Book Image

Learning iOS Penetration Testing

By : Swaroop Yermalkar
Book Image

Learning iOS Penetration Testing

By: Swaroop Yermalkar

Overview of this book

iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks. Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications. This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Table of Contents (17 chapters)
Learning iOS Penetration Testing
Foreword – Why Mobile Security Matters
About the Author
About the Reviewer

Physical acquisition

One of the widely used techniques to acquire data from iPhone is via custom ramdisk. We have already studied the concept of iOS secure bootchain in the Chapter 1, Introducing iOS Application Security. The iOS secure bootchain provides a security mechanism right from the booting process. Therefore, in order to perform live forensics using a custom ramdisk, there should be bootrom exploit available to break the chain of trust. Interestingly, as these exploits work at hardware level, manufacturer won't be able to fix it without a hardware revision.

Let's study bit details about iOS devices different operating modes as normal mode, Device Firmware Upgrade (DFU) mode and recovery mode:

  • Normal mode: When we turn on iPhone and it gets booted to its operating system, it happens in the normal mode.

  • DFU mode: I would like you to revise the concept of iOS secure boot chain learnt in Chapter 1, Introducing iOS Application Security, where we had studied the steps as Boot ROM | LLB...