Suche senden
Hochladen
Dmitry 'D1g1' Evdokimov - BlackBox analysis of iOS apps
•
3 gefällt mir
•
2,022 views
DefconRussia
Folgen
Technologie
Melden
Teilen
Melden
Teilen
1 von 56
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
Prem Kumar (OSCP)
iOS Application Penetation Test
iOS Application Penetation Test
JongWon Kim
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101
OWASP
Yow connected developing secure i os applications
Yow connected developing secure i os applications
mgianarakis
Evaluating iOS Applications
Evaluating iOS Applications
iphonepentest
Mobile Security Assessment: 101
Mobile Security Assessment: 101
wireharbor
44cafe heart bleed
44cafe heart bleed
iphonepentest
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh Ojha
Yogesh Ojha
Empfohlen
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
Prem Kumar (OSCP)
iOS Application Penetation Test
iOS Application Penetation Test
JongWon Kim
[Wroclaw #2] iOS Security - 101
[Wroclaw #2] iOS Security - 101
OWASP
Yow connected developing secure i os applications
Yow connected developing secure i os applications
mgianarakis
Evaluating iOS Applications
Evaluating iOS Applications
iphonepentest
Mobile Security Assessment: 101
Mobile Security Assessment: 101
wireharbor
44cafe heart bleed
44cafe heart bleed
iphonepentest
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh Ojha
Yogesh Ojha
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Ajin Abraham
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Romansh Yadav
iOS 6 Exploitation: 280 days later
iOS 6 Exploitation: 280 days later
Seguridad Apple
The 4 Levels of Open Source Risk Management
The 4 Levels of Open Source Risk Management
Black Duck by Synopsys
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Black Duck by Synopsys
Hacking Tizen: The OS of everything - Whitepaper
Hacking Tizen: The OS of everything - Whitepaper
Ajin Abraham
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
Cyber Security Alliance
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
h4oxer
Droidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensics
viaForensics
Customer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to Compliance
Black Duck by Synopsys
SecDevOps
SecDevOps
Peter Lamar
Contain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidence
Black Duck by Synopsys
Mobile security part 2
Mobile security part 2
Romansh Yadav
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
RootedCON
михаил дударев
михаил дударев
apps4allru
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security
Black Duck by Synopsys
Security in the Age of Open Source
Security in the Age of Open Source
Black Duck by Synopsys
September 13, 2016: Security in the Age of Open Source:
September 13, 2016: Security in the Age of Open Source:
Black Duck by Synopsys
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
DevOps.com
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
Stefan Esser
iOS application (in)security
iOS application (in)security
iphonepentest
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1
Subhransu Behera
Weitere ähnliche Inhalte
Was ist angesagt?
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Ajin Abraham
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Romansh Yadav
iOS 6 Exploitation: 280 days later
iOS 6 Exploitation: 280 days later
Seguridad Apple
The 4 Levels of Open Source Risk Management
The 4 Levels of Open Source Risk Management
Black Duck by Synopsys
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Black Duck by Synopsys
Hacking Tizen: The OS of everything - Whitepaper
Hacking Tizen: The OS of everything - Whitepaper
Ajin Abraham
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
Cyber Security Alliance
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
h4oxer
Droidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensics
viaForensics
Customer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to Compliance
Black Duck by Synopsys
SecDevOps
SecDevOps
Peter Lamar
Contain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidence
Black Duck by Synopsys
Mobile security part 2
Mobile security part 2
Romansh Yadav
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
RootedCON
михаил дударев
михаил дударев
apps4allru
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security
Black Duck by Synopsys
Security in the Age of Open Source
Security in the Age of Open Source
Black Duck by Synopsys
September 13, 2016: Security in the Age of Open Source:
September 13, 2016: Security in the Age of Open Source:
Black Duck by Synopsys
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
DevOps.com
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
Stefan Esser
Was ist angesagt?
(20)
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Hacking Tizen : The OS of Everything - Nullcon Goa 2015
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
Mobile security part 1(Android Apps Pentesting)- Romansh yadav
iOS 6 Exploitation: 280 days later
iOS 6 Exploitation: 280 days later
The 4 Levels of Open Source Risk Management
The 4 Levels of Open Source Risk Management
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Hacking Tizen: The OS of everything - Whitepaper
Hacking Tizen: The OS of everything - Whitepaper
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
ASFWS 2012 - Audit d’applications iOS par Julien Bachmann
Android Security Overview and Safe Practices for Web-Based Android Applications
Android Security Overview and Safe Practices for Web-Based Android Applications
Droidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensics
Customer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to Compliance
SecDevOps
SecDevOps
Contain your risk: Deploy secure containers with trust and confidence
Contain your risk: Deploy secure containers with trust and confidence
Mobile security part 2
Mobile security part 2
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
Javier Hijas & Ori Kuyumgiski - Security at the speed of DevOps [rooted2018]
михаил дударев
михаил дударев
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security
Security in the Age of Open Source
Security in the Age of Open Source
September 13, 2016: Security in the Age of Open Source:
September 13, 2016: Security in the Age of Open Source:
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
Safe and Secure Applications: Deploying in a Cloud or Multi-Cloud Environment
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
CanSecWest 2013 - iOS 6 Exploitation 280 Days Later
Ähnlich wie Dmitry 'D1g1' Evdokimov - BlackBox analysis of iOS apps
iOS application (in)security
iOS application (in)security
iphonepentest
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1
Subhransu Behera
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
iphonepentest
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Ajin Abraham
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Felipe Prado
Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)
ClubHack
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
drewz lin
Android pen test basics
Android pen test basics
OWASPKerala
Rapid Android Application Security Testing
Rapid Android Application Security Testing
Nutan Kumar Panda
Android Penetration testing - Day 2
Android Penetration testing - Day 2
Mohammed Adam
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
Ajin Abraham
Introduction to Android Development and Security
Introduction to Android Development and Security
Kelwin Yang
Virtue Security - The Art of Mobile Security 2013
Virtue Security - The Art of Mobile Security 2013
Virtue Security
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testing
eightbit
Frida - Objection Tool Usage
Frida - Objection Tool Usage
n|u - The Open Security Community
Pentesting iOS Applications
Pentesting iOS Applications
jasonhaddix
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013
Blueinfy Solutions
Please, Please, PLEASE Defend Your Mobile Apps!
Please, Please, PLEASE Defend Your Mobile Apps!
Jerod Brennen
Attacking and Defending Mobile Applications
Attacking and Defending Mobile Applications
Jerod Brennen
TDC2018SP | Trilha Mobile - Case VC+: Como tornar seguro um aplicativo mobile...
TDC2018SP | Trilha Mobile - Case VC+: Como tornar seguro um aplicativo mobile...
tdc-globalcode
Ähnlich wie Dmitry 'D1g1' Evdokimov - BlackBox analysis of iOS apps
(20)
iOS application (in)security
iOS application (in)security
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
Android pen test basics
Android pen test basics
Rapid Android Application Security Testing
Rapid Android Application Security Testing
Android Penetration testing - Day 2
Android Penetration testing - Day 2
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...
Introduction to Android Development and Security
Introduction to Android Development and Security
Virtue Security - The Art of Mobile Security 2013
Virtue Security - The Art of Mobile Security 2013
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Frida - Objection Tool Usage
Frida - Objection Tool Usage
Pentesting iOS Applications
Pentesting iOS Applications
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013
Please, Please, PLEASE Defend Your Mobile Apps!
Please, Please, PLEASE Defend Your Mobile Apps!
Attacking and Defending Mobile Applications
Attacking and Defending Mobile Applications
TDC2018SP | Trilha Mobile - Case VC+: Como tornar seguro um aplicativo mobile...
TDC2018SP | Trilha Mobile - Case VC+: Como tornar seguro um aplicativo mobile...
Mehr von DefconRussia
[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
DefconRussia
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
DefconRussia
[Defcon Russia #29] Алексей Тюрин - Spring autobinding
[Defcon Russia #29] Алексей Тюрин - Spring autobinding
DefconRussia
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
DefconRussia
Георгий Зайцев - Reversing golang
Георгий Зайцев - Reversing golang
DefconRussia
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
DefconRussia
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
DefconRussia
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
DefconRussia
HTTP HOST header attacks
HTTP HOST header attacks
DefconRussia
Attacks on tacacs - Алексей Тюрин
Attacks on tacacs - Алексей Тюрин
DefconRussia
Weakpass - defcon russia 23
Weakpass - defcon russia 23
DefconRussia
nosymbols - defcon russia 20
nosymbols - defcon russia 20
DefconRussia
static - defcon russia 20
static - defcon russia 20
DefconRussia
Zn task - defcon russia 20
Zn task - defcon russia 20
DefconRussia
Vm ware fuzzing - defcon russia 20
Vm ware fuzzing - defcon russia 20
DefconRussia
Nedospasov defcon russia 23
Nedospasov defcon russia 23
DefconRussia
Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23
DefconRussia
Miasm defcon russia 23
Miasm defcon russia 23
DefconRussia
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
DefconRussia
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
DefconRussia
Mehr von DefconRussia
(20)
[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
[Defcon Russia #29] Алексей Тюрин - Spring autobinding
[Defcon Russia #29] Алексей Тюрин - Spring autobinding
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
Георгий Зайцев - Reversing golang
Георгий Зайцев - Reversing golang
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
HTTP HOST header attacks
HTTP HOST header attacks
Attacks on tacacs - Алексей Тюрин
Attacks on tacacs - Алексей Тюрин
Weakpass - defcon russia 23
Weakpass - defcon russia 23
nosymbols - defcon russia 20
nosymbols - defcon russia 20
static - defcon russia 20
static - defcon russia 20
Zn task - defcon russia 20
Zn task - defcon russia 20
Vm ware fuzzing - defcon russia 20
Vm ware fuzzing - defcon russia 20
Nedospasov defcon russia 23
Nedospasov defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23
Miasm defcon russia 23
Miasm defcon russia 23
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
Kürzlich hochgeladen
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Bhuvaneswari Subramani
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
Kürzlich hochgeladen
(20)
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Elevate Developer Efficiency & build GenAI Application with Amazon Q
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Dmitry 'D1g1' Evdokimov - BlackBox analysis of iOS apps
1.
Blackbox analysis of
iOS apps Dmitry 'D1g1' Evdokimov, Security researcher at Digital Security (ERPScan)
2.
Blackbox analysis of
iOS apps #whoami • Director of DSecRG (ERPScan Research Group) • Section editor in the Xakep magazine • Co-organizer of DEFCON Russia & ZeroNights • Author of Python arsenal for RE Specialized in finding vulnerabilities in binary applications without source code 2 © 2002—2013, Digital Security
3.
Blackbox analysis of
iOS apps Attention please! It is not rocket science =) This work is a compilation of public information and my own experience 3 © 2002—2013, Digital Security
4.
Blackbox analysis of
iOS apps Goals of this workshop • How iOS and iOS applications work • The basics of iOS vulnerabilities • The skill of using common tools to find vulnerabilities in iOS apps 4 © 2002—2013, Digital Security
5.
Blackbox analysis of
iOS apps Agenda 1. iOS platform 1. How it works, Objective-C, ARM, security mechanisms, jailbreak 2. Introduction to Objective-C 3. iOS apps 1. Mach-O format, application structure, … 4. iOS vulns 5. Blackbox testing 1. Static and dynamic analysis 5 © 2002—2013, Digital Security
6.
Blackbox analysis of
iOS apps iOS • iOS is derived from OS X, with which it shares Darwin • • ARM The kernel sources remain closed • __arm__, ARM_ARCH • Touch-based • SpringBoard • Security mechanisms • Sandbox as a jail • … 6 © 2002—2013, Digital Security
7.
Blackbox analysis of
iOS apps iOS security mechanisms • Code Signing - X.509v3 certificates • Sandboxing (SeatBelt) - Inability to break the app’s directory - /var/mobile/Applications/<app-GUID>/ - Inability to access any other process - Inability to use any hardware devices directly - Inability to generate code dynamically • Privilege separation - Mobile user + Entitlements © 2002—2013, Digital Security 7
8.
Blackbox analysis of
iOS apps Jailbreak • Jaibreak depends on SW & HW • Tethered • Untethered • Ability to access file system • Copy/edit any file in the system • Bypassing sandbox restrictions • Break out of the app’s directory • Launching unsigned applications • Launch applications that do not belong to App Store © 2002—2013, Digital Security 8
9.
Blackbox analysis of
iOS apps Apple about jailbreak http://support.apple.com/kb/HT3743 9 © 2002—2013, Digital Security
10.
Blackbox analysis of
iOS apps ARM • • • • • Advanced RISC Machine Load-store architecture Fixed-length instructions 3-address instruction formats Instructions: • Data transfer • Data processing • Control flow 10 © 2002—2013, Digital Security
11.
Blackbox analysis of
iOS apps ARM modes 1. ARM • Length(Instr) = 4 bytes 2. Thumb • Length(Instr) = 2 bytes 3. Thumb2 • Length(Instr) = 2/4 bytes 4. Jazzle • Java bytecode + ARM/Thumb 11 © 2002—2013, Digital Security
12.
Blackbox analysis of
iOS apps ARM32 • Registers: • General Purpose: r0-r12 • Stack Pointer: r13 (SP) • Link Register: r14 (LR) • Program Counter: r15 (PC) • Current Program Status Register (CPSR) • Calling Convention: • Argument Values: r0-r3 • Local Values: r4-r12 • Return Value: r0 © 2002—2013, Digital Security 12
13.
Blackbox analysis of
iOS apps ARM 64-bit Architecture 1. iPhone 5S 2. AArch64 (ARM), ARM64 (Apple) 13 © 2002—2013, Digital Security
14.
Blackbox analysis of
iOS apps Divergences, divergences, divergences... 14 © 2002—2013, Digital Security
15.
Blackbox analysis of
iOS apps Development for iOS • • Mac Xcode • gcc/LLVM/LLVM-gcc compilers • iPhone Simulator (i386) • Cocoa Touch • Objective-C • Other: HTML, JavaScript, C# & .NET (Xamarin) 15 © 2002—2013, Digital Security
16.
Blackbox analysis of
iOS apps Objective-C • • Object-oriented language Based on: • Strict superset C • Smalltalk 16 © 2002—2013, Digital Security
17.
Blackbox analysis of
iOS apps Calling methods C++ ObjectPointer->MethodName(param1, param2) Obj-C [ObjectPointer MethodName:param1 param2Name:param2] objc_msgSend(ObjectPointer, "MethodName“,”param1”, “param2”) objc_msgSend() objc_msgSendSuper() objc_msgSend_fpret() objc_msgSend_stret() objc_msgSendSuper_stret() objc_msgSendSuper2() © 2002—2013, Digital Security 17
18.
Blackbox analysis of
iOS apps Go to device • • • • • Jailbreak Cydia SSH/putty itunnel_mux WinSCP/scp 18 © 2002—2013, Digital Security
19.
Blackbox analysis of
iOS apps Prepare env in device • otool • class-dump-z • APT 0.6 Transitional • apt-get • Command line tools • curl, dpkg, file, grep, netcat, python, sed, … 19 © 2002—2013, Digital Security
20.
Blackbox analysis of
iOS apps Install apps from console • Debian package dpkg -i <package.deb> killall -HUP SpringBoard • App without developer license or patched scp -r HelloWorld.app/ root@yourIP:/Applications/ uicache killall -HUP SpringBoard • IPA: o o IPA Installer Console iPhone Configuration Utility © 2002—2013, Digital Security 20
21.
Blackbox analysis of
iOS apps Useful commands • • cd /private/var/mobile/Applications find . -name '*Appname*‘ • • cd /private/var/mobile/Applications ls –l | grep ‘Time’ 21 © 2002—2013, Digital Security
22.
Blackbox analysis of
iOS apps Applications • AppStore • • On devices • • IPA packages = ZIP files /private/var/mobile/Applications/<UUID>/<AppName>.app/ Apple apps • /Applications/ 22 © 2002—2013, Digital Security
23.
Blackbox analysis of
iOS apps Mach-O file format basic structure 23 © 2002—2013, Digital Security
24.
Blackbox analysis of
iOS apps Mach-O header 1. 32bit (ARMv6,ARMv7) • 0xFEEDFACE 2. 64bit • 0xFEEDFACF 3. Universal binaries (FAT) • 0xCAFEBABE 24 © 2002—2013, Digital Security
25.
Blackbox analysis of
iOS apps Application structure AppName.app/ App Documents/ Data files saved by the app Library/ Miscellaneous app files iTunesArtwork App icon iTunesMetadata.plist The property list of the app tmp/ Directory for temporary files 25 © 2002—2013, Digital Security
26.
Blackbox analysis of
iOS apps Decrypt app from AppStore 1. gdb • Choosing the right architecture (if FAT) • Breakpoint at start 2. Clutch 3. dumpdecrypted.dylib 26 © 2002—2013, Digital Security
27.
Blackbox analysis of
iOS apps Decrypt • • Clutch • /var/root/Documents/Cracked/ dumpdecrypted.dylib 27 © 2002—2013, Digital Security
28.
Blackbox analysis of
iOS apps OWASP Mobile Top 10 Risks 28 © 2002—2013, Digital Security
29.
Blackbox analysis of
iOS apps Traffic analysis • Passive network traffic monitoring with tcpdump Then load the *.pcap file into wireshark for analysis • Gateway method • BurpSuite • HTTPS: Import PortSwigger CA to the iDevice • dnsRedir • Mallory (by Intrepidus Group) 29 © 2002—2013, Digital Security
30.
Blackbox analysis of
iOS apps Certificate pinning?! • • • Pinning is the process of associating a host with their expected X509 certificate or public key. OWASP • https://www.owasp.org/index.php/Certificate_and_Pu blic_Key_Pinning#iOS Attack • trustme • SecTrustEvaluate • ios-ssl-killswitch • SSLCreateContext,SSLSetSessionOption, SSLHandshake 30 © 2002—2013, Digital Security
31.
Blackbox analysis of
iOS apps Working with SSL certificates • NSURLConnection class • Accepting a self-signed certificate or incorrect error processing • • • allowsAnyHTTPSCertificateForHost setAllowsAnyHTTPSCertificate continueWithoutCredentialForAuthentica tionChallenge 31 © 2002—2013, Digital Security
32.
Blackbox analysis of
iOS apps CFStreams sockets • kCFStreamPropertySSLSettings • • • • • • kCFStreamSSLLevel kCFStreamSSLAllowsExpiredCertificates kCFStreamSSLAllowsExpiredRoots kCFStreamSSLAllowsAnyRoot kCFStreamSSLValidatesCertificateChain kCFStreamSSLPeerName 32 © 2002—2013, Digital Security
33.
Blackbox analysis of
iOS apps Cross-site scripting • UIWebView class • • stringByEvaluatingJavaScriptFromString shouldStartLoadWithRequest 33 © 2002—2013, Digital Security
34.
Blackbox analysis of
iOS apps List of interesting strings • Don’t use and don’t leak • UDID • IMEI • ICCID • PII • OSN-ID • LID 34 © 2002—2013, Digital Security
35.
Blackbox analysis of
iOS apps XML injections • • XML External Entity (XXE) flaws NSXMLParser class • • • libxml2 library • • setShouldResolveExternalEntities foundExternalEntityDeclarationWithName _xmlParseMemory 3rd party libraries and classes 35 © 2002—2013, Digital Security
36.
Blackbox analysis of
iOS apps Directory traversal • NSFileManager class • • • contentsAtPath fileHandleForReadingAtPath C functions • • fopen … © 2002—2013, Digital Security
37.
Blackbox analysis of
iOS apps File storage • NSFileManager class • NSFileProtectionKey attribute • • • • • NSFileProtectionNone NSFileProtectionComplete NSFileProtectionCompleteUnlessOpen NSFileProtectionCompleteUntilFirstUserAuthe ntication Tools: • filemon.iOS • FileDP 37 © 2002—2013, Digital Security
38.
Blackbox analysis of
iOS apps filemon.iOS 38 © 2002—2013, Digital Security
39.
Blackbox analysis of
iOS apps Plist files • plist – property lists • Serialized objects • XML • NSUserDefaults class • Tools: • Python library: plistlib, bplist • plist Editor • plutil • plutil - convert xml1 39 © 2002—2013, Digital Security
40.
Blackbox analysis of
iOS apps SQLite and SQL injections • SQLite database • • • • • /usr/lib/libsqlite3.dylib /<GUID>/Documents/ • *.sqlite, *.db, *.sqlite3 sqlite3_open sqlite3_prepare_v2 sqlite3_step • Use parameterized queries • sqlite3_bind_* 40 © 2002—2013, Digital Security
41.
Blackbox analysis of
iOS apps Keychain • Secure storage • • • • • File /private/var/Keychains/keychain-2.db SecItemAdd() SecItemUpdate() SecItemCopyMatching() SecItemDelete() • Tools: • keychain_dumper • keychain_dump 41 © 2002—2013, Digital Security
42.
Blackbox analysis of
iOS apps Cookies • Persistent cookies: Cookies.binarycookies • /private/var/mobile/Library/ • /private/var/mobile/<App GUID>/Library/Cookies • Tool: BinaryCookieReader.py 42 © 2002—2013, Digital Security
43.
Blackbox analysis of
iOS apps Logs NSLog() Tools: • iPhone Configuration Utility • syslogd 43 © 2002—2013, Digital Security
44.
Blackbox analysis of
iOS apps Cache • UIPasteboard class • generalPasteboard • Backgrounding • <Application GUID>/Library/Caches/Snapshots/*/*.png • applicationDidEnterBackground • Keyboard cache • • • /var/mobile/Library/Keyboard/en_GB-dynamictext.dat secureTextEntry = Yes autocorrectionType = UITextAutocorrectionTypeNo 44 © 2002—2013, Digital Security
45.
Blackbox analysis of
iOS apps IPC • URL schemes • handleOpenURL • openURL • http://wiki.akosma.com/IPhone_URL_Sche mes 45 © 2002—2013, Digital Security
46.
Blackbox analysis of
iOS apps Memory corruptions • Obj-C + C/C++ function = • Format string • • • • • • • • • • NSLog() [NSString stringWithFormat:] [NSString initWithFormat:] [NSMutableString appendFormat:] [NSAlert informativeTextWithFormat:] [NSPredicate predicateWithFormat:] [NSException format:] NSRunAlertPanel Buffer overflow Use-after-free © 2002—2013, Digital Security
47.
Blackbox analysis of
iOS apps Check for exploit mitigations • Stack cookie • • _stack_chk_fail _stack_chk_guard • PIE • ARC • • • • • • _objc_release _objc_retainAutoreleaseReturnValue _objc_autoreleaseReturnValue _objc_storeStrong _objc_retain _objc_retainAutoreleasedReturnValue © 2002—2013, Digital Security
48.
Blackbox analysis of
iOS apps TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS TOOLS 48 © 2002—2013, Digital Security
49.
Blackbox analysis of
iOS apps IDA Pro 49 © 2002—2013, Digital Security
50.
Blackbox analysis of
iOS apps radare2 ARM64 Mach-O 1. ??? 50 © 2002—2013, Digital Security
51.
Blackbox analysis of
iOS apps Hopper 51 © 2002—2013, Digital Security
52.
Blackbox analysis of
iOS apps iNalyzer 52 © 2002—2013, Digital Security
53.
Blackbox analysis of
iOS apps cycript 53 © 2002—2013, Digital Security
54.
Blackbox analysis of
iOS apps Introspy 54 © 2002—2013, Digital Security
55.
Blackbox analysis of
iOS apps Snoop-it 55 © 2002—2013, Digital Security
56.
Blackbox analysis of
iOS apps Q&A d.evdokimov@dsec.ru @evdokimovds 56 © 2002—2013, Digital Security
Jetzt herunterladen