[内容简介]
如果你是一位具有坚实Objective-C基础的应用开发者,这本《iOS应用安全攻防(影印版)》绝对急你所需——你所在公司的iOS应用被攻击的可能性很大。这是因为恶意攻击者现在使用一系列工具采用大多数程序员想象不到的方式进行反向工程、跟踪和操纵应用。这本书讲解了几种iOS的攻击手段,以及黑客们常用的工具和技术。你会从中学到保护你的应用的最佳方式,并且意识到像你的对手那样去理解和制定策略是多么重要。本书由扎德尔斯基(Zdziarski,J.)著。
[目录]
Preface
1. Everything You Know Is Wrong
The Myth of a Monoculture
The iOS Security Model
Components of the iOS Security Model
Storing the Key with the Lock
Passcodes Equate to Weak Security
Foreic Data Trumps Encryption
External Data Is at Risk, Too
Hijacking Traffic
Data Can Be Stolen...Quickly
Trust No One, Not Even Your Application
Physical Access Is Optional
Summary
Part Ⅰ. Hacking
2. The Basics of Compromising iOS
Why It's Important to Learn How to Break Into a Device
Jailbreaking Explained
Developer Tools
End User Jailbreaks
Jailbreaking an iPhone
DFU Mode
Tethered Veus Untethered
Compromising Devices and Injecting Code
Building Custom Code
Analyzing Your Binary
Testing Your Binary
Daemon!zing Code
Deploying Malicious Code with a Tar Archive
Deploying Malicious Code with a RAM Disk
Exercises
Summary
3. Stealing the Filesystem
4. Foreic Trace and Data Leakage
5. Defeating Encryption
6. Unobliterating Files
7. Manipulating the Runtime
8. Abusingthe Runtime Library
9. Hijacking Traffic
Part Ⅱ. Securing
10. Implementing Encryption
11. Counter Foreics
12. Securing the Runtime
13. Jailbreak Detection
14. Next Steps