I have been wanting to read this book for a long time, finally I managed to make time and I have to admit that it has exceeded my expectations. This magnificent work written by reputed experts in iOS, one of the top mobile platforms, on mobile security such as Charlie Miller, Dion Blazakis, Dino DaiZovi, Stefan Esser, Vincenzo Iozzo, Ralf-Philip Weinmann reveals the secrets of Apple mobile operating system.
iOS Hacker’s Handbook (ISBN: 978-1-118-20412-2) is a fascinating and very technical reading that takes us into the inner working and security of iOS to find vulnerabilities and develop exploits.
Its 11 chapters are full of source code (recommended to understand C and ASM) describing the security architecture of iOS such as encryption, sandboxing, different types of memory protections and code signing to find vulnerabilities through reverse engineering and fuzzing and develop exploits using modern techniques such as ROP.
Some of the crown jewels include the study of real vulnerabilities which have been used to win the mythical Pwn2Own contest, understanding and development of our own jailbreaks and debugging and exploitation of iOS kernel.
Taking into account that the rise of exploits sale and the price of iOS 0day for sure is a very serious and lucrative business, you must read this book (check the Forbes article on the subject)!
The work is focused on the iOS platform so no vulnerabilities and exploitation of Apps are covered, anyway for this topic there are plenty of references so we don’t miss it at all.
Without a doubt this book is a compulsory reading for any security expert who wants to delve into the bowels of iOS at the lowest level. I recommend reading the book few times to assimilate the concepts well and downloading the enclosed source code as it contains various interesting tools that we would need to exploit iOS.
I will take the opportunity of this post to mention that the company VULNEX is offering training on mobile hacking that I am sure may interest you 🙂
Score (1 rose, very bad / 5 roses, very good): 5 Roses (Recommended Reading)
— Simon Roses Femerling