Basic.Security.Testing.with.Kali.Linux.2.153050656

Basic Security Testing with Kali Linux 2 Kali Linux 2 (2016) is an Ethical Hacking platform that allows good guys to use the same tools and techniques that a hacker would use, so they can find security issues before the bad guys do. In Basic Security Testing with Kali Linux 2, you will learn basic

立即下载
黑客2016年手冊

Distros The distro is the core of Linux, so make sure you get the right one. Did we say the distro was the core? Forget that: software is what you need. Dive into the world of hacking with this in-depth manual that covers the big topics, from the Linux kernel and wider open-source OS to hacking serv

立即下载
counter hack reloaded

Why This Book? If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. —Sun Tzu, Art of Wa

立即下载
Digging into WordPress.pdf

9.3.1 Monitoring and Fixing Errors ...............................350 9.3.2 Alex King’s 404 Notifier Plugin .....................................................351 9.3.3 Broken Link Checker Plugin ........................................................351 9.3.4 Other Error-Logging Techniques .....

立即下载
ModbusTCP/RTU网关设计

基于UIP协议栈,实现MODBUS联网,可参考本文档资料,有MODBUS协议介绍

立即下载
html+css+js制作的一个动态的新年贺卡

该代码是http://blog.csdn.net/qq_29656961/article/details/78155792博客里面的代码,代码里面有要用到的图片资源和音乐资源。

立即下载