iOS Runtime Hacking Crash Course

BSidesLV 2018

Presented by: Michael Gianarakis
Date: Wednesday August 08, 2018
Time: 11:00 - 11:55
Location: Breaking Ground

Over the past few years there have been a number of significant changes and trends in the iOS ecosystem that have complicated reverse engineering and exploiting iOS applications for penetration testing purposes. The introduction of Swift, the move to 64bit only and the rise of cross platform frameworks such as Xamarin, Cordova and React Native have affected the techniques and tools traditionally used for these tasks. This talk will provide a crash course in exploiting iOS applications through the manipulation of the application runtime. The aim is to provide practical examples of how to observe and manipulate the inner workings of applications on iOS to defeat security protections including jailbreak prevention, anti-debugging and certificate pinning, obtain credentials and other sensitive information and subvert business logic.

Michael Gianarakis


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats