Hacking and securing iOS applications | Politeknik Siber dan Sandi Negara

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

Image of Hacking and securing iOS applications

Text

Hacking and securing iOS applications

Zdziarski, Jonathan A. - Personal Name; Oram, Andrew - Personal Name; Romano, Robert - Personal Name;

Table of Contents

Chapter 1 Everything You Know Is Wrong
The Myth of a Monoculture
The iOS Security Model
Storing the Key with the Lock
Passcodes Equate to Weak Security
Forensic Data Trumps Encryption
External Data Is at Risk, Too
Hijacking Traffic
Trust No One, Not Even Your Application
Physical Access Is Optional

Hacking
Chapter 2 The Basics of Compromising iOS
Why It’s Important to Learn How to Break Into a Device
Jailbreaking Explained
End User Jailbreaks
Compromising Devices and Injecting Code
Chapter 3 Stealing the Filesystem
Full Disk Encryption
Copying the Live Filesystem
Copying the Raw Filesystem
Exercises
The Role of Social Engineering
Summary
Chapter 4 Forensic Trace and Data Leakage
Extracting Image Geotags
SQLite Databases
Reverse Engineering Remnant Database Fields
SMS Drafts
Property Lists
Other Important Files
Summary
Chapter 5 Defeating Encryption
Sogeti’s Data Protection Tools
Extracting Encryption Keys
Decrypting the Keychain
Decrypting Raw Disk
Decrypting iTunes Backups
Defeating Encryption Through Spyware
Exercises
Summary
Chapter 6 Unobliterating Files
Scraping the HFS Journal
Carving Empty Space
Commonly Recovered Data
Summary
Chapter 7 Manipulating the Runtime
Analyzing Binaries
Encrypted Binaries
Abusing the Runtime with Cycript
Exercises
Summary
Chapter 8 Abusing the Runtime Library
Breaking Objective-C Down
Disassembling and Debugging
Malicious Code Injection
Injection Using Dynamic Linker Attack
Summary
Chapter 9 Hijacking Traffic
APN Hijacking
Simple Proxy Setup
Attacking SSL
Attacking Application-Level SSL Validation
Hijacking Foundation HTTP Classes
Analyzing Data
Driftnet
Exercises
Summary

Securing
Chapter 10 Implementing Encryption
Password Strength
Introduction to Common Crypto
Master Key Encryption
Geo-Encryption
Split Server-Side Keys
Securing Memory
Public Key Cryptography
Exercises
Chapter 11 Counter Forensics
Secure File Wiping
Wiping SQLite Records
Keyboard Cache
Randomizing PIN Digits
Application Screenshots
Chapter 12 Securing the Runtime
Tamper Response
Process Trace Checking
Blocking Debuggers
Runtime Class Integrity Checks
Inline Functions
Complicating Disassembly
Exercises
Chapter 13 Jailbreak Detection
Sandbox Integrity Check
Filesystem Tests
Page Execution Check
Chapter 14 Next Steps
Thinking Like an Attacker
Other Reverse Engineering Tools
Security Versus Code Management
A Flexible Approach to Security
Other Great Books

Availability

Perpustakaan Poltek SSN (Rak 000) 005.265 ZDZ h

b0001395

Available - Available

Detail Information

Series Title: --
Call Number: 005.265 ZDZ h
Publisher: California : O'Reilly Media., 2012
Collation: xv, 336 hal.; ilus.; 24 cm
Language: English
ISBN/ISSN: 9781449318741
Classification: 005.265
Content Type: -
Media Type: -
Carrier Type: -
Edition: 1st edition
Subject(s): IOS (Electronic resource)
Objective-C (Computer program language)
Software protection
Specific Detail Info: --
Statement of Responsibility: Jonathan Zdziarski

Other version/related

No other version available

File Attachment

No Data

Comments

You must be logged in to post a comment