2. NSLog (@”About me !”);
iOS developer >2 yr
Web api developer
iOS app pentester
Security Enthusiast
3. Rough Agenda (we will digress)
Introduction to iOS
Introduction to iOS apps
Objective C
Environment & tool setup
Static Analysis
Dynamic Analysis
Secure Coding & Best practices
4. iOS
Mobile OS by Apple Inc. (i Operating System ,
2007)
History
Architecture of iOS
5. iOS architecture of Non Jailbroken
device
OS &
preinstalled
Apps
Path
/Application
Root
user
Mobile
user
App
1
App
2
Sandbox for
app1
contains all the
files created or
required by app
Apps from appstore
Path
/var/mobile/containe
r/bundle/application
*The permission architecture
*Sandboxing of iOS apps
6. Types of iOS Applications
Web Applications:
HTML + CSS + JavaScript
Run inside Safari/Webkit
Native Applications:
Written in Objective-C (+ C/C++)
Compiled into ARM for actual devices, x86 for
iOS Simulator
7. What does an iOS Application Look
Like?
iOS Applications:
In Development with Apple SDK Xcode:
Distributed as XCode Project Folders
Compiled and deployed through the app store:
Compiled as ARM
Distributed as “.ipa” files
zip files containing app resources and ARM executable
Deployed as “.app” directories
Executable code is:
encrypted with FairPlay DRM (AES)
signed with Apple’s signature
8. Objective C
Objective-C is a superset of C, this means all C
code still applies.
[self doSomethingWithVar:var1];
14. Cycript
Cycript is an implementation of JavaScript that
can interact with Objective-C classes and
objects. One of the most useful functions of
Cycript is its ability to attach directly to a
process, much like gdb, and alter the state of
the running application. With Cycript, you can
manipulate existing objects already in your
application’s memory, or instantiate new objects,
such as new view controller classes or windows.
19. Secure Coding & Best Practices
Secure coding is about increasing the
complexity demanded for an attack against the
application to succeed. No application can
ever be truly secure. With the right resources
and time, any application, including those
utilizing strong encryption, can be broken.
20. Precaution not Cure :-P
Use dummy methods.
Analyze flow & architecture of code.
Is Jailbroken?
Don’t use hardcoded strings (key,outhtoken etc).
Is debugger attached.
Handle -
(void)applicationDidEnterBackground:(UIApplicati
on *)application
Use keychain for sensitive info (key,outhtoken
etc).
Don’t use plain http web api.
Always use server side validation for inapp
purchase.
21. All done ! Can contact me @
srbmishra91@gmail.com