精彩书摘:
DFU mode is a low-level diagnostic mode, commonly referred to as Device Failsafe Utility or Device Firmware Upgrade. Due to a number of vulnerabilities in the boot ROM of many devices, exploits can be deployed through this low level mode to bypass the security checks that are normally in place on the device, allowing non-Apple codeto be booted from memory. The most notable of these exploits is named limeraln (I warned you about references to precipitation), and was contributed by popular hackerGeorge Hotz (GeoHot).
Booting code from memory is akin to booting off of a USB keychain or from a CD; only the disk here is a RAM disk, loaded into the device's memory, instead of a physical disk or key fob.To place a device into DFU mode, a special key sequence is used. The key sequencebegins from the point where the device is powered down. Immediately after the deviceis powered off, both the power and home buctons must be held in together for ap-proximately 10 seconds. You then release the power button while continuing to holddown the home butron for another 10 seconds, When the device successfully entersDFU mode, the screen will remain dark and the device will appear to be off, but willbe reachable across a USB connection.Common errors primarily involve counting time (i.e., the number of seconds for whicheach step of the sequence is performed), This can result in the device simply being "shutoff", rather than placed into DFU mode. Applications such as redsnOw, and eveniTunes, will auto-detect the device when it enters DFU mode, as it appears on the USBchain. To see this for yourself, launch the System PrOjciter application in the Utilitiesfolder, found inside your Mac desktop's Applications folder. Click on the USB tab. Ifthe device is connected, you should see USB DFU Device or Apple Moblle Device (DFUModel appear on the USB chain.
……
内容简介:
如果你是一位具有坚实Objective-C基础的应用开发者,这本《iOS应用安全攻防(影印版)》绝对急你所需——你所在公司的iOS应用被攻击的可能性很大。这是因为恶意攻击者现在使用一系列工具采用大多数程序员想象不到的方式进行反向工程、跟踪和操纵应用。
这本书讲解了几种iOS的攻击手段,以及黑客们常用的工具和技术。你会从中学到保护你的应用的最佳方式,并且意识到像你的对手那样去理解和制定策略是多么重要。
目录:
Preface
1.Everything You Know Is Wrong
The Myth of a Monoculture
The iOS Security Model
Components of the iOS Security Model
Storing the Key with the Lock
Passcodes Equate to Weak Security
Fotensic Data Trumps Encryption
External Dara Is at Risk, Too
Hij acking Traffic
Data Can Be Stolen...Quickly
Trust No One, Not Even Your Application
Physical Access Is Optional
Summary
PartⅠ. Hacking
2.The Basics of(omprornising iOS
Why It's Important to Learn How to Break Into a Device
Jailbreaking Explained
Developer Tools
End User Jailbreaks
Jailbreaking an iPhone
DFU Mode
Tethered Versus Untethered
Compromising Devices and Injecting Code
Building Custom Code
Analyzing Your Binary
TestingYourBinary
Daemonizing Codey
Deploying Malicious Code with a Tar Archive
Deploying Malicious Code with a RAM Disk
Exercises
Summary
3.StealingtheFilesystem
Full Disk Encryption
Solid State NAND
Disk Encryption
Where iOS Disk Encryption Has Failed You
Copying the Live Filesystem
The DataTheft Payload
Customizing launchd
Preparing the RAM disk
Imaging the Filesystem
Copying the Raw Filesystem
The RawTheft Payload
Customizing launchd
Preparing the RAM disk
Imaging the Filesystem
Exercises
The Role of Soaal Engineering
Disabled Device Decoy
Deacrivated Device Decoy
Malware Enabled Decoy
Password Engineering Application
Summary
4.ForensicTraceand Data Leakage
Extracring Image Geotags
Consolidated GPS Cache
SQLite Databases
Connecting to a Database
SQLite Built-in Commands
Issuing SQL Queries
Important Database Files
Address Book Contacts
Address Book Images
Google Maps Data
Calendar Events
Call History
Email Database
Notes
……
PartⅡ. Securing
好评度