iOS应用安全攻防

Preface

1.Everything You Know Is Wrong

The Myth of a Monoculture

The iOS Security Model

Components of the iOS Security Model

Storing the Key with the Lock

Passcodes Equate to Weak Security

Fotensic Data Trumps Encryption

External Dara Is at Risk, Too

Hij acking Traffic

Data Can Be Stolen...Quickly

Trust No One, Not Even Your Application

Physical Access Is Optional

Summary

PartⅠ. Hacking

2.The Basics of（omprornising iOS

Why It's Important to Learn How to Break Into a Device

Jailbreaking Explained

Developer Tools

End User Jailbreaks

Jailbreaking an iPhone

DFU Mode

Tethered Versus Untethered

Compromising Devices and Injecting Code

Building Custom Code

Analyzing Your Binary

TestingYourBinary

Daemonizing Codey

Deploying Malicious Code with a Tar Archive

Deploying Malicious Code with a RAM Disk

Exercises

Summary

3.StealingtheFilesystem

Full Disk Encryption

Solid State NAND

Disk Encryption

Where iOS Disk Encryption Has Failed You

Copying the Live Filesystem

The DataTheft Payload

Customizing launchd

Preparing the RAM disk

Imaging the Filesystem

Copying the Raw Filesystem

The RawTheft Payload

Customizing launchd

Preparing the RAM disk

Imaging the Filesystem

Exercises

The Role of Soaal Engineering

Disabled Device Decoy

Deacrivated Device Decoy

Malware Enabled Decoy

Password Engineering Application

Summary

4.ForensicTraceand Data Leakage

Extracring Image Geotags

Consolidated GPS Cache

SQLite Databases

Connecting to a Database

SQLite Built-in Commands

Issuing SQL Queries

Important Database Files

Address Book Contacts

Address Book Images

Google Maps Data

Calendar Events

Call History

Email Database

Notes

……

PartⅡ. Securing

如果你是一位具有坚实Objective-C基础的应用开发者，这本《iOS应用安全攻防（影印版）》绝对急你所需——你所在公司的iOS应用被攻击的可能性很大。这是因为恶意攻击者现在使用一系列工具采用大多数程序员想象不到的方式进行反向工程、跟踪和操纵应用。
这本书讲解了几种iOS的攻击手段，以及黑客们常用的工具和技术。你会从中学到保护你的应用的最佳方式，并且意识到像你的对手那样去理解和制定策略是多么重要。

检查现实应用中的微小漏洞--并丑避免在你的应用中出现同样的问题，了解黑客如何通过代码注入来使应用感染恶意软件，明白攻击者如何破解iOS keychain和数据保护加密，使用调试器和定制代码注入来操纵运行时Objective-C环境，阻止攻击者劫持SSL会话和窃取数据流量，安全地删除文件和设计应用来防止数据泄露，避免滥用调试，验证运行时类的健全性，确保你的代码难以跟踪。