iOS Hacker's Handbook [Paperback]

Charlie Miller (Author), Dion Blazakis (Author), Dino DaiZovi (Author), Stefan Esser (Author), Vincenzo Iozzo (Author), Ralf-Philipp Weinmann (Author)

Book Description

Publication Date: May 8, 2012 | ISBN-10: 1118204123 | ISBN-13: 978-1118204122 | Edition: 1

Discover all the security risks and exploits that can threaten iOS-based mobile devices

iOS is Apple's mobile operating system for the iPhone and iPad. With the introduction of iOS5, many security issues have come to light. This book explains and discusses them all. The award-winning author team, experts in Mac and iOS security, examines the vulnerabilities and the internals of iOS to show how attacks can be mitigated. The book explains how the operating system works, its overall security architecture, and the security risks associated with it, as well as exploits, rootkits, and other payloads developed for it.

• Covers iOS security architecture, vulnerability hunting, exploit writing, and how iOS jailbreaks work
• Explores iOS enterprise and encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks
• Also examines kernel debugging and exploitation
• Companion website includes source code and tools to facilitate your efforts

iOS Hacker's Handbook arms you with the tools needed to identify, understand, and foil iOS attacks.

Editorial Reviews

From the Back Cover

They can crack the code. Here's how to stop them.

The world loves iOS. Users love the convenience. Black hats love the vulnerability. This book arms you with the knowledge and tools to protect your organization's iOS devices. If you're a developer, it will also help you create hack-resistant applications.

These highly qualified iOS experts review iOS security architecture, examine the internals, and reveal the vulnerabilities. They show you how iOS jailbreaks work and explore encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks. Here's a complete toolkit for defending your iOS devices.

• Examine the internals and identify the vulnerabilities of iOS

• Explore all the elements of encryption, vulnerability hunting, and exploit writing

• Review some common payloads and see what can and can't be done on iOS with ROP

• Learn more about kernel debugging and exploitation, with an overview of kernel structure and a look at auditing IOKit drivers

• Look at techniques for fuzzing PDF and PowerPoint® documents in MobileSafari

• Study different jailbreak types

Companion website

Source code and additional tools are available at www.wiley.com/go/ioshackershandbook

About the Author

Charlie Miller is Principal Research Consultant at Accuvant Labs and a four-time CanSecWest Pwn2Own winner.

Dionysus Blazakis is an expert on iOS and OS X sandbox security mechanisms.

Dino Dai Zovi is coauthor of The Mac Hacker's Handbook and a popular conference speaker.

Stefan Esser is a PHP security expert and leading researcher of iOS security topics.

Vincenzo Iozzo is an independent security researcher focused on Mac OS X and smartphones.

Ralf-Philipp Weinmann holds a PhD in cryptography and has an extensive security background.

Product Details

• Paperback: 408 pages
• Publisher: Wiley; 1 edition (May 8, 2012)
• Language: English
• ISBN-10: 1118204123
• ISBN-13: 978-1118204122
• Product Dimensions: 7.4 x 0.9 x 9.2 inches
• Shipping Weight: 1.3 pounds (View shipping rates and policies)
• Average Customer Review: 3.8 out of 5 stars  See all reviews (25 customer reviews)
• Amazon Best Sellers Rank: #75,984 in Books (See Top 100 in Books)
  • #49 in Books > Computers & Technology > Apple > Home Computing & How-to > OS X
  • #50 in Books > Computers & Technology > Internet & Web Culture > Hacking
  • #71 in Books > Computers & Technology > Business & Management > Privacy

Most Helpful Customer Reviews

8 of 10 people found the following review helpful

5.0 out of 5 stars Excellent Review of the Concepts needed to Understand Jailbreaking May 8, 2012

By JRud

Format:Paperback|Amazon Verified Purchase

I preordered this book so I have been reading it for about a week now. It is a wonderful book on security research for iOS devices. Don't expect to write a jailbreak for the newest devices after reading this book though, as that would require much experience in writing exploits, fuzzing, kernel debugging and ROP, which is completely understandable. It is foolish to believe that reading one book will allow you to write jailbreaks and find exploits with ease.

The book begins covering sandboxing, code signing and iOS enterprise applications, and their weaknesses. The chapter on fuzzing was very explanatory on the techniques used to do so. It covered fuzzing PDF and powerpoint documents in mobile safari, as well as SMS fuzzing. The next chapter talks about exploitation on iOS devices, focusing on heap exploits and in turn, memory allocation and deallocation.

The chapter on ROP explains what is capable and not capable with return oriented programming, and gives two great examples of such techniques. Following that is a chapter on kernel exploitation, describing how to reverse the IOKit kernel drivers and finding vulnerabilities, as well as how to exploit vulnerabilities once found. This chapter concludes with a demonstration on the heap fang shui technique used for heap buffer overflow exploits.

The jailbreaking chapter is not particularly long, but that is because the techniques used have been described in other parts of the book. This chapter examines the redsn0w jailbreak and describes each step performed by it, including the different kernel patches applied by the jailbreak.

The final chapter covers baseband hacking, which I have not read in detail yet.... It appears, at first glance, to cover general knowledge on cell networks leading into the RTOS used on the baseband chips, and ending with a description of the ultrasn0w unlock.

Overall, I would recommend anyone who is interested in the techniques and steps used to find vulnerabilities and exploit them, leading to the development of a jailbreak for an iOS device. Read more ›

14 of 19 people found the following review helpful

5.0 out of 5 stars A good overview and source of inspiration May 2, 2012

By Reilly

Format:Paperback|Amazon Verified Purchase

iOS Hacker's Handbook offers a good overview about the security mechanisms and possible strategies to overcome them.
The way current hacking techniques are being introduced, should enable less experienced programmers and enthusiast to get started and the more advanced reader will find a very well processed compendium (and more).

About the troll comments further down:
Some are obviously misinterpreting this book's intention. It's not about giving you a detailed tutorial on how to create a jailbreak, but to give a starting point, to introduce techniques needed and to motivate you to start learning and researching (btw. this belongs to security RESEARCH). Creating a jailbreak needs weeks and months of work, not to mention the vast experience and skills needed to pull of such a major task. One book can't accomplish that. So if you really want to become the next comex or pod2g: get off your backside, learn basics, read this book, read more materials, train your obtained skills and at the end of the road you might be able to develop your own exploits which will lead to a jailbreak.

7 of 9 people found the following review helpful

5.0 out of 5 stars Great introduction May 11, 2012

By RichL

Format:Paperback|Amazon Verified Purchase

You won't find a better introduction to iOS security than this book.
The authors manage to cover a variety of different subjects in enough detail to give you a good grounding in the iOS security model as well as the current state of vulnerability discovery on the platform.

3 of 4 people found the following review helpful

4.0 out of 5 stars A quality read May 22, 2012

By Chris

Format:Paperback

I'm someone who's always been intrigued by computing security. The 'hacker' has always interested me, and the amazing things a dedicated mind can do blows me away. I'm someone who appreciates the iOS devices, but also realizes their limitations.

This book is well written and its scope is surprising. Some of it went over my head, but most of it was very interesting (although I had to look up some terms and go over things a few times to understand)

I think this is a worthwhile read for anyone even remotely interested in iOS 'hacking'. Experts will pick up some things, and the less knowledgeable will find plenty to sink their teeth into.

Didn't give it a full 5/5 because some of it was just too advanced for me.

5 of 7 people found the following review helpful

5.0 out of 5 stars Bad reviews because of little knoweledge June 8, 2012

By wyndnra1n

Format:Paperback

Now Ive noticed that all the bad reviews are either trolls, or written by people hoping to learn how to make a jailbreak and think its easy as 1 2 3.
Well dont believe the bad reviews. This is a great book and goes over alot of key concepts about jailbreaking and adequately explains a wide variety of iOS security exploitation topics.
Worth the money if you are willing to learn and understand whats in the book (coding and terminology) or if you already understand the code but want to learn a bit more.
Great read :D

18 of 27 people found the following review helpful

5.0 out of 5 stars A great book and a necessity for any would be jailbreaker May 2, 2012

By Katie

Format:Paperback

Please ignore the other reviews as they have decided to troll a great book....... This is an astoundingly good book, it's well written and very informative, NO IT WILL NOT turn you into ion1c or pod2g or p0sixninja overnight, that's just unreasonable and jailbreaking requires a lot of time and effort..... This book will however give you all the skills you need to start looking for iOS exploits and jailbreaking for yourself(again do NOT expect this to be easy) So my advice to people who are looking to try their hand at jailbreaking or even just find out how it's done, GET THIS BOOK!!! You will be glad you did! :D

4 of 6 people found the following review helpful

5.0 out of 5 stars Excellent security overview of iOS May 16, 2012

By Prime

Format:Paperback|Amazon Verified Purchase

I pre-ordered this book months ago, and got exactly what I was looking for: an in depth look at iOS security. It doesn't just talk about the present, but also takes a look at how far iOS has came since version 1. You'll find little details throughout that give you insight to some of the events and vulnerabilities that the authors (and others) were involved in. Great buy, especially if you're looking to learn more about mobile security.