Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It

封面
"O'Reilly Media, Inc.", 2012年1月17日 - 358 頁

If you’re an app developer with a solid foundation in Objective-C, this book is an absolute must—chances are very high that your company’s iOS applications are vulnerable to attack. That’s because malicious attackers now use an arsenal of tools to reverse-engineer, trace, and manipulate applications in ways that most programmers aren’t aware of.

This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You’ll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversary.

  • Examine subtle vulnerabilities in real-world applications—and avoid the same problems in your apps
  • Learn how attackers infect apps with malware through code injection
  • Discover how attackers defeat iOS keychain and data-protection encryption
  • Use a debugger and custom code injection to manipulate the runtime Objective-C environment
  • Prevent attackers from hijacking SSL sessions and stealing traffic
  • Securely delete files and design your apps to prevent forensic data leakage
  • Avoid debugging abuse, validate the integrity of run-time classes, and make your code harder to trace
 

已選取的頁面

內容

其他版本 - 查看全部

Hacking and Securing IOS Applications
Jonathan Zdziarski
有限的預覽 - 2012

常見字詞

App Store Apple Apple’s application application’s attacker binary boot Breakpoint browser brute force cache Chapter code injection command compiler configuration connection const char contains copy created custom Cycript database debugger decrypt deleted desktop machine device’s dict dump encryption keys example export PLATFORM=/Developer/Platforms/iPhoneOS.platform filename filesystem flag function globl GNU Debugger hello implementation inject inline installed interface iOS device iPhone isysroot PLATFORM/Developer/SDKs/iPhoneOS5.0.sdk iTunes jailbreaking jailbroken key derivation function keychain launchd ldid loaded Mac OS X malicious code malware memory method movl MyDelegate netcat NSString NSURLConnection NULL objc_msgSend Objective-C operating system output passcode passphrase password payload Photo PLATFORM/Developer/usr/bin/arm-apple-darwin10-llvm-gcc-4.2 plist pointer protection proxy RAM disk raw disk image redsn0w runtime SaySomething server shared libraries size_t specified SQLite stolen struct target techniques unsigned char user’s void wipe Xcode

關於作者 (2012)

Jonathan Zdziarski is better known as the hacker "NerveGas" in the iOSdevelopment community. His work in cracking the iPhone helped lead theeffort to port the first open source applications to it, and his bookiPhone Open Application Development taught developers how to writeapplications for the popular device long before Apple introduced itsown SDK. Jonathan is also the author of many other books, includingiPhone SDK Application Development and iPhone Forensics. Jonathanpresently supports over 2,000 law enforcement agencies worldwide anddistributes a suite of iOS forensic imaging tools to obtain evidencefrom iOS devices for criminal cases. He frequently consults and trainslaw enforcement agencies and assists forensic examiners in theirinvestigations. Jonathan is also a full-time Sr. Forensic Scientist, where, amongother things, he performs penetration testing of iOS applications forcorporate clients.

書目資訊

書名Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It
作者Jonathan Zdziarski
出版者"O'Reilly Media, Inc.", 2012
ISBN1449325238, 9781449325237
頁數358 頁
  
匯出書目資料BiBTeX EndNote RefMan