iOS Runtime Breach Arts
Tuesday, January 22, 2013 from 8:00 AM to 4:00 PM (EST)
New York, NY
When forensically sound imaging techniques fail, it may be possible to breach some target applications from the operating system's runtime in an effort to recover evidence. In dealing with matters related to preservation of life or national security, breaching an application can sometimes yield useful data. This course teaches the art of breaching the runtime of iOS applications in order to attack the application itself. These techniques are similar to those used by malicious hackers to attack applications in order to break encryption, steal data, and harm users.
The techniques taught in this class are not forensically sound.
Come and learn the techniques Jonathan taught at Black Hat this year, and much more. In this class, you'll learn:
- How to manipulate the runtime of applications on a target device to assist in law enforcement investigations involving loss-of-life or national security, when all other forensic techniques fail.
- Work with classroom examples of malware to see how an attacker can transparently infect and steal application data, surveil user activity, and access encrypted documents in the background of a device while being used by an unsuspecting user.
- Identify common vulnerabilities in real-world applications and how attackers can take advantage of these through a number of attack techniques to break through security, hijack sessions, and steal user data.
- Manipulate the runtime environment of running applications to access data, bypass program logic and override many security mechanisms.
- Techniques attackers use to infect applications with malware through code injection.
- Discover how attackers defeat iOS keychain, file system, and data-protection encryption to steal encryption keys, passwords, and infect a device without necessarily breaking the passphrase
- Attack processes to inject code and manipulate the runtime environment of Objective-C application, in many cases without detection
- Redirect networking traffic and intercept SSL encrypted traffic
Join us as Jonathan Zdziarski, author, forensic scientist, and iOS security expert, leads your organization's red teams, penetration testers, and top-level forensic investigators through the dark world of attacking iOS applications. Learn hands-on how attackers can infect and manipulate your code to bypass program logic, eavesdrop on communications, bypass many forms of security, and steal data from your users.
This is a very hands-on, highly technical course that is ONLY recommended for those with knowledge of the Objective-C programming language, and are familiar with the architecture of iOS applications. Knowledge of C and Unix is strongly recommended.
This is a Mac-only course. Be sure to bring an Intel-based Mac notebook and a jailbroken iPhone or iPad to simulate the work environment of an attacker, if you would like to learn hands-on.
- Mac OS X Lion or Mountain Lion, on an Intel-Based Mac
- A full development environment including Xcode, gcc, gdb, etcetera
- A jailbroken iPhone or iPad (ideally running firmware 5.X, to keep everyone on the same page) to demonstrate a number of different types of attacks. (Jailbroken access to the device will be used to simulate the tools an attacker would use to attack your applications)
Don't miss the opportunity to have your personnel trained by the leading expert in iPhone forensic examination. Contact us for pricing and booking information today, as dates are limited.
When & Where
Jonathan Zdziarski is considered, worldwide, to be among the foremost experts in iOS related digital forensics and security. As an iOS security expert in the field (sometimes known as the hacker "NerveGas"), Jonathan's research into the iPhone has pioneered many modern forensic methodologies used today, and has been validated by the United States' National Institute of Justice. Jonathan has extensive experience as a forensic scientist and security researcher specializing in reverse engineering, research and development, and penetration testing, and has performed a number of red-team penetration tests for financial and government sector clients. Jonathan frequently consults with law enforcement agencies on high profile cases and assists federal, state and local agencies in their forensic investigations, and has trained many federal, state and local agencies internationally. Also an author for O'Reilly Media, Jonathan has written several books related to the iPhone including iPhone Forensics, iPhone SDK Application Development, iPhone Open Application Development, and his latest book, Hacking and Securing iOS Applications.