SlideShare a Scribd company logo

IOS Security Basics - NULL/ OWASP/G4H Meet

Download as PPTX, PDF
Anthony Jose
Anthony Jose

Basic IOS Security internals . 1 . Secure Boot 2 . Full Disk Encryption 3 . Application Sandbox 4 . Network Traffic

Technology
1 of 14
IOS SECURITY BASICS @antojosep007
@WHOAMI  ANTO JOSEPH  Security Engineer @ Citrix  Passionate about Mobile Security Research  Past : Developer / SysAdmin  Speaker / Trainer @ HITB AMS / NullCon / GroundZero / c0c0n etc  Contributes to OWASP Mobile Security Guide / Checklist
SECURE BOOT  1. Read only boot rom  2. LLB  3. iBoot  1 . Recovery ( DFU)  2. Kernel  Load Drivers  Start Daemons
APP SANDBOX  Mac based  Confined to App Directory  Some IOS versions how ever allowed access to arbitrary locations including /private/var/mobile/Media/Photos/
FDE  First to Introduce it in the Market  Solves Data at Rest Problem  Device KEY + User Passcode = File Sys Key  File Sys Key used to Decrypt File Meta Data  File Meta Data has per file key
KEYCHAIN  Can Store Secret Information here  Mediated through securityd daemon  Can Specify events when the keychain data should be avaliable  Jailbroken device = NO KEYCHAIN SECURITY  Use Keychain Dumper from Cydia
JAILBREAKING  Required to run unsigned code in the device  Required for security testing  Required for Modifying the Device  Required for Awesomeness !!
PANGU / EVASION
APPSEC ESSENTIALS ( FS )  Use iExplorer / iFunBox to Explore the App SandBox  Check Plist Files  Check Binary Cookies  Check Screenshots  Check Keyboard Cache ( Autocomplete data may go in here )  Check for Sqlites  Check for Sensitive Data Elsewhere
APPSEC ESSENTIALS ( NETWORK)  Use a standard HTTP proxy to Intercept Traffic  Install Proxy Certificate on the device  Change proxy settings in WIFI settings  Install SSL TRUST KILLER for Certificate Pinning Bypass if needed  Use ipTables to intercept non-http traffic
DEMO TIME
QUESTIONS ?
THANKS

Recommended

Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basicsAnant Shrivastava
 
IoT mit Rust programmieren
IoT mit Rust programmierenIoT mit Rust programmieren
IoT mit Rust programmierenLars Gregori
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Knoldus Inc.
 
Computer consulting project cowens
Computer consulting project cowensComputer consulting project cowens
Computer consulting project cowenscodyowens
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemAnant Shrivastava
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanHistory of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanJung Pil (J.P.) Choi
 

Recommended

Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basicsAnant Shrivastava
 
IoT mit Rust programmieren
IoT mit Rust programmierenIoT mit Rust programmieren
IoT mit Rust programmierenLars Gregori
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Knoldus Inc.
 
Computer consulting project cowens
Computer consulting project cowensComputer consulting project cowens
Computer consulting project cowenscodyowens
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemAnant Shrivastava
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanHistory of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanJung Pil (J.P.) Choi
 
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Techsylvania
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guyMohamed Aboul-Fotouh
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 DescriptionEvaKeeling
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiNaoto MATSUMOTO
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKNaoto MATSUMOTO
 
Snap Your App
Snap Your AppSnap Your App
Snap Your AppTed Gould
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Filippo Bigarella
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -Naoto MATSUMOTO
 
Wifislax
WifislaxWifislax
WifislaxGeri waxel
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTAmrisha Prashar
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterCheng-Yi Yu
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Cheng-Yi Yu
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationkyaw thiha
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyCan Your Security
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationAnant Shrivastava
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
MIPS-X
MIPS-XMIPS-X
MIPS-XZoltan Balazs
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
Embedded Systems
Embedded SystemsEmbedded Systems
Embedded SystemsOSU Open Source Lab
 
Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephAnthony Jose
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016Anthony Jose
 

More Related Content

What's hot

Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Techsylvania
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 DescriptionEvaKeeling
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiNaoto MATSUMOTO
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKNaoto MATSUMOTO
 
Snap Your App
Snap Your AppSnap Your App
Snap Your AppTed Gould
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Filippo Bigarella
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -Naoto MATSUMOTO
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTAmrisha Prashar
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterCheng-Yi Yu
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Cheng-Yi Yu
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationkyaw thiha
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyCan Your Security
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationAnant Shrivastava
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 

What's hot (20)

Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guy
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 Description
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFi
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
 
Snap Your App
Snap Your AppSnap Your App
Snap Your App
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -
 
Wifislax
WifislaxWifislax
Wifislax
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoT
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitation
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
 
MIPS-X
MIPS-XMIPS-X
MIPS-X
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basics
 
Embedded Systems
Embedded SystemsEmbedded Systems
Embedded Systems
 

Viewers also liked

Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephAnthony Jose
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016Anthony Jose
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015n|u - The Open Security Community
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoAkash Mahajan
 
Android reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeAndroid reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeMário Almeida
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For BeginnersRamnath Shenoy
 
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSSSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSAnant Shrivastava
 

Viewers also liked (19)

Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto Joseph
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
 
Grinder talk
Grinder talk Grinder talk
Grinder talk
 
Threat intelligence - nullmeetblr 21st June 2015
Threat intelligence - nullmeetblr 21st June 2015Threat intelligence - nullmeetblr 21st June 2015
Threat intelligence - nullmeetblr 21st June 2015
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
 
Csp july2015
Csp july2015Csp july2015
Csp july2015
 
Netcat - A Swiss Army Tool
Netcat - A Swiss Army ToolNetcat - A Swiss Army Tool
Netcat - A Swiss Army Tool
 
Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social Engineering
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demo
 
Null bufferoverflow
Null bufferoverflowNull bufferoverflow
Null bufferoverflow
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10
 
What is a VLAN and DMZ
What is a VLAN and DMZWhat is a VLAN and DMZ
What is a VLAN and DMZ
 
Android reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeAndroid reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skype
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For Beginners
 
Saml sso by Tamil on nullblrmeet 21st July 2015
Saml sso by Tamil on nullblrmeet 21st July 2015Saml sso by Tamil on nullblrmeet 21st July 2015
Saml sso by Tamil on nullblrmeet 21st July 2015
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSSSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
 

Similar to IOS Security Basics - NULL/ OWASP/G4H Meet

Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyClubHack
 
Hacking and securing ios applications
Hacking and securing ios applicationsHacking and securing ios applications
Hacking and securing ios applicationsSatish b
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3mPrem Kumar (OSCP)
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
IOS Encryption Systems
IOS Encryption SystemsIOS Encryption Systems
IOS Encryption SystemsPeter Teufl
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
iOS (Vulner)ability
iOS (Vulner)abilityiOS (Vulner)ability
iOS (Vulner)abilitySubho Halder
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerShakacon
 
BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)Reality Net System Solutions
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaYogesh Ojha
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad SecuritySimon Guest
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Subho Halder
 

Similar to IOS Security Basics - NULL/ OWASP/G4H Meet (20)

Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Hacking and securing ios applications
Hacking and securing ios applicationsHacking and securing ios applications
Hacking and securing ios applications
 
Hacking and Securing iOS Applications
Hacking and Securing iOS ApplicationsHacking and Securing iOS Applications
Hacking and Securing iOS Applications
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Security in iOS
Security in iOSSecurity in iOS
Security in iOS
 
IOS Encryption Systems
IOS Encryption SystemsIOS Encryption Systems
IOS Encryption Systems
 
osi semair.pptx
osi semair.pptxosi semair.pptx
osi semair.pptx
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
iOS (Vulner)ability
iOS (Vulner)abilityiOS (Vulner)ability
iOS (Vulner)ability
 
IOS security
IOS securityIOS security
IOS security
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
 
BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh Ojha
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad Security
 
iOS jailbreaking
iOS jailbreakingiOS jailbreaking
iOS jailbreaking
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
 
iOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdfiOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdf
 

Recently uploaded

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Recently uploaded (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

IOS Security Basics - NULL/ OWASP/G4H Meet

  • 2. @WHOAMI  ANTO JOSEPH  Security Engineer @ Citrix  Passionate about Mobile Security Research  Past : Developer / SysAdmin  Speaker / Trainer @ HITB AMS / NullCon / GroundZero / c0c0n etc  Contributes to OWASP Mobile Security Guide / Checklist
  • 3. SECURE BOOT  1. Read only boot rom  2. LLB  3. iBoot  1 . Recovery ( DFU)  2. Kernel  Load Drivers  Start Daemons
  • 4. APP SANDBOX  Mac based  Confined to App Directory  Some IOS versions how ever allowed access to arbitrary locations including /private/var/mobile/Media/Photos/
  • 5. FDE  First to Introduce it in the Market  Solves Data at Rest Problem  Device KEY + User Passcode = File Sys Key  File Sys Key used to Decrypt File Meta Data  File Meta Data has per file key
  • 6. KEYCHAIN  Can Store Secret Information here  Mediated through securityd daemon  Can Specify events when the keychain data should be avaliable  Jailbroken device = NO KEYCHAIN SECURITY  Use Keychain Dumper from Cydia
  • 7. JAILBREAKING  Required to run unsigned code in the device  Required for security testing  Required for Modifying the Device  Required for Awesomeness !!
  • 9. APPSEC ESSENTIALS ( FS )  Use iExplorer / iFunBox to Explore the App SandBox  Check Plist Files  Check Binary Cookies  Check Screenshots  Check Keyboard Cache ( Autocomplete data may go in here )  Check for Sqlites  Check for Sensitive Data Elsewhere
  • 10. APPSEC ESSENTIALS ( NETWORK)  Use a standard HTTP proxy to Intercept Traffic  Install Proxy Certificate on the device  Change proxy settings in WIFI settings  Install SSL TRUST KILLER for Certificate Pinning Bypass if needed  Use ipTables to intercept non-http traffic
  • 13.

Editor's Notes

  1. Boot rom has apples public key
  2. Library/Keyboard/en_GB-dynamic-texLdat