Table of Contents

Chapter 1: iOS Security Basics

iOS Hardware/Device Types

How Apple Protects the App Store

Understanding Security Threats

Understanding the iOS Security Architecture

A Brief History of iOS Attacks

Summary

Chapter 2: iOS in the Enterprise

iOS Configuration Management

Mobile Device Management

Summary

Chapter 3: Encryption

Data Protection

Attacking Data Protection

Summary

Chapter 4: Code Signing and Memory Protections

Understanding Mandatory Access Control

How Provisioning Works

Understanding Application Signing

Inside Entitlements

How Code Signing Enforcement Works

Discovering Dynamic Code Signing

Breaking Code Signing

Summary

Chapter 5: Sandboxing

Understanding the Sandbox

Sandboxing Your Apps

Understanding the Sandbox Implementation

Summary

Chapter 6: Fuzzing iOS Applications

How Fuzzing Works

The Recipe for Fuzzing

Fuzzing Safari

Adventures in PDF Fuzzing

Quick Look Fuzzing

Fuzzing with the Simulator

Fuzzing MobileSafari

PPT Fuzzing Fun

SMS Fuzzing

Summary

Chapter 7: Exploitation

Exploiting Bug Classes

Understanding the iOS System Allocator

Taming the iOS Allocator

Understanding TCMalloc

Taming TCMalloc

ASLR Challenges

Case Study: Pwn2Own 2010

Testing Infrastructure

Summary

Chapter 8: Return-Oriented Programming

ARM Basics

ROP Introduction

What Can You Do with ROP on iOS?

Examples of ROP Shellcode on iOS

Summary

Chapter 9: Kernel Debugging and Exploitation

Kernel Structure

Kernel Debugging

Kernel Extensions and IOKit Drivers

Kernel Exploitation

Summary

Chapter 10: Jailbreaking

Why Jailbreak?

Jailbreak Types

Understanding the Jailbreaking Process

Executing Kernel Payloads and Patches

Summary

Chapter 11: Baseband Attacks

GSM Basics

Setting up OpenBTS

RTOSes Underneath the Stacks

Vulnerability Analysis

Exploiting the Baseband

Summary

Appendix: Resources

Introduction

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset