278
Hacking Exposed: Mobile Security Secrets & Solutions
jailbreaking devices. See jailbreaking JavaScript Bridges exploits, 182–184 kernel-level exploits, 53, 63–65, 75 keychain, 16, 224–225 log files, 229 malware, 140–146 network-based attacks, 62–63, 67, 68–70 overview, 48 PDF bugs, 58, 63–64, 68 penetration testing, 264–266 Safari browser, 63, 65, 74 sandboxing, 51, 52, 63–64 WebView JavaScript Bridge exploit, 182–184 iOS application snapshots, 14 iOS apps. See also apps; specific apps debugging. See debugging development of. See app development reverse engineering, 204–207 secure coding guidelines, 205–207 UIWebView and, 227–229 iOS class dump, 206 iOS Developer Library, 232 iOS devices. See also iPhones iPad, 48, 49, 53 iPad mini, 48, 49, 53 iPod Touch, 48, 49, 53 iOS encryption, 259 iOS kernel, 146 iOS keyboard cache, 14 iOS security. See also security considerations, 222 file system protections, 225 fragmentation, 12–13 guidelines, 229–231 iOS apps, 205–207 overview, 48, 51–52 resources, 232 secure storage, 224–225 iOS UDH reply-to hack, 32 iOS-based devices. See iPhones IP multimedia subsystem (IMS), 43–46 IP networks, 44 iPad, 48, 49, 53 iPad mini, 48, 49, 53 IP-based voicemail, 30
IPC (inter-process communication), 103, 117, 175 IPC authentication, 175–177 iPhone apps. See iOS apps iPhones. See also iOS; mobile devices considerations, 48 data storage. See storage firmware “prep” software malware, 140 FOCUS 11 attacks, 68–70 hacking other iPhones, 62–77 history of, 49 iKee attacks, 65–68 jailbreaking. See jailbreaking know your iPhone, 49–50 market share, 145 overview, 49–50, 62–64 passcodes, 77 passwords, 11, 75, 76–77 physical access, 9–10, 76–77, 78 third-party apps and, 51 iPod Touch, 48, 49, 53 IPSec-protected endpoints, 43 IPSW (iOS firmware) files, 54, 56 IPv4, 43 IPv6, 43 ISDN (Integrated Services Digital Networks), 24 Isis Mobile Wallet, 16, 237, 238 IT department, 216
▼ J J2ME devices, 120 jailbreak detection-bypass attacks, 208–209 jailbreak software, 52–53 jailbreak tools, 208 jailbreaking, 52–62 Absinthe app, 53, 59 Apple TV, 57 apps and, 215 boot-based, 53, 54–62 considerations, 34, 52–53, 67 Corona app, 53, 59 detecting, 207–209 DFU mode, 55–57