Product Details
iOS Hacker's Handbook
|
Product Description
Discover all the security risks and exploits that can threaten iOS-based mobile devicesiOS is Apple's mobile operating system for the iPhone and iPad. With the introduction of iOS5, many security issues have come to light. This book explains and discusses them all. The award-winning author team, experts in Mac and iOS security, examines the vulnerabilities and the internals of iOS to show how attacks can be mitigated. The book explains how the operating system works, its overall security architecture, and the security risks associated with it, as well as exploits, rootkits, and other payloads developed for it.
- Covers iOS security architecture, vulnerability hunting, exploit writing, and how iOS jailbreaks work
- Explores iOS enterprise and encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks
- Also examines kernel debugging and exploitation
- Companion website includes source code and tools to facilitate your efforts
Product Details
- Amazon Sales Rank: #221627 in Books
- Published on: 2012-05-08
- Original language: English
- Number of items: 1
- Dimensions: 9.09" h x 7.32" w x .91" l, 1.30 pounds
- Binding: Paperback
- 408 pages
Editorial Reviews
From the Back Cover
They can crack the code. Here's how to stop them.
The world loves iOS. Users love the convenience. Black hats love the vulnerability. This book arms you with the knowledge and tools to protect your organization's iOS devices. If you're a developer, it will also help you create hack-resistant applications.
These highly qualified iOS experts review iOS security architecture, examine the internals, and reveal the vulnerabilities. They show you how iOS jailbreaks work and explore encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks. Here's a complete toolkit for defending your iOS devices.
Source code and additional tools are available at www.wiley.com/go/ioshackershandbook
About the Author
Charlie Miller is Principal Research Consultant at Accuvant Labs and a four-time CanSecWest Pwn2Own winner.
Dionysus Blazakis is an expert on iOS and OS X sandbox security mechanisms.
Dino Dai Zovi is coauthor of The Mac Hacker's Handbook and a popular conference speaker.
Stefan Esser is a PHP security expert and leading researcher of iOS security topics.
Vincenzo Iozzo is an independent security researcher focused on Mac OS X and smartphones.
Ralf-Philipp Weinmann holds a PhD in cryptography and has an extensive security background.
They can crack the code. Here's how to stop them.
The world loves iOS. Users love the convenience. Black hats love the vulnerability. This book arms you with the knowledge and tools to protect your organization's iOS devices. If you're a developer, it will also help you create hack-resistant applications.
These highly qualified iOS experts review iOS security architecture, examine the internals, and reveal the vulnerabilities. They show you how iOS jailbreaks work and explore encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks. Here's a complete toolkit for defending your iOS devices.
- Examine the internals and identify the vulnerabilities of iOS
- Explore all the elements of encryption, vulnerability hunting, and exploit writing
- Review some common payloads and see what can and can't be done on iOS with ROP
- Learn more about kernel debugging and exploitation, with an overview of kernel structure and a look at auditing IOKit drivers
- Look at techniques for fuzzing PDF and PowerPoint® documents in MobileSafari
- Study different jailbreak types
Source code and additional tools are available at www.wiley.com/go/ioshackershandbook
About the Author
Charlie Miller is Principal Research Consultant at Accuvant Labs and a four-time CanSecWest Pwn2Own winner.
Dionysus Blazakis is an expert on iOS and OS X sandbox security mechanisms.
Dino Dai Zovi is coauthor of The Mac Hacker's Handbook and a popular conference speaker.
Stefan Esser is a PHP security expert and leading researcher of iOS security topics.
Vincenzo Iozzo is an independent security researcher focused on Mac OS X and smartphones.
Ralf-Philipp Weinmann holds a PhD in cryptography and has an extensive security background.
Customer Reviews
Most helpful customer reviews8 of 10 people found the following review helpful.
Excellent Review of the Concepts needed to Understand Jailbreaking
By JRud
I preordered this book so I have been reading it for about a week now. It is a wonderful book on security research for iOS devices. Don't expect to write a jailbreak for the newest devices after reading this book though, as that would require much experience in writing exploits, fuzzing, kernel debugging and ROP, which is completely understandable. It is foolish to believe that reading one book will allow you to write jailbreaks and find exploits with ease.
The book begins covering sandboxing, code signing and iOS enterprise applications, and their weaknesses. The chapter on fuzzing was very explanatory on the techniques used to do so. It covered fuzzing PDF and powerpoint documents in mobile safari, as well as SMS fuzzing. The next chapter talks about exploitation on iOS devices, focusing on heap exploits and in turn, memory allocation and deallocation.
The chapter on ROP explains what is capable and not capable with return oriented programming, and gives two great examples of such techniques. Following that is a
Posts
0 comments:
Post a Comment