Presentation is loading. Please wait.

Presentation is loading. Please wait.

Háló Zsolt @ Deloitte CRS Jailbreak & Behind.

Published byJoan Banks Modified over 6 years ago

Similar presentations

Presentation on theme: "Háló Zsolt @ Deloitte CRS Jailbreak & Behind."— Presentation transcript:

1 Háló Zsolt @ Deloitte CRS
Jailbreak & Behind

2 Why iOS is „secure” by design?
Filesystem SOFTWARE Kernel Secure Enclave Secure Element HARDWARE Crypto Engine Device Key Group Key Apple Root Cert

3 Secure Enclave Physically separate processor
Own independent boot sequence Hardware based true random number generator Crypto operations necessary for seamless en/decryption of data Has the device ID fused into manufacture time TNO (Trust No One paradigm)

4 Code Signing All apps must be signed by a signing cert that was issued by Apple Must be distributed via the Apple App Store (with some exception) Hash Private Key Signature Code to be signed Signing Certificate Signed code

5 Privilege Separation Process separation like in traditional UNIX file permission mechanism owner, user and group. Apps run as user “mobile” Critical stuff runs as “root” Limiting exploit damage

6 Sandboxing Further enforcing security than UNIX permissions
Cannot modify each other's data (permission required) Can only access files in other sandbox via API-s

7 Jailbreaking Actively circumventing code signature checks and other OS security controls Tethered Untethered Can use all API-s Removing sanboxing restrictions You get a cool computer with a nice UI

8 Why should I care? Not my device/data ^^
Credential reuse of your users! API keys Connection strings/credentials Full infrastructure reverse

9 Detection methods File presence (Cydia.app, /bin/bash…)
File permissions (/root has write access) Process forking (popen and fork returned pid) System Properties (symlinks from the small partation) dyld calls (dyld get image name, dyld image count) to check if certain dylibs are loaded Privileged action (System call or write outside of sandbox) SSH Loopback (if you can connect to :22)

10 Detection evasion Binary patching Dynamic hooking/instrumentation
Temporary disable jailbreak xCon open source project, automagically hides the jailbroken status, usually  (good to test against)

11 Frida Ole André Vadla Ravnås Classdump 

12 Frida frida-trace -i "open*" -i "close*" Safari
frida-trace -U -f com.app.to.test -I "libcommonCrypto*„

13

14

15

16 Suggestion Tie to the application
Use separate lib a dependency for your app Obfuscate C++/C code Make it independent

17 Thanks \O/

Download ppt "Háló Zsolt @ Deloitte CRS Jailbreak & Behind."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Vpn-info.com.

Vpn-info.com.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Dongyan Wang GlobalPlatform Technical Program Manager

Dongyan Wang GlobalPlatform Technical Program Manager
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Introduction to Kernel

Introduction to Kernel
G22.3250-001 Robert Grimm New York University Protection and the Control of Information Sharing in Multics.

G Robert Grimm New York University Protection and the Control of Information Sharing in Multics.
Case study 2 Android – Mobile OS.

Case study 2 Android – Mobile OS.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.

IOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
An Introduction to Device Drivers Sarah Diesburg COP 5641 / CIS 4930.

An Introduction to Device Drivers Sarah Diesburg COP 5641 / CIS 4930.
Presentation By Deepak Katta

Presentation By Deepak Katta
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영

Similar presentations

Ads by Google