Skip to main content

MS 310 - Apple iOS Attack & Defend

This course covers everything from iPhone development and application security to hacking iOS and its applications. iOS Attack & Defend is a lab-intensive programming and reverse engineering course designed for students who need a working knowledge of iOS development and exploitation. In this course, we will demonstrate how iOS works internally and discover key locations where data is stored and how to extract it. Students will also use tools to discover security vulnerabilities, decompile and reverse engineer iOS binaries, harvest geo-location data, jailbreak iOS devices, and perform remote data mining. The course will teach students to deploy, execute, and test their own programs using an iOS debugger in both an emulation environment and on an iOS device. In the capstone exercise, students will use the tools, skills, and methodologies they have learned to develop an iOS Trojan horse application that provides remote control and information extraction

capabilities.


Request Course Details


Attending students will learn

  • iPhone architecture and design
  • ARM Assembly Code and programming applications
  • Reverse engineering applications and de-compiling applications
  • Extracting information remotely
  • Geo-location and Jailbreaking

Who should attend

  • Programmers who want an introduction to mobile application development
  • Reverse Engineers who need a thorough understanding of ARM Assembly language
  • Red Team members who need training in Hacking iPhone devices
  • Security professionals that want a solid defense strategy for their mobile devices

Prerequisites

  • Experience with Apple products such as MacBooks and iPhones are recommended
  • Programming experience in C, Python, Perl or Java are recommended

Course Outline

Day 1

  • iPhone Introduction
  • History
  • iPhone Versions
  • Inside the iPhone
  • Hardware
  • Memory Storage Unit
  • Operating System
  • The iPhone SDK
  • Coding iPhone Applications Crash Course
  • Cocoa
  • Objective C

Day 2

  • Why RE?
  • ARM Assembly
  • Header
  • Load Commands
  • Segments and Sections
  • The Process of Loading

Day 3

  • The Process of Binary RE
  • Encryption and Digital Signing
  • Bypassing Encryption of AppStore Binaries.
  • iPhone Binary Internals
  • Disassembling a Binary

Day 4

  • Learning the Language of iPhone Hacking
  • Discovering iPhone's Hackability
  • Jailbreaking the iPhone
  • Installing Third-Party Apps
  • Manipulating iPhones FileSystem
  • Backing up iPhones Files
  • Extracting Text Messages
  • Extracting Address Books
  • Extracting Voicemails
  • Extracting Browsing History
  • Tracking an iPhone (Geo-Location)
  • Connecting to an iPhone via the Internet
  • Tethering the iPhone
  • Wi-Fi Hacks

Day 5 – Student Practical Demonstration

Using the tools, skills, and methodologies taught in Days 1 through 4 of the class, students will have to develop an iPhone Trojan Horse application. The malware application written will provide a variety of remote control as well as information extraction capabilities.

Courses That Follow This Course

Request More Info About This Course

contact Focal Point

tweets by @FocalPointDR

Loading Tweets...
VIEW MORE TWEETS >