Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent It 13618
-
ISBN978-1-4493-1874-1
-
Видавництво
-
Автор
-
Рік2012
-
МоваАнглійська
Все про “Hacking and Securing iOS Applications Stealing Data, Hijacking Software, and How to Prevent It”
Від видавця
Зміст
Chapter 1 : Everything You Know Is Wrong
The Myth of a Monoculture
The iOS Security Model
Storing the Key with the Lock
Passcodes Equate to Weak Security
Forensic Data Trumps Encryption
External Data Is at Risk, Too
Hijacking Traffic
Trust No One, Not Even Your Application
Physical Access Is Optional
Summary
Hacking
Chapter 2 : The Basics of Compromising iOS
Why it's Important to Learn How to Break Into a Device
Jailbreaking Explained
End User Jailbreaks
Compromising Devices and Injecting Code
Exercises
Summary
Chapter 3 : Stealing the Filesystem
Full Disk Encryption
Copying the Live Filesystem
Copying the Raw Filesystem
Exercises
The Role of Social Engineering
Summary
Chapter 4 : Forensic Trace and Data Leakage
Extracting Image Geotags
SQLite Databases
Reverse Engineering Remnant Database Fields
SMS Drafts
Property Lists
Other Important Files
Summary
Chapter 5 : Defeating Encryption
Sogeti's Data Protection Tools
Extracting Encryption Keys
Decrypting the Keychain
Decrypting Raw Disk
Decrypting iTunes Backups
Defeating Encryption Through Spyware
Exercises
Summary
Chapter 6 : Unobliterating Files
Scraping the HFS Journal
Carving Empty Space
Commonly Відновлені Data
Summary
Chapter 7 : Manipulating the Runtime
Analyzing Binaries
Encrypted Binaries
Abusing the with Runtime Cycript
Exercises
Summary
Chapter 8 : Abusing the Runtime Library
Breaking Objective-C Down
Disassembling and Debugging
Malicious Code Injection
Injection Using Dynamic Linker Attack
Summary
Chapter 9 : Hijacking Traffic
APN Hijacking
Simple Proxy Setup
Attacking SSL
Attacking Application Level SSL Validation
Hijacking Foundation HTTP Classes
Analyzing Data
Driftnet
Exercises
Summary
Securing
Chapter 10 : Implementing Encryption
Password Strength
Introduction to Common Crypto
Master Key Encryption
Geo-Encryption
Split Server-Side Keys
Securing Memory
Public Key Cryptography
Exercises
Chapter 11 : Counter Forensics
Secure File Wiping
Wiping SQLite Records
Keyboard Cache
Randomizing PIN Digits
Application Screenshots
Chapter 12 : Securing the Runtime
Tamper Response
Process Trace Checking
Blocking Debuggers
Runtime Class Integrity Checks
Inline Functions
Complicating Disassembly
Exercises
Chapter 13 : Jailbreak Detection
Sandbox Integrity Check
Filesystem Tests
Page Execution Check
Chapter 14 : Next Steps
Thinking Like an Attacker
Other Reverse Engineering Tools
Security Versus Code Management
A Flexible Approach to Security
Other Great Books
Анотація
Всі характеристики
- Видавництво
- Автор
- Категорія
- Рік2012
- Сторінок358
- Формат145х215 мм
- ОбкладинкаТверда
- МоваАнглійська
- Термін поставки7-10 дней
Товар входить до категорії
-
Самовивіз з відділень поштових операторів від
45 ₴ -80 ₴ -
Доставка поштовими сервісами - тарифи перевізника
Рецензії