SlideShare a Scribd company logo

IOS Security Basics - NULL/ OWASP/G4H Meet

Download as PPTX, PDF
Anthony Jose
Anthony Jose

Basic IOS Security internals . 1 . Secure Boot 2 . Full Disk Encryption 3 . Application Sandbox 4 . Network Traffic

Technology
1 of 14
IOS SECURITY BASICS @antojosep007
@WHOAMI  ANTO JOSEPH  Security Engineer @ Citrix  Passionate about Mobile Security Research  Past : Developer / SysAdmin  Speaker / Trainer @ HITB AMS / NullCon / GroundZero / c0c0n etc  Contributes to OWASP Mobile Security Guide / Checklist
SECURE BOOT  1. Read only boot rom  2. LLB  3. iBoot  1 . Recovery ( DFU)  2. Kernel  Load Drivers  Start Daemons
APP SANDBOX  Mac based  Confined to App Directory  Some IOS versions how ever allowed access to arbitrary locations including /private/var/mobile/Media/Photos/
FDE  First to Introduce it in the Market  Solves Data at Rest Problem  Device KEY + User Passcode = File Sys Key  File Sys Key used to Decrypt File Meta Data  File Meta Data has per file key
KEYCHAIN  Can Store Secret Information here  Mediated through securityd daemon  Can Specify events when the keychain data should be avaliable  Jailbroken device = NO KEYCHAIN SECURITY  Use Keychain Dumper from Cydia
JAILBREAKING  Required to run unsigned code in the device  Required for security testing  Required for Modifying the Device  Required for Awesomeness !!
PANGU / EVASION
APPSEC ESSENTIALS ( FS )  Use iExplorer / iFunBox to Explore the App SandBox  Check Plist Files  Check Binary Cookies  Check Screenshots  Check Keyboard Cache ( Autocomplete data may go in here )  Check for Sqlites  Check for Sensitive Data Elsewhere
APPSEC ESSENTIALS ( NETWORK)  Use a standard HTTP proxy to Intercept Traffic  Install Proxy Certificate on the device  Change proxy settings in WIFI settings  Install SSL TRUST KILLER for Certificate Pinning Bypass if needed  Use ipTables to intercept non-http traffic
DEMO TIME
QUESTIONS ?
THANKS

Recommended

Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basicsAnant Shrivastava
 
IoT mit Rust programmieren
IoT mit Rust programmierenIoT mit Rust programmieren
IoT mit Rust programmierenLars Gregori
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Knoldus Inc.
 
Computer consulting project cowens
Computer consulting project cowensComputer consulting project cowens
Computer consulting project cowenscodyowens
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemAnant Shrivastava
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanHistory of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanJung Pil (J.P.) Choi
 

Recommended

Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basicsAnant Shrivastava
 
IoT mit Rust programmieren
IoT mit Rust programmierenIoT mit Rust programmieren
IoT mit Rust programmierenLars Gregori
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?Knoldus Inc.
 
Computer consulting project cowens
Computer consulting project cowensComputer consulting project cowens
Computer consulting project cowenscodyowens
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemAnant Shrivastava
 
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!
BKK16-406 Ubuntu Core - a snappy platform for Embedded, IoT and 96boards!Linaro
 
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanHistory of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanJung Pil (J.P.) Choi
 
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Techsylvania
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guyMohamed Aboul-Fotouh
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 DescriptionEvaKeeling
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiNaoto MATSUMOTO
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKNaoto MATSUMOTO
 
Snap Your App
Snap Your AppSnap Your App
Snap Your AppTed Gould
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Filippo Bigarella
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -Naoto MATSUMOTO
 
Wifislax
WifislaxWifislax
WifislaxGeri waxel
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTAmrisha Prashar
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterCheng-Yi Yu
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Cheng-Yi Yu
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationkyaw thiha
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyCan Your Security
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationAnant Shrivastava
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 
MIPS-X
MIPS-XMIPS-X
MIPS-XZoltan Balazs
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
Embedded Systems
Embedded SystemsEmbedded Systems
Embedded SystemsOSU Open Source Lab
 
Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephAnthony Jose
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016Anthony Jose
 

More Related Content

What's hot

Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Techsylvania
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 DescriptionEvaKeeling
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiNaoto MATSUMOTO
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKNaoto MATSUMOTO
 
Snap Your App
Snap Your AppSnap Your App
Snap Your AppTed Gould
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Filippo Bigarella
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -Naoto MATSUMOTO
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTAmrisha Prashar
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterCheng-Yi Yu
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Cheng-Yi Yu
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationkyaw thiha
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyCan Your Security
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-Naoto MATSUMOTO
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationAnant Shrivastava
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...Zoltan Balazs
 

What's hot (20)

Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
Mark Shuttleworth (Ubuntu) - Faster, Easier and More Secure: The Next Generat...
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guy
 
Cisco Project 2 Description
Cisco Project 2 DescriptionCisco Project 2 Description
Cisco Project 2 Description
 
How to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFiHow to Connect MQTT Broker on ESP8266 WiFi
How to Connect MQTT Broker on ESP8266 WiFi
 
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDKHow to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
How to Install nRF51 IPv6 over Bluetooth using MDK-ARM+IoT SDK
 
Snap Your App
Snap Your AppSnap Your App
Snap Your App
 
Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)Speck & Tech: Attacking iOS (A brief overview)
Speck & Tech: Attacking iOS (A brief overview)
 
install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -install mosquitto-auth-plug - cheat sheet -
install mosquitto-auth-plug - cheat sheet -
 
Wifislax
WifislaxWifislax
Wifislax
 
Introduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoTIntroduction to Ubuntu core, Ubuntu for IoT
Introduction to Ubuntu core, Ubuntu for IoT
 
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet SplitterNetwork Device Development - Part 5: Firewall 104 ~ Packet Splitter
Network Device Development - Part 5: Firewall 104 ~ Packet Splitter
 
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
Network Device Development - Part 4: Firewall 103 ~ Protocol Filter & Payload...
 
WIndows Kernel-Land exploitation
WIndows Kernel-Land exploitationWIndows Kernel-Land exploitation
WIndows Kernel-Land exploitation
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
 
GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-GCC ARM nRF51 IoT SDK -cheat sheet-
GCC ARM nRF51 IoT SDK -cheat sheet-
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
 
MIPS-X
MIPS-XMIPS-X
MIPS-X
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basics
 
Embedded Systems
Embedded SystemsEmbedded Systems
Embedded Systems
 

Viewers also liked

Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephAnthony Jose
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016Anthony Jose
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015n|u - The Open Security Community
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social EngineeringNutan Kumar Panda
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoAkash Mahajan
 
Android reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeAndroid reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeMário Almeida
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For BeginnersRamnath Shenoy
 
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSSSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSAnant Shrivastava
 

Viewers also liked (19)

Radare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto JosephRadare2 - An Introduction by Anto Joseph
Radare2 - An Introduction by Anto Joseph
 
DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016DIFFDroid_Anto_Joseph_HIP_2016
DIFFDroid_Anto_Joseph_HIP_2016
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
 
Grinder talk
Grinder talk Grinder talk
Grinder talk
 
Threat intelligence - nullmeetblr 21st June 2015
Threat intelligence - nullmeetblr 21st June 2015Threat intelligence - nullmeetblr 21st June 2015
Threat intelligence - nullmeetblr 21st June 2015
 
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
Panel discussion social engineering - manasdeep - nullmeetblr 21st June 2015
 
Csp july2015
Csp july2015Csp july2015
Csp july2015
 
Netcat - A Swiss Army Tool
Netcat - A Swiss Army ToolNetcat - A Swiss Army Tool
Netcat - A Swiss Army Tool
 
Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015Owasp m7-m8-shivang nullmeetblr 21june2015
Owasp m7-m8-shivang nullmeetblr 21june2015
 
Dark Arts Of Social Engineering
Dark Arts Of Social EngineeringDark Arts Of Social Engineering
Dark Arts Of Social Engineering
 
Venom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demoVenom vulnerability Overview and a basic demo
Venom vulnerability Overview and a basic demo
 
Null bufferoverflow
Null bufferoverflowNull bufferoverflow
Null bufferoverflow
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10
 
What is a VLAN and DMZ
What is a VLAN and DMZWhat is a VLAN and DMZ
What is a VLAN and DMZ
 
Android reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skypeAndroid reverse engineering - Analyzing skype
Android reverse engineering - Analyzing skype
 
Metasploit For Beginners
Metasploit For BeginnersMetasploit For Beginners
Metasploit For Beginners
 
Saml sso by Tamil on nullblrmeet 21st July 2015
Saml sso by Tamil on nullblrmeet 21st July 2015Saml sso by Tamil on nullblrmeet 21st July 2015
Saml sso by Tamil on nullblrmeet 21st July 2015
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
SSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOSSSL Pinning and Bypasses: Android and iOS
SSL Pinning and Bypasses: Android and iOS
 

Similar to IOS Security Basics - NULL/ OWASP/G4H Meet

Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyClubHack
 
Hacking and securing ios applications
Hacking and securing ios applicationsHacking and securing ios applications
Hacking and securing ios applicationsSatish b
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3mPrem Kumar (OSCP)
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
IOS Encryption Systems
IOS Encryption SystemsIOS Encryption Systems
IOS Encryption SystemsPeter Teufl
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
iOS (Vulner)ability
iOS (Vulner)abilityiOS (Vulner)ability
iOS (Vulner)abilitySubho Halder
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerShakacon
 
BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)Reality Net System Solutions
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaYogesh Ojha
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesTom Eston
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad SecuritySimon Guest
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Subho Halder
 

Similar to IOS Security Basics - NULL/ OWASP/G4H Meet (20)

Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Hacking and securing ios applications
Hacking and securing ios applicationsHacking and securing ios applications
Hacking and securing ios applications
 
Hacking and Securing iOS Applications
Hacking and Securing iOS ApplicationsHacking and Securing iOS Applications
Hacking and Securing iOS Applications
 
iOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3miOS-Application-Security-iAmPr3m
iOS-Application-Security-iAmPr3m
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Security in iOS
Security in iOSSecurity in iOS
Security in iOS
 
IOS Encryption Systems
IOS Encryption SystemsIOS Encryption Systems
IOS Encryption Systems
 
osi semair.pptx
osi semair.pptxosi semair.pptx
osi semair.pptx
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
iOS (Vulner)ability
iOS (Vulner)abilityiOS (Vulner)ability
iOS (Vulner)ability
 
IOS security
IOS securityIOS security
IOS security
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
 
BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)
 
Android security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh OjhaAndroid security and penetration testing | DIVA | Yogesh Ojha
Android security and penetration testing | DIVA | Yogesh Ojha
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
iPhone and iPad Security
iPhone and iPad SecurityiPhone and iPad Security
iPhone and iPad Security
 
iOS jailbreaking
iOS jailbreakingiOS jailbreaking
iOS jailbreaking
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
 
iOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdfiOS Application Security And Static Analysis.pdf
iOS Application Security And Static Analysis.pdf
 

Recently uploaded

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

IOS Security Basics - NULL/ OWASP/G4H Meet

  • 2. @WHOAMI  ANTO JOSEPH  Security Engineer @ Citrix  Passionate about Mobile Security Research  Past : Developer / SysAdmin  Speaker / Trainer @ HITB AMS / NullCon / GroundZero / c0c0n etc  Contributes to OWASP Mobile Security Guide / Checklist
  • 3. SECURE BOOT  1. Read only boot rom  2. LLB  3. iBoot  1 . Recovery ( DFU)  2. Kernel  Load Drivers  Start Daemons
  • 4. APP SANDBOX  Mac based  Confined to App Directory  Some IOS versions how ever allowed access to arbitrary locations including /private/var/mobile/Media/Photos/
  • 5. FDE  First to Introduce it in the Market  Solves Data at Rest Problem  Device KEY + User Passcode = File Sys Key  File Sys Key used to Decrypt File Meta Data  File Meta Data has per file key
  • 6. KEYCHAIN  Can Store Secret Information here  Mediated through securityd daemon  Can Specify events when the keychain data should be avaliable  Jailbroken device = NO KEYCHAIN SECURITY  Use Keychain Dumper from Cydia
  • 7. JAILBREAKING  Required to run unsigned code in the device  Required for security testing  Required for Modifying the Device  Required for Awesomeness !!
  • 9. APPSEC ESSENTIALS ( FS )  Use iExplorer / iFunBox to Explore the App SandBox  Check Plist Files  Check Binary Cookies  Check Screenshots  Check Keyboard Cache ( Autocomplete data may go in here )  Check for Sqlites  Check for Sensitive Data Elsewhere
  • 10. APPSEC ESSENTIALS ( NETWORK)  Use a standard HTTP proxy to Intercept Traffic  Install Proxy Certificate on the device  Change proxy settings in WIFI settings  Install SSL TRUST KILLER for Certificate Pinning Bypass if needed  Use ipTables to intercept non-http traffic
  • 13.

Editor's Notes

  1. Boot rom has apples public key
  2. Library/Keyboard/en_GB-dynamic-texLdat